Quantcast
Channel: Symantec Connect - Security
Viewing all 5755 articles
Browse latest View live

SEPM Upgrade stuck at stopping services

September 11, 2017, 11:45 pm
$
0
0
I do not need a solution (just sharing information)

SEPM Upgrading from 12.1.6 to 12.1. RU6 MP8 - after taking the Database backup and stopping the SEPM manager.

While on the upgrade process screen stuck at stopping services, and then after ''installer no longer responding'' - retry - still the same stopping service status.

What could be the trouble?

Cancel the setup or try the force restart (or then manual restart after the installer no longer responding screen)

Thanks,

0
Search

Forgot admin console password

September 12, 2017, 1:03 am
$
0
0
I need a solution

I forgot my admin console password.When i click on forgot your password? option for temporary password it is saying "password reset email was sent to the email address assoiciated with the account that you specified.".But i didn't get the mail.When i open the mail.config file by using notepad there is no content in that file(empty).I have added these lines and saved that file.Oncen again i click on the forgot your password? again it is showing same("password reset email was sent to the email address assoiciated with the account that you specified.").But i didn't get the mail.Once i click on the forgot your password? the file is showing empty(mail.confile file).

#Mon Aug 14 13:57:01 IST 2017
adminMailReciptants=xyz@abc.com
mailSender=admin@abc.com
mailSrvPort=25
mailPwd={DES}D9F3Y5c1DgQ\=
mailAdmin=
sslEnable=false
mailServer=deg

Please suggest

0

Mail security file types

September 12, 2017, 1:38 am
$
0
0
I need a solution

i want to block different file types other than the extensions mentioned in file type rules in symantec mail security for exchange .. how can i do that 

0

Working link for SEP release notes

September 12, 2017, 3:27 am
$
0
0
I need a solution

Is there a working link for all of the releases of SEP? The one I have no longer works.

Thanks,

Cara

0
1505212924

Problem sending email form our domain

September 12, 2017, 3:29 am
$
0
0
I do not need a solution (just sharing information)

We have a problem sending email from our domain bulteck.com 176.31.3.43 to ferrovial.com under messagelabs.

The server sent properly the messages to messagelab servers, but the final user doesn't receive the email.

I attach a small report for one message sent this morning.

0

ICAP and RPC in parallel usage

September 12, 2017, 5:45 am
$
0
0
I need a solution

Hi,

in Symantec Protection Engine is possibile to use both RPC (with NetApp) and ICAP (with EMC) in the same SPE Server ? 

Thanks  

0

Endpoint Status dispays incorrect Out-Of-Date Info

September 12, 2017, 6:22 am
$
0
0
I need a solution

Hi all,

When i login to my console (14.0 MP2), I can see a certain number showing in the out-of-date status. Yet when i click on Out-Of-Date the box displays more servers in the list than the number suggests.

Its not a major issue, its just confusing sometimes. When on the home tab i've click refresh, and selected the Out-Of-Date again and the amount of servers displayed still differ to the number that shows in the home status page.

Other statuses seem to be accurate.

This is running on Server 2008 R2

0

How to block external network access to my network

September 12, 2017, 7:09 am
$
0
0
I need a solution

Hello everyone,

I need to block the network from 10.70.0.0 to 10.70.255.255 from my network from 10.90.0.0 to 10.90.255.255 and do not know how to configure, could they help me?

0
Search

httpd.exe*32 RU6 MP8

September 12, 2017, 1:15 am
$
0
0
I need a solution

Hi dears,

last week we upgraded our Symantec management console from RU6 MP5 to MP8 and everything looked good since this morning we've got high CPU utilization on one of oue SEPM server. Actually we have two SEPM servers with one database and both of them are upgraded to MP8 and their AV agents as well.

Anyway after some research I change the communication settings of all the groups to Pull mode and now CPU utilization has been decreased from 100% to (20~60)% which still is not good as other SEPM server.

Thanks

BR

0

Cannot email MessageLabs protected domains

September 12, 2017, 4:55 am
$
0
0
I need a solution

Hi,

We have a problem that started 2 days ago unexpectedly. I began getting reports from staff that certain clients of ours weren’t receiving emails from us.
On inspecting our mail logs I could see that the common factor between these clients was that they all use MessageLabs.

I've checked the reputation tool and can see that we do not have a negative reputation so am I bit stumped what’s going on. We could email perfectly fine at the start of the week?

Are there any other places I can check to see if MessageLabs have us on some kind of block list please?

Thanks

James

0

SQL 2008 SP1 upgrade to SQL 2016

September 12, 2017, 8:28 am
$
0
0
I need a solution

Hello everybody,

Currently I am in the process of upgrading from SEPM 12.1.6 to SEPM14 MP2. During this upgrade process we need to upgrade our SEP database from SQL 2008 SP1 to SQL 2016 due to system requirments.

I was wondering what the best route would be to upgrade this database. Also, if anyone has performed this upgrade as the first time we attempted this upgrade we were able to connect to the database and then it stopped working about 15 minutes after the upgrade. So we are just looking for any suggestions or issues that might occur.

