1 Reply Latest reply on Apr 16, 2012 2:19 PM by wwarren

    failing user defined access protection rule


      Hi I need to create a file execution blocking rule for P2P soft

      here is an example rule i mede for torrent clients with exception of 3 specific exceptions for "ctorrent.exe" "rtorrent.exe" "torrent.exe"
      But it doesn't work as expected it simply blocks everything with "torrent" in the executable filename, the provided exclusions as well


      What is wrong?





        • 1. Re: failing user defined access protection rule

          The graphic you posted doesn't seem to be displaying. Mind typing the rule definition out instead?


          As a tip, I suggest a rule that only blocks "READ" of the particular fileobject.

          This would prevent it from being launched, renamed, or deleted - but the evidence of the file existing on disk will be clearly present, plus you'd get alerts generated for each attempt of the determined user .