McAfee SAV85E - Active VirusScan - PC Manual de usuario descargar pdf (Pagina 13)

White Paper Access Protection in McAfee VirusScan Enterprise and

Host Intrusion Prevention

“Protect Mozilla FireFox ﬁles and settings”

Intention: A common tactic of malware is to change the browser’s start page, and install favorites.

This rule is designed to prevent modiﬁcation of Mozilla FireFox conﬁgurations and ﬁles by any process

not listed in the rule’s exclusion list. The rule protects against certain start-page Trojans, adware, and

spyware which modify browser settings. There aren’t any drawbacks to enabling this rule, as it simply

blocks processes from making changes to favorites and settings in Mozilla Firefox browsers.

ID and name in Host IPS:

3901, Access Protection—Protect Mozilla FireFox ﬁles and settings.

“Protect Internet Explorer settings”

Intention: Similar to the previous rule, this is designed to prevent modiﬁcation of Microsoft Internet

Explorer settings by any process not listed in the rule’s exclusion list. A common tactic of malware is

to change the browser’s start page. This rule protects against certain start-page Trojans, adware, and

spyware, which modify browser settings. There really aren’t any drawbacks to enabling this rule, as it

simply blocks processes from making changes to settings in Microsoft Internet Explorer.

ID and name in Host IPS:

3902, Access Protection—Protect Internet Explorer settings.

“Prevent installation of Browser Helper Objects and shell extensions”

Intention: This rule prevents adware, spyware, and some Trojans that install as Browser Helper Objects

from installing on to the host computer. This is an extremely popular method for adware and spyware

installations. However, this rule could stop the legitimate installation of these objects.

Risks: If you have custom or third-party applications that need to install these objects, make sure that

you’ve listed them in this rule’s exclusion list. After installation, the rule can be re-enabled since this rule

does not prevent installed Browser Helper Objects from working.

This rule, along with the rules above for Internet Explorer and FireFox, are more general purpose than

some listed in the anti-virus and anti-spyware sections. They protect things like home pages, search

pages, and toolbars in the Internet Explorer and Mozilla FireFox browsers, as well as preventing

installation of Browser Helper Objects and other shell extensions.

ID and name in Host IPS:

3903, Access Protection—Prevent installation of Browser Helper Objects and Shell Extensions.

“Protect network settings”

Intention: Modifying network settings is a common tactic used to redirect trafﬁc and transmit network

activity or data. This rule protects a system’s network settings from being modiﬁed by processes not

listed in the exclusion list. It is designed to protect against Layered Service Providers that transmit data

like your browsing behavior by capturing network trafﬁc and sending it to third-party sites. Programs

like Adware-CommonName and Adware-NDotNet fall into this Layered Service Provider category.

Risks: If you have legitimate processes that need to change the network settings, make sure that they

are listed in the rule’s exclusion list or disable the rule while changes are made.

Included processes: all

Excluded processes: Installers, Windows

ID and name in Host IPS:

3904, Access Protection—Protect network settings.

1 2 ... 8 9 10 11 12 13 14 15 16 17 18 ... 23 24

Comentarios a estos manuales

Sin comentarios

McAfee SAV85E - Active VirusScan - PC Manual de usuario Pagina 13

Comentarios a estos manuales

Relacionado con productos y manuales para Software McAfee SAV85E - Active VirusScan - PC