McAfee HISCDE-AB-IA - Host Intrusion Prevention Product Manual page 147

Appendix B — Troubleshooting
Clientcontrol.exe utility
Exports configuration settings to a formatted text file.
Configuration type definitions:
• 0 = all
• 1 = application protection
• 2 = blocked hosts
• 3 = firewall
• 4 = host IPS custom signatures
• 5 = IPS exceptions
• 6 = settings
• 7 = trusted applications
• 8 = trusted networks
• 9 = network IPS signatures
• 10 = host IPS signatures
• 11 = host IPS engines
• 12 = logon sessions
• 13 = DNS blocking rules
• /defConfig <password>
Replaces the configuration settings with client default policies for application protection,
firewall, and trusted applications settings.
• /bootTimeRules <password> <path of export file>
Exports IPS startup rules to a formatted text file.
NOTE:
• There must be at least one space between the argument, the password, and any other
required parameters.
Sample workflows
Applying a patch to a computer protected by McAfee Host IPS
1 Open a command shell.
2 Run
clientcontrol.exe /stop <password>
3 Perform your maintenance activity.
4 Run
clientcontrol.exe /start
Exporting the Host IPS Activity Log to a text file
1 Open a command shell.
2 Run
clientcontrol.exe /export <path of export file>
3 Copy the exported log file to another computer for collection and analysis.
Turn on logging as part of a troubleshooting exercise
1 Open a command shell.
2 Run
clientcontrol.exe /log <password> [log type] [log option, ...]
3 Perform activity to generate log entries.
4 Review HipShield.log or FireSvc.log for relevant information.
McAfee Host Intrusion Prevention 8.0 Product Guide for ePolicy Orchestrator 4.5
( to restart Host IPS services).
147