q000047

Where is the configuration for the product stored?

This article applies to: BlackICE Defender.

SUMMARY

The program stores its configuration in a file called "blackice.ini". The product has a large number of possible configuration parameters for configuring how it runs and what intrusions it detects, though only a few are commonly used. Most of these parameters are not documented for support reasons (we can't test all of them for every release).

DETAILS

The parameters in "blackice.ini" affect both how the system runs (such as which adapters it opens), as well as how it detects intrusions.

Editing the file

The configuration settings are stored in a text file that can be edited using the "notepad" program. The file is in standard "name = value" format used by all .ini files.

Intrusion detection signatures

Virtually all the parameters that affect intrusion detection thresholds are documented. Furthermore, customers can add their own custom intrusion signatures. These are documented under each individual intrusion.

Operational settings

Similar to the Windows registry system, "blackice.ini" supports potentially hundreds of configuration parameters. As the product evolves, these parameters and their functionality will change. We would like customers not to edit these parameters manually.

However, in many cases changing a few parameters will really help the customer. Therefore, over time, we will document more and more of these parameters (and start to support them across revisions of the product).

The following knowledgebase articles describe some of the parameters:

• Disabling an internal adapter

blackd.log

Most parameters are "echoed" to the file "blackd.log" upon startup. This file lists 95% of all parameters, as well as their current (default) settings. A typical way of changing one of these parameters is to copy from blackd.log to blackice.ini.

 
Keywords: .ini, ini, blackice.ini, blackd.log, parameter, parameters 
Version:  1.8.5.5 
Fixed:     
Modified: 1999-10-04