1 Reply Latest reply on Jan 22, 2017 5:29 AM by catdaddy

    HIP exception

    a2wa2

      Dear friends

       

      On My HIPS I have threat events that the signature is about TCP port scan and it is false positive. I want to fixed it by exception rule to not annoy it from blocking,

      policy catalog>host intrusion prevention 8:IPS> IPS Rules>exception rule, here I do not know the meaning of executable parameters, I have remote ip  ,remote port, local ip,local port and threat ID =3700 in my threat log .but in this path I have only remote ip in my parameters.

      Is this exception work correctly? or I should add more features? how does it know to not to block this remote ip from accessing to this local ip?

        • 1. Re: HIP exception
          catdaddy

          a2wa2,

                              I am marking this particular thread as 'Assumed Answered' and locking it. As it is basically a duplicate. Please refer to the following thread you posted HIP exception 

           

                               If you need it to be moved elsewhere, kindly apprise.

           

          Thank you,

          CD