Thank you,

Jack McAloon

0

Audit Logging for Symantec ATP

September 12, 2017, 8:55 pm
$
0
0
I need a solution

Dear All, 

Would like to understand if it is possible to turn on audit logging for Symantec ATP ? 

Have went through the Installation Guide and also the Administration Guide, but are not able to find any information to turn on audit logging for the Symantec ATP. 

The requirement here is to have a means to collect logs on events like login events, power on/off event, system events, and etc. I believe this is a common security requirements especially for a security-centric appliance.

Understand that it is possible to connect to syslog server and start piping syslog, however it seems like the syslogs only contains ATP Events (e.g.: conviction events, alerts, etc).

So, is there any way to turn on audit logging for Symantec ATP ? 

Thank you. 

Regards,

W.L

0

ManagementCenter VPM

September 13, 2017, 12:20 am
$
0
0
I need a solution

I have some trouble with the MGMT-Center Management CenterVersion: 1.10.1.1 Build: 203511  and the included VPM-Editor.
Is it possible to configure the Mgmt-Center, that it will listen on HTTP?

My Problem is a Java Security Problem with the Mgmt-Center Certificate.
With Bypass the Mgmt-Center URL, Java will always inspect the certificate.

Regards

Thorsten
 

0

Update Error from SMG 10.6.2-7 to 10.6.3-2

September 13, 2017, 12:26 am
$
0
0
I need a solution

When I updated the SMG from 10.6.2-7 to 10.6.3-2, and got the attached print screen.  How could I solve the problem?

Thanks.

0

Question on quarantine and scanning sequence in SMG

September 13, 2017, 12:33 am
$
0
0
I need a solution

1. How could I check the size of quarantine folder?

2. What is the scanning sequence in SMG? e.g. Content filtering --> Malware --> Spam --> ...

Thanks.

0
Search

DLP Email Prevent

September 13, 2017, 12:35 am
$
0
0
I need a solution

Hi,

Is DLP 14.5 support the network prevent for email with the email system Microsoft Exchange 2007 and HMAIL ?

Thanks

0

SEP 14 - no /etc/liveupdate.conf - specify custom live update server

September 13, 2017, 3:46 am
$
0
0
I need a solution

With Linux and SEP 14, how do I specify a custom live update server on an unmanaged client?

i.e. With SEP 12 you could do /etc/liveupdate.conf
# LiveUpdate.conf

hosts/0/url=http://customsevercom:80/

Where can I specify this with SEP14 now JLU has been removed.

0

How to interpret virus alert?

September 13, 2017, 4:00 am
$
0
0
I need a solution

Hi all.  I often see these with customer systems, via SEP 12, 14, SEPC, and SEP SBE deployments.  I alwyas wonder - do they indicate that a system compromise occured and somebody dumped active malware onto the computer, having bypassed endpoing security, or, because of the fact that it is a script and is likely launched via visiting a website, it's just showing a file path that scripts normally end up in when they try to launch.  Sorry, early in the morning, may not be wording myself correctly.  Here's a path to a sample detection found this morning: 

\users\username\appdata\local\packages\microsoft.microsoftedge_8wekyb3d8bbwe\ac\#!001\microsoftedge\cache\efg5451j\script[2].jsoc (I put "jsoc at the end, replacing .js just in case this post gets filtered).
So is this a script a website tried to store or launch, or does it mean someone already bypassed security and placed a script in a local file path?  Thanks very much.  
 
0

Bluetooth vulnerability #BlueBorne

September 13, 2017, 5:55 am
$
0
0
I do not need a solution (just sharing information)

Hello,

It will be nice to know more about this vulnerability and if SEP provides protection in case of OS mobile and desktop.

Info in media:

https://www.armis.com/blueborne/

https://techcrunch.com/2017/09/12/new-bluetooth-vu...

https://www.youtube.com/watch?v=QrHbZPO9Rnc

From ARMIS website:

Windows

All Windows computers since Windows Vista are affected by the “Bluetooth Pineapple” vulnerability which allows an attacker to perform a Man-in-The-Middle attack (CVE-2017-8628).

Microsoft is issuing security patches to all supported Windows versions at 10 AM, Tuesday, September 12. We recommend that Windows users should check with the Microsoft release here for the latest information.

Linux

Linux is the underlying operating system for a wide range of devices. The most commercial, and consumer-oriented platform based on Linux is the Tizen OS.

  • All Linux devices running BlueZ are affected by the information leak vulnerability (CVE-2017-1000250).
  • All Linux devices from version 3.3-rc1 (released in October 2011) are affected by the remote code execution vulnerability (CVE-2017-1000251).

Examples of impacted devices:

Information on Linux updates will be provided as soon as they are live.

iOS

0

"501 Connection rejected by policy"

September 12, 2017, 10:27 pm
$
0
0
I need a solution

Hello!

We are a company offering various hosting services.

Recently, one customer have complained over Mail delivery failed: returning message to sender

Server ip  162.210.98.151 (deszr.com)

A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed:
 
SMTP error from remote mail server after initial connection:
501 Connection rejected by policy [7.7] 5608, please visit www.messagelabs.com/support< http://www.messagelabs.com/ support>
 

I would appreciate if anyone could help to this matter.

Thank you very much and good day.

0
Viewing all 5755 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>