McAfee M4050 Troubleshooting Guide - Page 18

McAfee® Network Security Platform 6.0 Hardening the Manager Server for Windows 2003 Rolling back your changes If you need to roll back your changes, use the following commands: To roll back changes made to the mysql.db table from the mysql.db_backup table: mysql> rename table db to db_1; mysql> rename table db_backup to db; mysql> flush privileges; To roll back changes made to the "mysql.user" table from mysql.user_backup table: mysql> rename table user to user_1 mysql> rename table user_backup to user; mysql> flush privileges; Remove debug shell at port 9001 In addition to denying traffic over port 9001 and 9002 (as per Install a desktop firewall) (on page 2), the debugging shell that runs on port 9001 can be disabled by modifying the value of the iv.policymgmt.RuleEngine.BSH_Diagnostics_Port record in the iv_emsproperties table. To disable the port, set the value in the field called "value" = -1 Other best practices for securing Manager  Use a clean, dedicated machine for the Manager server and perform a fresh install of the Manager software, including the installation of the embedded MySQL database. No other software should be available on the server, with the exception of a hostbased firewall as described in Install a desktop firewall. (on page 2)  Make sure the PC is in an isolated, physically secure environment  Disallow access to the directory clumsily and all its sub-directories to anyone other than authorized administrators. Use Microsoft Knowledge Base article # 324067 to accomplish this procedure. Disallow the following permissions:  Read  Write  Read and Write  Modify  List folder contents  Full control  Disable HTTP TRACE request. It can be disabled with the following mod_rewrite syntax in the Apache Server's httpd.conf file (available in the "/Apache/conf" directory). RewriteEngine On RewriteCond %{REQUEST_METHOD} ^TRACE RewriteRule .* - [F] 9