Seguridad Descripción general | Comunidad de Symantec Connect

Comunidad Seguridad

A Reminder about Rootkits

John H
Empleado de Symantec

Rootkit stories show up in the mainstream media on a regular basis these days. While these stories raise public awareness about what the bad guys are doing, they usually leave readers wondering what they can do to protect themselves from silent threats infecting their computers at home and...

Publicado: 18 Enero 2012 | 0 comments
Please Share Whether Or Not You Have A Current Support Agreement With Symantec

Hear4U

Hi folks, We are trying to get an idea of how many people on Connect have a contract, and actually use the site as their preferred method for resolving their issues. Answering this will answer # 1, and obviously not impact your experience on the site, nor impact our interest in helping you...

Publicado: 19 Abril 2011 | 135 comments

discusión nueva hace 7 min.

Smartdoc ha publicado: SSIM client trouble

I need a solution Hi there! I've got a trouble while starting and connecting to ssim server: com.symantec.sim.app.exceptions.InvalidLicenseException: A valid license file has not been found on the server you are connecting to. Please install a valid license file and try again. at ...

comentario sobre discusión hace 11 min.

Anamika ha añadido un comentario a: Symantec SEP Version

Thank you Pete.

comentario sobre discusión hace 21 min.

pete_4u2002 ha añadido un comentario a: SEP 12.1 clients not updating

from the client log which is not updated, it is in process for downloading the ddefinition. didn't the client update? can you collect for longer time?

comentario sobre discusión hace 21 min.

Symantec World ha añadido un comentario a: Clients are showing offline

As per the snapshot its seems that only SEPM system client is connected to SEPM that means there is some communication issue between this system to all clients. Please check your windows firewall and also follow the KN provided by Ashish Sharma.

comentario sobre discusión hace 40 min.

pete_4u2002 ha añadido un comentario a: locked out automatically

great to hear :-)

comentario sobre artículo hace 46 min.

pkyadav ha añadido un comentario a: How to Install Symantec Endpoint Protection v. 11.x from the Symantec Endpoint Protection Manager v.12.1?

Hi, I found that we can manage sep 11.x clients from sepm 12.1, but we cannot manage sep 11.x logs. Is it right? . . .

comentario sobre discusión hace 1 hora 1 minuto

dfinkelstein ha añadido un comentario a: Is PGP Encryption really secure?

You're very welcome. Regards,

comentario sobre artículo hace 1 hora 3 min.

Shahnawaz ha añadido un comentario a: Contribution of Domain controllers in Integration of Windows 2008 with SSIM.

Thanks for sharing the valuable information regarding 2k8 Integration.....It was much needed.

comentario sobre discusión hace 1 hora 32 min.

Mahendra Patel ha añadido un comentario a: Symantec Endpoint Management Domain Change

It will work without any problem, the client communication do not depend on domain name, it just needs the name or ip address of the server and the port number. As long as these three things are not changing on the server there will not be any issue in client server communication. And as Chetan said, its always better to be on safer side and take backup of the server before making any changes

comentario sobre discusión hace 1 hora 40 min.

Simpson Homer ha añadido un comentario a: Symantec Endpoint Protection for Linux trial

Have you got what you were looking for?

discusión nueva hace 7 min.

Smartdoc ha publicado: SSIM client trouble

comentario sobre discusión hace 11 min.

Anamika ha añadido un comentario a: Symantec SEP Version

Thank you Pete.

comentario sobre discusión hace 21 min.

pete_4u2002 ha añadido un comentario a: SEP 12.1 clients not updating

from the client log which is not updated, it is in process for downloading the ddefinition. didn't the client update? can you collect for longer time?

comentario sobre discusión hace 21 min.

Symantec World ha añadido un comentario a: Clients are showing offline

comentario sobre discusión hace 40 min.

pete_4u2002 ha añadido un comentario a: locked out automatically

great to hear :-)

comentario sobre discusión hace 1 hora 1 minuto

dfinkelstein ha añadido un comentario a: Is PGP Encryption really secure?

You're very welcome. Regards,

comentario sobre discusión hace 1 hora 32 min.

Mahendra Patel ha añadido un comentario a: Symantec Endpoint Management Domain Change

comentario sobre discusión hace 1 hora 40 min.

Simpson Homer ha añadido un comentario a: Symantec Endpoint Protection for Linux trial

Have you got what you were looking for?

comentario sobre discusión hace 1 hora 54 min.

Simpson Homer ha añadido un comentario a: Console having a latest definition but still it shows OUT OF DATE.

