CA HIPS [aka Tiny Firewall] users need to upgrade!

hi there,
fellow power users of CA HIPS. since you already know that the latest version of tiny firewall 5.6.126 was launched as CA HIPS 1.5.286
* folder Leaning_mode_tool which has a file Harness.1.5.286.exe

install this and you have the very updated version of Tiny Firewall and updates to IDS can be downloaded from http://cahipsdownload.ca.com/

this was a best we got a upto date version of tiny firewall and also updates - essential to keep IDS / IPS up to date

 

however now it seems that anything that has HIPSClient - this is an internal component of the CA HIPS - harness has a security hole as can be seen from here http://www.securityfocus.com/bid/46539
and confirmed from CA here
https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID={53A608DF-BFDB-4AB3-A98F-E4BB6BC7A2F4}

it would seem the correct way to close this hole it to upgrade to Harness.1.6.450.exe rather than 1.5.286

now we must begin hunt for this particular version of software.
i think it could be found in one of the following products that CA released
CA Total Defence Pro R12
CA Integrated Threat Management
CA Gateway Security.

 

since most of the systems that are protected by CA HIPS are still using the old version of Harness i found something that may be best.
CA HIPS Managed Client Install this has been patched to the latest version and this seems to be the latest incarnation of Tiny Firewall / CA HIPS Harness

can someone please confirm this ? the latest version of ca hips is critical fix 3

i could download CA_HIPS_r8.1_CF3_3.exe from ftp://ftp.ca.com/CAproducts/unicenter/CAHIPS/nt/0809/RO26950/RO26950.CAZ

.caz file like zip files which can be extracted by Cazipxp.exe - this file Cazipxp.exe can be download from CA site for free.

 

CA HIPS Managed Client Install
this is available in both 32 bit and 64 bit version !

however i have encountered an error as show in the following screen shots !



please help me resolve this error - so that we ( as a power users who loved tiny and CA HIPS harness ) can enjoy this software like that again.

 

Make a fake UmxCC.xml, the installation will go through without problem.

i.e.

<?xml version="1.0" encoding="UTF-8"?>
<parameters>

<!--Maintenance name="Sample 1 - Create log" option="every" time="Th#0:00-23:59|Fr#0:00-23:59" timeinterval="1440">
<Action type="setpolicy" path="sandbox" params="disable"/>
<Action type="runw" path="cmd /c mkdir &quot;%InstallDir%Maintenance&quot;"/>
<Action type="runw" path="cmd /c dir /-C /Q c:\ &gt; &quot;%InstallDir%Maintenance\dir.log&quot;"/>
<Action type="setpolicy" path="all" params="enable"/>
<Action type="eventlog" path="eventlog" params="error"/>
</Maintenance>

<Maintenance name="Sample 2 - Set policy On" option="once" assignment="?,?,Unknown,WinXP,Unknown,Unknown,Intranet">
<Action type="setpolicy" path="all" params="enable"/>
</Maintenance-->
</parameters>

 

An error with a CA product? You have got to be kidding me ...

BTW- the way CA treated paid TPF users when they took over the program was pretty brutal.

 

any new version of CA HIPS Harness? link?
my ver is still 1.5.256

 

Thank you for these posts Doris!!!

The old TPF with the old IDS file has too many exploitable holes in it to be useful anymore.

 

None of these posts lead to a straight forward upgrade/installation!