Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

Disable Trace and Track Method?

Created: 04 Apr 2013 | 4 comments
kathleenjoieamulong's picture

Hi,

I just want to ask if we can disable Trace and Track method?

Thanks,

Kat

Operating Systems:

Comments 4 CommentsJump to latest comment

W007's picture

hello,

If i am not wrong do you want block tracert and track command.

If yes you can block particular port by SEP firewall

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

Mithun Sanghavi's picture

Hello,

There are only the pre-configured firewall rules from Symantec for medium security in SEP SBE 12.1 

- block Ipv6 over Ipv4 (Teredo)
- block Ipv6 over Ipv4 (ISATAP)
- allow fragmented packets
- allow wireless EAPOL
- allow local file sharing on local computers
- block local file sharing on external computers
- allow Bootp
- allow UPnP discovery from local computers
- block UpnP discovery from external computers
- allow web service-requests from local computers
- block web service-requests from external computers
- allow LLMNR from local Ipv4 traffic
- block LLMNR from external traffic
- allow web services detection from local computers
- block web services detection from external computers
- allow SSDP from local computers
- block SSDP from external computers
- allow ping, pong and tracert
- allow all applications
- allow VPN
- allow Veritas protocol
- medium security 1
- medium security 2
- block broadcast and multicast traffic without logging
- block and log all other IP traffic
- block and don't log all other traffic

So, you can go ahead and edit the Firewall Rules from the SEPM SBE 12.1 to block the " ping, pong and Tracert" or change the policy as per your requirements, check the screenshot of the same - 

block.JPG

Hope that helps!!

Mithun Sanghavi
Senior Consultant
MIM | MCSA | MCTS | STS | SSE | SSE+ | ITIL v3

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

Chetan Savade's picture

Hi,

It's not advisable especially when we do troubleshooting those are very helpful commands.

Chetan Savade
Sr.Technical Support Engineer, Endpoint Security
Enterprise Technical Support
CCNA | CCNP | MCSE | SCTS |

Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.<

Rafeeq's picture

Yes You can disable those Follow this document 

Retina network security scan shows vulnerability on the server. Error:"Trace method must be disabled, port 8014"