Is the issue resolved?

comentario sobre discusión hace 1 hora 55 min.

Simpson Homer ha añadido un comentario a: Boot Record: \\.\PhysicalDrive0

Please scan the machine with the Symantec Endpoint Recovery Tool. Download the tool and follow the steps given in the PDF.

comentario sobre artículo hace 46 min.

pkyadav ha añadido un comentario a: How to Install Symantec Endpoint Protection v. 11.x from the Symantec Endpoint Protection Manager v.12.1?

Hi, I found that we can manage sep 11.x clients from sepm 12.1, but we cannot manage sep 11.x logs. Is it right? . . .

comentario sobre artículo hace 1 hora 3 min.

Shahnawaz ha añadido un comentario a: Contribution of Domain controllers in Integration of Windows 2008 with SSIM.

Thanks for sharing the valuable information regarding 2k8 Integration.....It was much needed.

comentario sobre artículo hace 4 horas 49 min.

Avkash K ha añadido un comentario a: Auditing/Monitoring of User Activity in DLP

Thumbs UP!!

comentario sobre artículo hace 4 horas 51 min.

Avkash K ha añadido un comentario a: What Protection Does Symantec DLP Provide? A Note for Beginners- Part-2

Thanx for the share!!

comentario sobre artículo hace 5 horas 16 min.

Avkash K ha añadido un comentario a: Squid Proxy SSIM Agent Installation (steps at linux machine)

Thums UP!!

comentario sobre artículo hace 5 horas 43 min.

AR Sharma ha añadido un comentario a: SSIM Backup & Restore (Graphical).

Good article

artículo actualizado hace 9 horas 36 min.

Sanehdeep Singh ha publicado: Microsoft Print Spooler Service Impersonation Vulnerability Exploitation and Prevention Part 2

In Microsoft Print Spooler Service Impersonation Vulnerability Exploitation and Prevention Part 1, I explained How to exploit Microsoft Print Spooler Service Impersonation Vulnerability. In next part i will show you how to prevent Microsoft Print Spooler Service Impersonation Vulnerability with Symantec Critical System Protection . Microsoft Print Spooler Service Impersonation ...

artículo actualizado hace 9 horas 36 min.

Sanehdeep Singh ha publicado: Microsoft Print Spooler Service Impersonation Vulnerability Exploitation and Prevention Part 1

Microsoft Print Spooler Service Impersonation Vulnerability This module exploits the RPC service impersonation vulnerability detailed in Microsoft Bulletin MS10-061. By making a specific DCE RPC request to the StartDocPrinter procedure, an attacker can impersonate the Printer Spooler service to create a file. The working directory at the time is %SystemRoot%\system32. An attacker can ...

comentario sobre artículo 13 Febrero 2012

Avkash K ha añadido un comentario a: SSIM Disaster recovery Procedure

Thumps UP!!

comentario sobre artículo 13 Febrero 2012

AR Sharma ha añadido un comentario a: DLP Agent in a Failover Environment

The information with screnshot that you have provided is very good to understand. One can grasp immediately after looking into it. I hardly took 5-7 mins to read and understand clearly. Thanks once again.

comentario sobre entrada de blog hace 4 horas 9 min.

JB23zz ha añadido un comentario a: Attention Mac OS X Lion Users: Using PGP WDE or SEE FDE and the Imminent Release of OS X 10.7.3

If I am using FileConnect properly, I still can only D/L 10.2 MP3 as of 10:20 EST/7:20 PST. Is the update in fact available now? If so, I'll call customer support, as I seem to do for every upgrade.

comentario sobre entrada de blog hace 5 horas 32 min.

Ashish Sharma ha añadido un comentario a: Delete Clients automatically in SEPM Server not sync in SEPM server

You can be reduce time period in your company or customer requirement.. thanks

entrada de blog actualizada hace 11 horas 35 min.

Robert Keith ha publicado: Microsoft Patch Tuesday - February 2012

Hello, welcome to this month’s blog on the Microsoft patch release. This is a larger month—the vendor is releasing 9 bulletins covering a total of 21 vulnerabilities. Six of this month's issues are rated ‘Critical’ and they affect Internet Explorer, .NET, Windows, and GDI. The remaining issues affect Internet Explorer, Windows, Visio, and SharePoint. As always, customers are ...

comentario sobre entrada de blog hace 22 horas 10 min.

Srikanth_Subra ha añadido un comentario a: Stronger Authentication Means Fewer Headaches in 2012

Info..

comentario sobre entrada de blog hace 22 horas 12 min.

