1. Manuals
  2. Brands
  3. McAfee Manuals
  4. Software
  5. HISCDE-AB-IA - Host Intrusion Prevention
  6. Product manual

Overview Of The Linux Client; Policy Enforcement With The Linux Client; Notes About The Linux Client - McAfee HISCDE-AB-IA - Host Intrusion Prevention Product Manual

Product guide for use with epolicy orchestrator 4.5
Hide thumbs
Table of Contents

Advertisement

Working with Host Intrusion Prevention Clients

Overview of the Linux client

Task
1
Run the command:
2
Enable IPS protection. Use one of these procedures, depending on which you used to stop
the client:
• Set IPS Options to On in the ePO console and apply the policy to the client.
• Logged in at root, run the command:
Overview of the Linux client
The Host Intrusion Prevention Linux client identifies and prevents potentially harmful attempts
to compromise a Linux server's files and applications. It protects the server's operating system
along with Apache web servers, with an emphasis on preventing buffer overflow attacks.

Policy enforcement with the Linux client

Not all policies that protect a Windows client are available for the Linux client. In brief, Host
Intrusion Prevention protects the host server from harmful attacks but does not offer network
intrusion protection, including buffer overflow. The policies that are valid are listed here.
Table 21: Linux client policies
Policy
Host Intrusion Prevention 8.0 IPS
IPS Options
IPS Protection
IPS Rules
Host Intrusion Prevention 8.0 General
Client UI
Trusted Networks
Trusted Applications
Host Intrusion Prevention 8.0 Firewall

Notes about the Linux client

• The Host IPS 8.0 Linux client is incompatible with SELinux in enforce mode. To disable the
enforce mode, run the command:
and restart the client system.
McAfee Host Intrusion Prevention 8.0 Product Guide for ePolicy Orchestrator 4.5
/sbin/rc2.d/S99hip restart.
hipts engines MISC:on
Available options
All
NOTE:
are not available.
None except administrative or time-based password to
allow use of the troubleshooting tool.
None
Only Mark as trusted for IPS and New Process Name to
add trusted applications.
None
system-config-securitylevel
Enable HIPS
Enable Adaptive Mode
Retain existing Client Rules
Exception Rules
Signatures (default and custom HIPS rules only)
NIPS signatures and Application Protection Rules
, change the setting to disabled,
97

Advertisement

Table of Contents
loading

Related Manuals for McAfee HISCDE-AB-IA - Host Intrusion Prevention

Related Content for McAfee HISCDE-AB-IA - Host Intrusion Prevention

This manual is also suitable for:

Host intrusion prevention 8.0

Table of Contents