Security
Daniel_Allen
|
November 20th, 2009
I'm looking at a scan log for one of my computers. One column is for "Omitted". Are these files omitted because they've been scanned during the day by File-System Auto Protect? I ask because on this particular computer I've temporarily turned off Auto Protect to troubleshoot performance issues. With auto protect on the omitted files are over a thousand. With it off there are only a handful of files omitted but the total number of files scanned doesn't change that much.
0 comments
dreviewx
|
November 20th, 2009
Paid Survey Reviews
Getting paid surveys online is a good manner to earn special income from home. Still you need to be careful about which paid survey websites you join. That is why I certain to create this parameter. I preferred to make people understand where people could go set to find which paid survey sites were legit and which were not.
What Are Paid Surveys?
Paid surveys have lately got a very popular mode to take money online from your computer. They seem like they are too good to be true, but the facts are that they are not.
Paid surveys are the answer of big companies wanting to improve their
products and services. When a company wants to come with a new product they need to experience what their "target market" is seeking. A target market can be defined in laymen's terms as: the people most likely to purchase their product. The one things around paid surveys, in the companies perspective, is that they can select the type of person they want to hold...
0 comments
VBAL
|
November 20th, 2009
Is there any way to see the detailed URL accesed by any user ??
The drill down reports end with info like : google.com as the visited site.
Any configuration allow us to see the full URL ?? something like :
http://www.google.com/search?hl=en&source=hp&q=beretta+9mm&aq=3&oq=berett&aqi=g10
Thanks
0 comments
VBAL
|
November 20th, 2009
Are the blacklists defined for all computers and users ??
Is there any way to allow the downloading of file extensions blocked in the Blacklists entry list for any specific username, group or organizational unit ??
Thanks
0 comments
VBAL
|
November 20th, 2009
Using AD usernames and workgroups.... and creating different configuration policies for content filtering. Is there an evaluation order to allow or block access to categories if an user belong to multiple Organizational Units or workgroups and each group has a different policy ??
Example :
Policy # 1 - Apply to workgroup HR - All Content Filtering categories Allowed
Policy # 2 - Apply to workgroup Managers - All categories are blocked
What is the behavior for an user member of the HR and Managers groups ??
Is the evaluation order only for malware detection ??
Thanks
0 comments
VBAL
|
November 20th, 2009
Greetings,
Is the URL database stored in the SWG appliance or is remote ??
What is the frecuency of updates ?
What is the typical update size ?
Thanks
0 comments
DMPE
|
November 20th, 2009
Am unable to install Endpoint 11 MR5 on Windows 7 pc. Windows firewall turned off. Get Error Event ID 1033.
2 comments
HEMANPR
|
November 20th, 2009
Hello Guys
I have running Endpoint 11.0.5002.333 on my computers. Today before a new Live Update My machines with Windows XP crach and when Start Windows its continue a restart loop again and again.
I have any client reported on my EMC If I remove in savemode Symantec Endpoint on the affected computers, Windows Starts with any error but If I re-install the Symantec client 11.0.5002 the cumputers start with the same issue after restart.
HELP PLEASE How Can I fix this???
1 comments
BadAndy
|
November 20th, 2009
Why is my SEPM server not downloading the latest Proactive Threat Protection definitions and associated files? They have been stuck on 8/20/2008 for some time now and when LU runs on the SEPM console, it shows that they are up to date.
1 comments
Leo Nikora
|
November 20th, 2009
Endpoint Protection 11.0.5002.333 failed to even find (much less fix) the Sheur2 trojan.
AVG did find and fix it.
0 comments
MarkJF
|
November 20th, 2009
I am currently running SAV Corporate Edition and 10.1.8.8000 Symantec System Center. When I select Tools/ClientRemote Install and drill down until I get to my domain name under Select Computer, I am not seeing all of the prospective clients that I should be able to see in my Windows 2003 Active Directory domain. If I can't see them, I can't push SAV to them. I've looked at my DNS and the machines that I want to push to are correctly listed in DNS. Any suggestions at this point would be welcomed.
