how to block access to hosts file
Created: 19 Feb 2013 | Updated: 25 Feb 2013 | 3 comments
Hello All,
I have created a policy on SEPM to block write, delete, replace on hosts file..
It is working perfectly. When I try to edit that file, I receive DENY from SEP Client.
My problem is when I edit, replace this file, using \\pc_to_change\c$\windows\system32\drivers\etc it is possible..
Well, How can I block it???
Thanks
Diego
Discussion Filed Under:
Comments 3 Comments • Jump to latest comment
Hello,
Try UnLocking the ADC Policy.
Check this Article:
How do I Block hosts file modification using Symantec Endpoint Protection (SEP) Application and Device Control policy?
https://www-secure.symantec.com/connect/downloads/how-do-i-block-hosts-file-modification-using-symantec-endpoint-protection-sep-application-
Hope that helps!!
Mithun Sanghavi
Symantec Technical Support Engineer, SEP
MIM | MCSA | MCTS | STS | ITIL v3
Twitter: @mithun_sanghavi
Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.<&a
Duplicate thread
https://www-secure.symantec.com/connect/forums/blo...
Check this thread
https://www-secure.symantec.com/connect/forums/hos...
Hardening Symantec Endpoint Protection (SEP) with an Application and Device Control Policy to increase security
Regards
Sumit G.
Hello
Check this thread
https://www-secure.symantec.com/connect/forums/hosts-file-modified
Thanks In Advance
Ashish Sharma
SEPM Knowledgebase Documents
Would you like to reply?
Login or Register to post your comment.