Manualshelf

Product guide

ManualsBrandsMcAfee ManualsOtherVIRUSSCAN ENTERPRISE
31323334353637383940
2 Edit an existing policy or create a new policy:
Edit an existing policy
a From the Category list, select the policy category.
b From the Actions column, click Edit to open the policy configuration page.
Create a new policy
a Click New Policy to open New Policy dialog box.
b From the Create a new policy based on this existing policy list, select one of the
settings.
c Type a new policy name.
d Click OK. The new policy appears in the list of existing policies.
3 From the Settings for list, select Workstation or Server.
4 From the Buffer Overflow Protection Policies page, click the Buffer Overflow Protection
tab and configure the following:
1 Enable Buffer overflow settings and the protection mode used. Configure the
protection mode to either block the exploit or simply send a message and log the
event.
2 Enable the Client system warnings that are sent when a buffer overflow exploit
occurs.
3 Configure Buffer overflow exclusions for specific application programming interface
(API) values, plus the optional processes and module names to exclude.
5 Click the Reports tab, enable the scanning activity log files, where they are stored, their
size, and format.
NOTE: These log files are very helpful when you diagnose security threats and help
determine what actions to take against these threats.
VirusScan Console
Configure the Buffer Overflow Protection Policies with this user interface console.
Task
For option definitions, click ? in the interface.
1 From the Task list, right-click Buffer Overflow Protection, then click Properties to
open the dialog box.
2 From the Buffer Overflow Protection Properties page, click the Buffer Overflow Protection
tab and configure the following:
a Enable Buffer overflow settings and the protection mode used. Configure the
protection mode to either block the exploit or simply send a message and log the event.
b Enable the Client system warnings that are sent when a buffer overflow exploit
occurs.
c Configure Buffer overflow exclusions for specific application programming interface
(API) values, plus the optional processes and module names to exclude.
3 Click the Reports tab, enable the scanning activity log files, where they are stored, their
size, and format.
NOTE: These log files are very helpful when you diagnose security threats, and help
determine what actions to take against these threats.
Part I - Prevention: Avoiding Threats
Blocking buffer overflow exploits
37McAfee VirusScan Enterprise 8.8 Product Guide