0 comments
Westveld
|
November 20th, 2009
Shows total scans, auto-protect scans and Spam scans number increasing, but Premium Anti-spam numbers are all 0.
Did all the steps in doc 2007020615531854 - it worked for 20 messages, then stopped filtering spam again.
No event log errors from Symantec.
Starting having the issue out of the blue on 6.0.4.something - upgraded to Version 6.0.9.286 in troubleshooting.
Ideas?
0 comments
Briandr73
|
November 20th, 2009
We have a mixed Novell E-Directory/Microsoft Active Directory environment. We have approx 3,500 computers receiving updates from 2 SEPM servers and 3 GUP's. Our Novell computers are in a single workgroup. The Microsoft computers are in a single domain. Our naming convention doesn't do a great job of differing AD computers from ED computers. If I click on a computer in SEPM I see the 'Domain or Workgroup' field under the 'General' tab. In the field I am seeing the 'Primary DNS Suffix of this Computer'. That can be found by right clicking on 'My Computer' and selecting 'Properties'. Then go to Computer Name->Change->More. This data is useless because it does not tell me if the computer is in my workgroup or domain. In the SEPM back end database there are fields for 'Workgroup' and 'Domain' and they have data in them. A Symantec engineer working on a case confirmed these fields to exist and have data in them. I am requesting both of these fields be added to the '...
1 comments
iug
|
November 20th, 2009
I have a Dell Optiplex 745 with Windows Vista Business, but yesterday I upgrade my SEP from MR4 MP2 to MR5 (11.0.5002.333), sice then, it had been crashing (blue screen) every five minutes.
I've installed the MR4 MP2 again, and everything is ok.
Checking the minidup file I found the following:
Debugging Details:
------------------
KERNEL_LOG_EXIT_STATUS: Exit Status 0
KERNEL_LOG_FAILING_PROCESS: WerFault.exe
PROCESS_OBJECT: 855b4800
DEBUG_FLR_IMAGE_TIMESTAMP: 0
MODULE_NAME: wininit
FAULTING_MODULE: 00000000
PROCESS_NAME: svchost.exe
BUGCHECK_STR: 0xF4_svchost.exe
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
CURRENT_IRQL: 0
LAST_CONTROL_TRANSFER: from 81cda610 to 81b15b0d
STACK_TEXT:
886bdc48 81cda610 000000f4 00000003 855b4800 nt!KeBugCheckEx+0x1e
886bdc6c 81c38f77 81c6e650 855b494c 855b4a28 nt!PspCatchCriticalBreak+0x73
886bdc9c 81c38f1e 855b4800 869f1aa8 c0000005 nt!PspTerminateAllThreads+0x2c...
0 comments
jRand
|
November 20th, 2009
Background:
Currently running Symantec AV 10.1.5.5002
I need assistance with interpreting or coming to a conclusion of where certain types of files are originating from.
We have workstations that are provided from a vendor with their custom WinXP w/SP3 image installed on the harddrive. These workstations are on their own separate subnet.and internet access has been blocked. After the machines are shipped to us we network them, join the windows domain server, install symantec from the network, and then we perform a Full scan of the workstation harddrives and we find the files below. The scan detects the W32.SillyFDC virus. Once thing to note is that we only detect this type of virus on the workstations provided from the vendor. The vendor has Symantec EP11 and they scan their image and nothing is flagged. We are trying to determine if these files are false positives or if our SAV client settings are set too agressively in...
2 comments
thatdude
|
November 20th, 2009
We have a large organization and we are looking at the possible upgrade from SAV10 to SEP. If we move forward with SEP we could possibly have 50 to 100 different limited administrators around the world. It will be a PITA to add each one by AD username. Instead we would like to use Active Directory groups.
Is this possible?