Srikanth_Subra ha añadido un comentario a: Why is Symantec Connect (Forum) Important?

My many problamatic situations are solved with the help of connect forum only..

entrada de blog actualizada 13 Febrero 2012

Symantec Security Response ha publicado: サーバーサイドポリモーフィック型の Android アプリケーション

Windows の世界では、かなり以前からサーバーサイドポリモーフィズムの技法を使ってコンピュータに感染する手口が全世界で確認されてきました。これはつまり、ファイルがダウンロードされるたびに、異なるバージョンのファイルを作成して従来のシグネチャベースの検出をすり抜けようとすることを意味します。最近、この同じ手口が、ロシアの Web サイトでホストされている悪質な Android アプリケーションにも使われていることが判明しました。シマンテック製品では、この亜種をすべて Android.Opfake として検出します。Opfake をホストしているサイトにはリンクかボタンが設置され、それを使うと人気の高い Android ソフトウェアの無料版をダウンロードできることになっていますが、実際にダウンロードされるのは悪質なパッケージです。 ...

entrada de blog actualizada 13 Febrero 2012

Joji Hamada ha publicado: Office を悪用した新しい標的型攻撃が出現

寄稿者: 中山雄克先日、標的型攻撃に関して取得したファイルを調べていたところ、妙なファイルセットが目に止まりました。それらのファイルを分析してみると、2 つのファイルがセットになって、今までに一般に確認されていない脆弱性を悪用するものであることが判明しました。Microsoft はこの問題を認識しており、 MS11-073 を適用したユーザーは完全にセキュリティ保護されると発表しています。これらのファイルが一般的な標的型攻撃と異なる点は、Microsoft Word の文書ファイルと .dll ファイルがペアになっていることです。通常、標的型攻撃に必要となるのは、マルウェアを投下するファイル 1 ...

comentario sobre entrada de blog 13 Febrero 2012

Srikanth_Subra ha añadido un comentario a: SEP 12.1 is now Available

oh..OK Thanks..

entrada de blog actualizada 13 Febrero 2012

Tim_Matthews ha publicado: CISOs are in a Mobile Mindset, but Plenty of Work Remains

With the end of 2011 upon us, one thing is sure: the mobile revolution is in full swing. Smartphones and tablets are everywhere. In fact, according to the analyst firm Gartner, sales of smartphones will exceed 461 million this year – surpassing PC shipments in the process – and rise to 645 million in 2012. Combined sales of smartphones and tablets will be 44 percent greater than ...

entrada de blog nueva 13 Febrero 2012

Sean Dougherty ha publicado: Executive Level Overview of APTs to Demystify the Hype

One hot topic in IT and information security today is the Advanced Persistent Threat, usually abbreviated to APT. However, the P in APT might as well stand for People. And therein lies a clue as to how APTs differ from other targeted attacks, something about which there has been a some confusion. A standard targeted attack, while often requiring a significant investment of time, ...

descarga actualizada hace 12 horas 56 min.

Srikanth_Subra ha publicado: SQL Performance Monitoring

Hi, This tool can be used for monitoring our SQL database used for our symantec endpoint manager.. we can monitor the performance of our database and find out any problems if they exist. SQL Performance.zip (Security, 12.x, Endpoint Protection (AntiVirus), Installing, Tip/How to, Troubleshooting) () Symantec, 12.x, Endpoint Protection (AntiVirus), ...

comentario sobre descarga hace 18 horas 44 min.

james_stevenson ha añadido un comentario a: Replace Sylink

Thanks for the feedback. If anyone has had a negative experience with the script then get back to me and I will try to iron out any problems. It worked on my network environment.

comentario sobre descarga 13 Febrero 2012

AR Sharma ha añadido un comentario a: Easy fileshare for Linux kernals - SSIM

This tool is helpful!

comentario sobre descarga 13 Febrero 2012

Appel ha añadido un comentario a: SEP Content Distribution Monitor (for GUP health-checking)

Looks like there have been some great things going on here. Beta, testing, issues, resolutions, more issues and resoultions and so on. At this point is this tool now out of the beta and ready for prime time? Our SEPM’s are currenlty running 12.1 RU1 running a single SQL database on a separate server and the majority of the GUP’s are at 11.x.

descarga actualizada 13 Febrero 2012

iamadmin ha publicado: Squash SymTMPs - from Mike's Tool Set

So...way, way back, somewhere around MR4 we started seeing an issue where lots of files (mostly TMP) were being created (and staying) in the xfer_tmp or the xfer folders. For us it was only with SEP, but from what I understand, SAV users were seeing some of this as well. Symantec wrote a very comprehensive cleanup document (which has since been shortened to reflect the current state ...

