Hi,

I just want to ask if we can disable Trace and Track method?

Thanks,

Kat

hello,

If i am not wrong do you want block tracert and track command.

If yes you can block particular port by SEP firewall

Hello,

There are only the pre-configured firewall rules from Symantec for medium security in SEP SBE 12.1 

- block Ipv6 over Ipv4 (Teredo)
- block Ipv6 over Ipv4 (ISATAP)
- allow fragmented packets
- allow wireless EAPOL
- allow local file sharing on local computers
- block local file sharing on external computers
- allow Bootp
- allow UPnP discovery from local computers
- block UpnP discovery from external computers
- allow web service-requests from local computers
- block web service-requests from external computers
- allow LLMNR from local Ipv4 traffic
- block LLMNR from external traffic
- allow web services detection from local computers
- block web services detection from external computers
- allow SSDP from local computers
- block SSDP from external computers
- allow ping, pong and tracert
- allow all applications
- allow VPN
- allow Veritas protocol
- medium security 1
- medium security 2
- block broadcast and multicast traffic without logging
- block and log all other IP traffic
- block and don't log all other traffic

So, you can go ahead and edit the Firewall Rules from the SEPM SBE 12.1 to block the " ping, pong and Tracert" or change the policy as per your requirements, check the screenshot of the same - 

Hope that helps!!

Hi,

It's not advisable especially when we do troubleshooting those are very helpful commands.

Yes You can disable those Follow this document 

Retina network security scan shows vulnerability on the server. Error:"Trace method must be disabled, port 8014"