Video Screencast Help
Search Video Help Close Back
to help

block access to hosts file

Created: 19 Feb 2013 | Updated: 25 Feb 2013 | 6 comments
dimago's picture
dimago
0 0 Votes
Login to vote

Hello all,

 

I have activated the policy to deny access to write on hosts file using SEP, application and device control

 

Well, it is working create, and I try to edit, or replace the file, SEP deny my action..

 

But, when I replace the file using network share, like this:

 

\\pc_to_change\c$\windows\system32\drivers\etc

and modify the hosts file it works perfectly..

 

How can I fix it to deny this access???

Discussion Filed Under:
, , , ,

Comments 6 CommentsJump to latest comment

Mithun Sanghavi's picture
Mithun Sanghavi Symantec Employee Technical Support Accredited
block access to hosts file - Comment:20 Feb 2013 : Link

Hello,

Try UnLocking the ADC Policy.

Check this Article:

How do I Block hosts file modification using Symantec Endpoint Protection (SEP) Application and Device Control policy?

https://www-secure.symantec.com/connect/downloads/how-do-i-block-hosts-file-modification-using-symantec-endpoint-protection-sep-application-

Hope that helps!!

 

Mithun Sanghavi
Symantec Technical Support Engineer, SEP
MIM | MCSA | MCTS | STS | ITIL v3

Twitter: @mithun_sanghavi

Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.<&a

+1
Login to vote
Sumit G's picture
Sumit G Partner
block access to hosts file - Comment:25 Feb 2013 : Link

Check this thread

https://www-secure.symantec.com/connect/forums/hos...

 

Hardening Symantec Endpoint Protection (SEP) with an Application and Device Control Policy to increase security

Article:TECH132337  |  Created: 2010-01-08  |  Updated: 2012-03-13  |  Article URL http://www.symantec.com/docs/TECH132337
 

 

Regards

Sumit G.

0
Login to vote
Ashish-Sharma's picture
Ashish-Sharma Partner
block access to hosts file - Comment:25 Feb 2013 : Link

Hello

Check this thread

https://www-secure.symantec.com/connect/forums/hosts-file-modified

Thanks In Advance

Ashish Sharma

SEPM Knowledgebase Documents  

 

0
Login to vote
Ambesh_444's picture
Ambesh_444 Partner Accredited
block access to hosts file - Comment:25 Feb 2013 : Link

Hi,

Please check with these article's.

http://www.symantec.com/business/support/index?pag...

http://www.symantec.com/business/support/index?pag...

 

Thank& Regards,

Ambesh

Please mark your thread as 'SOLVED' with the answer that helps you.

0
Login to vote
dimago's picture
dimago
block access to hosts file - Comment:26 Feb 2013 : Link

Hello All..

 

Thanks for answers... but..:

 

 - I already have it working... when user try to edit locally hosts file, SEP block..

 

 - When the user try to edit, using share, \\pc\c$\windows.... SEP allows the change, so:

 

PC_1 and PC_2

 

User form PC_1 call PC_2 using share, like:

from PC_1:

\\PC_2\c$\windows\system32\drivers\etc\hosts and edit it, SEP allows...

I need that SEP block it too.

0
Login to vote
dimago's picture
dimago
block access to hosts file - Comment:27 Feb 2013 : Link

Hi..

 

Anyone????

0
Login to vote