McAfee HISCDE-AB-IA Product Guide - Page 147

Applying a patch to a computer protected by McAfee Host IPS, defConfig <password&gt - exercises

Page 147 highlights

Appendix B - Troubleshooting Clientcontrol.exe utility Exports configuration settings to a formatted text file. Configuration type definitions: • 0 = all • 1 = application protection • 2 = blocked hosts • 3 = firewall • 4 = host IPS custom signatures • 5 = IPS exceptions • 6 = settings • 7 = trusted applications • 8 = trusted networks • 9 = network IPS signatures • 10 = host IPS signatures • 11 = host IPS engines • 12 = logon sessions • 13 = DNS blocking rules • /defConfig Replaces the configuration settings with client default policies for application protection, firewall, and trusted applications settings. • /bootTimeRules Exports IPS startup rules to a formatted text file. NOTE: • There must be at least one space between the argument, the password, and any other required parameters. Sample workflows Applying a patch to a computer protected by McAfee Host IPS 1 Open a command shell. 2 Run clientcontrol.exe /stop 3 Perform your maintenance activity. 4 Run clientcontrol.exe /start ( to restart Host IPS services). Exporting the Host IPS Activity Log to a text file 1 Open a command shell. 2 Run clientcontrol.exe /export 3 Copy the exported log file to another computer for collection and analysis. Turn on logging as part of a troubleshooting exercise 1 Open a command shell. 2 Run clientcontrol.exe /log [log type] [log option, ...] 3 Perform activity to generate log entries. 4 Review HipShield.log or FireSvc.log for relevant information. McAfee Host Intrusion Prevention 8.0 Product Guide for ePolicy Orchestrator 4.5 147

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154

Exports configuration settings to a formatted text file.
Configuration type definitions:
0 = all
1 = application protection
2 = blocked hosts
3 = firewall
4 = host IPS custom signatures
5 = IPS exceptions
6 = settings
7 = trusted applications
8 = trusted networks
9 = network IPS signatures
10 = host IPS signatures
11 = host IPS engines
12 = logon sessions
13 = DNS blocking rules
/defConfig <password>
Replaces the configuration settings with client default policies for application protection,
firewall, and trusted applications settings.
/bootTimeRules <password> <path of export file>
Exports IPS startup rules to a formatted text file.
NOTE:
There must be at least one space between the argument, the password, and any other
required parameters.
Sample workflows
Applying a patch to a computer protected by McAfee Host IPS
1
Open a command shell.
2
Run
clientcontrol.exe /stop <password>
3
Perform your maintenance activity.
4
Run
clientcontrol.exe /start
( to restart Host IPS services).
Exporting the Host IPS Activity Log to a text file
1
Open a command shell.
2
Run
clientcontrol.exe /export <path of export file>
3
Copy the exported log file to another computer for collection and analysis.
Turn on logging as part of a troubleshooting exercise
1
Open a command shell.
2
Run
clientcontrol.exe /log <password> [log type] [log option, ...]
3
Perform activity to generate log entries.
4
Review HipShield.log or FireSvc.log for relevant information.
Appendix B — Troubleshooting
Clientcontrol.exe utility
147
McAfee Host Intrusion Prevention 8.0 Product Guide for ePolicy Orchestrator 4.5