Does anyone create extra access protection rules for mcafee 8.0i besides its default?

here is mine. i have three more in the ruleset:
1. prevent the creation of exe files in c:\*.exe
2. prevent the creation of dll files in c:\*.dll
3. prevent the exectution of any pif files

any comments or recommandations?

thanks.

shek

Yes,PIF blocking is a very useful rule. You can also restrict SCR to execution only,but they cannot create other files.

Rejzor--
thank you very much.

i think the first two plus the other similar four in the default ( prevent creation of exe and dll files in windows and system32 folder) are also very useful, because it could prevent system infection from many trojans and worms.

I don't recommend blocking of DLL and EXE files in WINDOWS and SYSTEM32 folder. Many programs create them there upon perfectly legit installation.

{QUOTE-> I don't recommend blocking of DLL and EXE files in WINDOWS and SYSTEM32 folder. Many programs create them there upon perfectly legit installation. <-QUOTE}
Here are what i usually do. first, i always download applications from the sources i trust. if the applications i will install relate to system kernel, such as firewall, process guard and system patches, i will manually disable mcafee and install them. for other softwares, i will leave mcafee enable. most of the time when failure happens, there would be a warning, saying some dll or exe files fail to install and give user several options, such as retry and cancel. Then i will disable mcafee and let the install process goes on.

As you wish,but this could lead into problems. I recommend Remote file creation protection over yopur own rule to block all EXE/DLL creations.