Skip navigation
McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams
239 Views 1 Reply Latest reply: Jan 15, 2014 6:09 AM by epository RSS
epository Apprentice 87 posts since
Jan 23, 2010
Currently Being Moderated

Jan 9, 2014 8:32 AM

Troubleshooting DLP with the Registry

Troubleshooting DLP can be a bit tricky on some boxes, so you can pick up some vital info out of the registry..

 

So the SD card works on my computer and the following values are present:

 

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\hdlpctrl\DeviceBlockingRules\{0 FD60794-747C-11E3-BC4C-763B84178E18}

 

REACTION      17 Monitor/NOTIFY?

 

RuleType     1

 

 

 

USB Also Works:

 

Its Serial Number is USB\VID_0930&PID_653D\0E907560F301F924

 

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\hdlpctrl\DeviceBlockingRules\{2 0AFAC1D-7483-11E3-BBDE-6D780407B70B}

 

REACTION           17          MONITOR/NOTIFY?

RuleType           1

 

AND

 

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\hdlpctrl\DeviceBlockingRules\{6 664B415-7219-11E3-A919-57764925015C}

 

REACTION 17          MONITOR/NOTIFY

RuleType 1

 

 

For BlueTooth...which should be blocked

 

REACTION 19          BLOCK/MONITOR/NOTIFY

RuleType 1

 

 

AND Wireless Cards

 

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\hdlpctrl\DeviceBlockingRules\{0 E4CB6A3-746D-11E3-83D8-2E49059D9621}

 

REACTION 1          - BLOCK?

RuleType 3          - so I think RuleType 3 is for Plug and Play Devices

 

 

Also, you should be able to get a list of USB Serial Number Exemptions out of here if you make exemptions that way....it takes a little decoding, but a bit quicker than running the DLPE Diagnostic tool.

 

Sometimes you just dont know if you are fighting a GPO, driver issue, bad media...etc

More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • Correct Answers - 5 points
  • Helpful Answers - 3 points