1 comments
ManInBlack
|
November 20th, 2009
I have a site that has 3 branch offices. HQ communicates with the branches via SDSL and the connection speeds are reasonable. I don't really want the link between sites compromised by chatter between the SEP clients and the SYmantec Protection Centre at HQ. Is there some way to have a download/policy proxy server running at the branches?
2 comments
Yap Kim Siong
|
November 20th, 2009
Hi,
i am a bit confused why the logs from SEP Manager always show that remote IP address 0.0.0.0 is blocked by firewall as per attached image. Can someone explain to me?
Thanks
5 comments
Erik_Goldoff
|
November 20th, 2009
without having to constantly check the website, is there any mechanism to sign up an email address so that I can be notified whenever a new Certified Definition is released ( for SEP 11x in my case )
Thanks
2 comments
blenahan
|
November 20th, 2009
AV servers in Symantec System Center 10.1.7 has thousands of clients. Most update normally via VDTM. One or two hundred of these clients are stuck on a certain date. In this case either 11/2/2009 or 11/11/2009. Clients are online, just not getting updates from AV server. on the Event Viewer of the AV server, I see many entries like Event ID: 4 "Update to computer JGELLERM-T60 of virus definition file 111102c failed. Status FFFFFFFF" What does this mean?
I know there are ways to resolve on a case by case basis for each machine, whether that means running rx4defs or reinstalling the client, but with a hundred or more machines, I am hoping to be able to script something that can fix these machines remotely.
thanks.
2 comments
Briandr73
|
November 20th, 2009
We have a mixed Novell & Microsoft environment. Alot of computers. Close to 3500 if not more on two SEPM's and couple GUP'S for smaller sites.
I checked out a Novell computer in one of my SEPM groups. I go to the 'General' tab. I checked out the entry for 'Domain or Workgroup'. What I saw was the DNS suffix. I should have seen the workgroup name since all Novell computers are in there. I then proceed to look at a MS computer. Again I saw the DNS suffix as opposed to the domain name. Is this a known bug? Because of how many computers we have it would be helpful to know which belong to a domain and which belong to a workgroup.
0 comments
Bernard L.
|
November 20th, 2009
11.0.4202 is running on my PC and I noticed that my proactive threat defs are not updating. How can I fix this?
Also, how do I know that other computers on my network are not having the same issue? When I look in the manager console I don't see a way to verify that all the clients on my network have the latest proactive threat defs. Is there a way to monitor this? When I pull up the Truscan threat protection distribution page it has no data in it.
1 comments
Marian Merritt
|
November 20th, 2009
I had the honor recently of moderating a virtual roundtable discussion on the top Internet security trends from 2009 and what we expect to see in the security threat landscape in 2010. Funny thing about security predictions—you hope they won’t come true, but expect them to anyway. The roundtable featured expert panelists Paul Wood (Senior Analyst, MessageLabs Intelligence, Symantec) and Zulfikar Ramzan (Technical Director, Symantec Security Response). They each have unique insights into the world of cybercrime, spam, phishing attacks, and other cyberthreats that plague us all.
We want to give a big thanks to everyone who joined in to listen to our experts, and we hope you found it interesting. For those of you who couldn’t make it, please take a few minutes to listen to the podcast of the actual roundtable.
You can read more about Symantec’s top trends from 2009 and our predictions for 2010 by clicking on the following links:
Breadth of Security...
Emerging Threats, Security, Security Response, Evolution of Security, Malicious Code, Online Fraud, Security Risks, Spam, Vulnerabilities & Exploits, Endpoint Protection (AntiVirus)
0 comments
vrubino
|
November 20th, 2009
Hello everyone.
I need your help.
I created a policy in my SEP in photo, to the exclusion of the dababase of SQL, by inserting these types of database files extensions
I would like to do similarly policiy exclusion of databases of ORACLE, but I can't find these database extensions.
Someone them can provide me?
Thank you.
1 comments