Endpoint Protection

HI

Please check attached pop up.Internet is not working 10 min continious this pop up come anu solution for this kinf of error.

HI Anil,

Check same thread

OS Attack: MSRPC Server Service RPC CVE-2008-4250

https://www-secure.symantec.com/connect/forums/sid-23179-os-attack-msrpc-server-service-rpc-cve-2008-4250-attack-blocked-traffic-has-been-bl

http://www.symantec.com/security_response/attacksignatures/detail.jsp?asid=23179

Check this thread

http://www.symantec.com/connect/forums/msrpc-server-service-rpc-cve-2008-4250-detected

http://www.symantec.com/connect/forums/need-help-sid-23179-os-attack

Make sure you ensure that your system is fully patched as it is getting attacked.

This is a setting in the SEPM that you can configure You can leave it checked or uncheck it:

Thanks All for your Replies but the issue concluded that the SEP package was Corrupted when Reinstalled the new package resolved this issue after Full Scanning of the System.

Thanks & Regards

Anil

Intrusion Prevention Policy is blocking an specific ID and denying traffic from the specific IP address associated with it.

To create an exception for Intrusion Prevention Policy to allow a specific ID:

1. Open Symantec Endpoint Protection Manager console .
2. Select 'Policies' tab.
3. Under 'View Policies', select 'Intrusion Prevention'.
4. Select Intrusion Prevention policy, and under 'Tasks' select 'Edit the Policy'.
5. Select 'Exceptions' tab.
6. Click on 'Add...' button.
7. Search and select ID blocked.
8. Click on 'Next>>' button.
9. Change 'Action', from 'Block' to 'Allow'. Click on 'OK' button.
10. Check if the exception edited has been added to 'Intrusion Prevention Exceptions' list.
11. Click on 'OK' button for save changes in the Intrusion Prevention policy.