SCF Advanced Search


Members
  • Total Members: 13497
  • Latest: Jack K
Stats
  • Total Posts: 35658
  • Total Topics: 10900
  • Online Today: 2497
  • Online Ever: 51419
  • (01. January 2010., 10:27:49)











Author Topic: which value in tables/procedures of epo4 database can make hip7 client rules...  (Read 9316 times)

0 Members and 1 Guest are viewing this topic.

bong

  • SCF Newbie
  • *
  • Posts: 6
  • KARMA: 2
which value in tables/procedures of epo4 database can make hip7 firewall client rules editalbe in clinet side?


Hi,

I use epo4 and hip7
 
I am finding such a table/procedure in epo4 database, a value can make hip7 firewall client rules editable in hip7 client?(I mean if I modify this table/procedure, after enforce rules from epo4, firewall rules can be edited in hip7 client,not as the default way invisable) . anyone can tell me which value in which table/procedue?thanks.


jheysen

  • SCF Global Moderator
  • *****
  • Posts: 871
  • KARMA: 114
  • Gender: Male
you mean, direct SQL register editing, or by ePO console?

bong

  • SCF Newbie
  • *
  • Posts: 6
  • KARMA: 2
I mean direct SQL register editing, I think by ePO console cannot do this

jheysen

  • SCF Global Moderator
  • *****
  • Posts: 871
  • KARMA: 114
  • Gender: Male
well, really you CAN do it by ePO console, indeed I did it once, but I don't remember how x_x

Anyway, are you planning to upgrade your ePO server to 4.5 or 4.6? because EOL for 4.0 is scheduled this year.. :(
As for the ePO method, we can wait for moderator metalmunna who is an expert on the matter, in the meanwhile I'll recheck my ePO configs to see if I can remember how did I achieve that..

metalmunna

  • SCF Moderator
  • *****
  • Posts: 131
  • KARMA: 20
  • Gender: Male
    • my heart bleeds for none but my own!
which value in tables/procedures of epo4 database can make hip7 firewall client rules editalbe in clinet side?


Hi,

I use epo4 and hip7
 
I am finding such a table/procedure in epo4 database, a value can make hip7 firewall client rules editable in hip7 client?(I mean if I modify this table/procedure, after enforce rules from epo4, firewall rules can be edited in hip7 client,not as the default way invisable) . anyone can tell me which value in which table/procedue?thanks.



hi there, if you wanted to mean the client console for HIP7 will show and editable from the client side; then you can do it easily to make visible on client side;

On ePO 4.5;

Menu | Systems | System Tree ... now jump on the right side; under My Organization | Assigned Policies and then from drop down menu ... select "Host Intrusion Prevention; General ", now "Client UI (Windows)", inside this policy you can make visible the HIP console on client side ...

have a good day, that's it ...

MetalMunnA
http://www.halfrain.com
http://www.coreyz.com
I just sit and wonder, why!! Everything i touch it dies!!!

bong

  • SCF Newbie
  • *
  • Posts: 6
  • KARMA: 2
sorry, I do not mean to show the client console for HIP7. I know the way for this.

I mean now when I enfoce firewall rules from epo4, rules in hip7 client cannot edited/modified even if unlocked the user interface.
Actrually, all settings/configs are stored in tables/procedures of epo4 database, epo console is just a "exterior",what you see in epo console not the turth it works.
I think if I change x value in x table/proceduere, my purpose can be achived.

metalmunna

  • SCF Moderator
  • *****
  • Posts: 131
  • KARMA: 20
  • Gender: Male
    • my heart bleeds for none but my own!
sorry, I do not mean to show the client console for HIP7. I know the way for this.

I mean now when I enfoce firewall rules from epo4, rules in hip7 client cannot edited/modified even if unlocked the user interface.
Actrually, all settings/configs are stored in tables/procedures of epo4 database, epo console is just a "exterior",what you see in epo console not the turth it works.
I think if I change x value in x table/proceduere, my purpose can be achived.


the thing you want that's not possible if deployed by ePO and if HIP rules editable from the client console then there has no need to deploy through ePO and no need to centralize management. do you understand what i wanted to mean? by whole sense McAfee didn't keep that way for the client if deployed through ePO nor there has no security coz client can break the rules ...

if you need to edit the rules from client side then install the HIP directly on the client system, just not deploy through ePO.

MetalMunnA
http://www.halfrain.com
http://www.coreyz.com
I just sit and wonder, why!! Everything i touch it dies!!!

bong

  • SCF Newbie
  • *
  • Posts: 6
  • KARMA: 2
not powssible? maybe,or not....

I prefer modifing database to using epo console just because epo console didn't keep that way for the client and I don't want one of my pc to be centralize managed. But I need epo console to collect this client firewall rules for exporting,saving,modifing and then importing,enfocing to client for the use of next time. Why so complicated? because HIP client itself cannot save firewall rules to a file for backup whether it installed directly or not. modifing database just like a "hack" to reach the goal. for example:

In epo console,all "mcafee default" rules are not editalbe,deletable, but I had found a table in epo database, after changed some values in it can turn "mcafee deault" rules editable and deletable.

by the way, if you know how to save hip client firewall rules by other means, I do not need to do things above and kick epo away immediately.

metalmunna

  • SCF Moderator
  • *****
  • Posts: 131
  • KARMA: 20
  • Gender: Male
    • my heart bleeds for none but my own!
no, i'm sorry ... i have no idea. but you can exclude that client from the ePO and manually install the HIP on there .. that's the simple and easiest way ..

MetalMunnA
http://www.halfrain.com
http://www.coreyz.com
I just sit and wonder, why!! Everything i touch it dies!!!

malmoussy

  • SCF Newbie
  • *
  • Posts: 5
  • KARMA: -1
  • Gender: Male
what do you mean "get along a format war" how can you have a format war when someone produces a much higher quality format and everyone realizes it?

Samker's Computer Forum - SCforum.info

Sponsored Links:




 

With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Name: Email:
Verification:
Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters):www.scforum.info:

Enter your email address to receive daily email with 'SCforum.info - Samker's Computer Forum' newest content:

Terms of Use | Privacy Policy | Advertising