q000024

How do I disable probes from my local machine?

This article applies to: BlackICE Defender.

SUMMARY

In the current release, we have not fixed the problem of ignoring outgoing attacks. Therefore, we recommend a temporary fix until we solve the problem.

DETAILS

Customers are seeing their own machines falsely identified as the attacker. The outgoing attacks are usually probes for HTTP, POP, and IMAP. By downloading this quick fix, these attacks will be disabled.

We are currently working on a solution to this problem. Unfortunately, the change is complicated, so we will have to do a regression test cycle before releasing it.

The quick fix is to download the file "sigs.ini" and save it in your installation directory (default c:\Program Files\Network ICE\BlackICE) No need to restart the program or anything like that.

 
Keywords: false positives, HTTP port probe 
Version:  1.8.6 
Fixed:     
Modified: 1999-08-28