Table of Contents
Advertisement
Appendix A — Writing Custom Signatures and Exceptions
Windows custom signatures
Class Buffer Overflow
Directives
bo:
stack
heap
writeable_memory
invalid_call
target_bytes
call_not_found
call_return_unreadable
call_different_target
call_return_to_api
Class Files
Directives
32-bit processes on 32-bit
Windows OS (x32)
files:
XP
create
x
read
x
write
x
execute
x
delete
x
rename
x
attribute
x
writeop
x
hardlink
x
Class Hook
Directives
hook:
set_wi n dows_hook
124
McAfee Host Intrusion Prevention 8.0 Product Guide for ePolicy Orchestrator 4.5
32-bit processes on 32-bit
Windows OS (x32)
XP
2K3
V
2K8
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
2K3
V
2K8
7
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
32-bit processes on 32-bit
Windows OS (x32)
XP
2K3
V
2K8
7
x
x
x
x
x
32-bit processes on 64-bit
Windows OS (x64)
7
XP
2K3
V
2K8
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
32-bit processes on 64-bit
Windows OS (x64)
XP
2K3
V
2K8
7
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
32-bit processes on 64-bit
Windows OS (x64)
XP
2K3
V
2K8
7
x
x
x
x
x
64-bit processes on
64-bit Windows OS
(x64)
7
XP
2K3
V
2 K 8
7
x
x
x
x
x
x
x
x
x
64-bit processes on 64-bit
Windows OS (x64)
XP
2K3
V
2K8
7
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
64-bit processes on 64-bit
Windows OS (x64)
XP
2K3
V
2K8
7
x
x
x
x
x
Advertisement
Table of Contents
Troubleshooting
Related Manuals for McAfee HISCDE-AB-IA - Host Intrusion Prevention
Related Products for McAfee HISCDE-AB-IA - Host Intrusion Prevention
- McAfee Agent 4.0
- MCAFEE AGENT 4.0 PATCH 2 - FOR WINDOWS S 10-03-2009
- MCAFEE ANTI-THEFT FILE PROTECTION
- McAfee AVDCDE-AA-AA - Active Virus Defense Suite
- McAfee AVDCDE-BA-CA - Active Virus Defense Suite
- McAfee AVM85M - VirusScan For Mac
- McAfee Data Loss Prevention 9.2.1
- McAfee DFFCDE-AA-DA - Endpoint Encryption For Files