0 Replies Latest reply on Aug 6, 2013 2:13 PM by dmease729

    What protects the mfefire service?

    dmease729

      Hi,

      The below is a copy(ish) of https://community.mcafee.com/message/298495, relating to the mfevtp service (VSE), however the same issue is seen for mfefire, so I have copied across to this forum also:

       

      I have a group of techies I am working with who have a requirement to amend the system ACLs on services running on internal servers.  We are running VSE8.8 and HIPS8.0.  With VSE Access protection disabled and both HIPS and Firewall services disabled (although note that we get the same result with HIPS IPS enabled), we can successfully change the SACLs on the following services:

       

      mctaskmanager
      mcshield
      mcafeeframework
      enterceptagent

       

      we get access denied errors when attempting to change the SACLs for the following, however:

       

      mfevtp
      mfefire

       

      I note that in services.msc, when right clicking the mfefire service, the options to stop and start are greyed out, even with VSE access protection disabled.  Why would this be different to enterceptagent, and what is protecting the service?

      The above community post confirms that there is an additional protection mechanism for mfevtp - does the same hold for mfefire?

       

      cheers,