comentario sobre descarga 13 Febrero 2012

Orient Dawn ha añadido un comentario a: To kill unknown process if task manager is disabled by virus

very useful, thanks a lot

comentario sobre descarga 12 Febrero 2012

Jackie007 ha añadido un comentario a: Image Installation System Problem

Thanks for providing information. I will be check in my Organization for providing Information.

comentario sobre descarga 12 Febrero 2012

kishan_243 ha añadido un comentario a: solution Doc to manage the unmanaged System in SEP 11.0.6005..

Mention tip is really help to manage the systems. thanks.

comentario sobre descarga 10 Febrero 2012

Swapnil ha añadido un comentario a: Block the access of Extension (.mp3, .mp4, .mpg, .mpeg, .flv)

Nice info Sumit .

comentario sobre descarga 08 Febrero 2012

roh234 ha añadido un comentario a: Best Practices for Symantec Endpoint Protection on Citrix and Terminal Servers

hi what about the verstion of 12.1 is these applicable to that also

evento actualizado hace 9 horas 41 min.

ChrisCamp ha publicado: Washington DC Security & Compliance User Group Meeting - March 7, 2012

Hogan Lovells, 555 13th St NW, Washington DC 20004 Wed, 07 March, 2012 - 10:00 - 13:00 EST Join us for our next Washington DC Security & Compliance User Group meeting on Wednesday, March 7 . We have a great agenda lined up! ...

evento actualizado 13 Febrero 2012

Steven B. ha publicado: Hazard Based Remediation - DLP Technical Advisory Board (TAB)

Webex Wed, 14 March, 2012 - 17:30 - 19:00 PDT Valued DLP Customers, We respectfully request your participation at our upcoming Symantec DLP Technical Advisory Board (TAB) for Hazard Based Remediation . Hazard based view is intended ...

evento actualizado 13 Febrero 2012

Steven B. ha publicado: Hazard Based Remediation - DLP Technical Advisory Board (TAB)

Webex Tue, 13 March, 2012 - 8:00 - 9:30 PDT Valued DLP Customers, We respectfully request your participation at our upcoming Symantec DLP Technical Advisory Board (TAB) for Hazard Based Remediation . Hazard based view is intended to ...

comentario sobre evento 13 Febrero 2012

jaswad23 ha añadido un comentario a: South Florida Security & Compliance User Group Meeting - February 15, 2012

Can't wait.....

evento actualizado 03 Febrero 2012

ShadowsPapa ha publicado: Iowa Security & Compliance User Group Meeting February 29th 2012

State of Iowa Judicial Branch, 1111 E Court Avenue, Des Moines, IA 50319 Wed, 29 February, 2012 - 10:00 - 13:00 CST Agenda: Gay and Lonnie (State of Iowa - Judicial Branch) will discuss their upgrade to SEP 12.1 Fayyaz ...

evento actualizado 26 Enero 2012

Holger S. ha publicado: Symantec Network Access Control – Einstieg über das Self Enforcement

WebCast Wed, 22 February, 2012 - 10:00 - 11:00 CET In diesem Webcast zeigen wir Ihnen, wie Sie mit wenig Aufwand komplexe Network Access Control Lösungen erstellen. Beispiele: aktivieren von Symantec Network Access Control ...

comentario sobre evento 24 Enero 2012

Symantec World ha añadido un comentario a: Symantec Endpoint Protection Support Webcast

Regirstered for the same. Thanks Thomas.

evento actualizado 24 Enero 2012

Thomas K ha publicado: How-to Tackle Apple in the Enterprise

Online Webcast Tue, 14 February, 2012 - 10:00 - 11:00 PST Tuesday, February 14, 2012 @ 10:00 AM PT / 1:00 PM ET How-to Tackle Apple in the Enterprise Registration URL: https://symantecevents.verite.com/24308/131929 ...

evento actualizado 24 Enero 2012

Thomas K ha publicado: Keep Your Secrets from Walking Out the Door with Data Loss Prevention

Online Webcast Thu, 09 February, 2012 - 10:00 - 11:00 PST Thursday, February 9, 2012 @ 10:00 AM PT / 1:00 PM ET Keep Your Secrets from Walking Out the Door with Data Loss Prevention Presented by: Linda Park, Senior Product ...

evento actualizado 24 Enero 2012

Thomas K ha publicado: Symantec Endpoint Protection Support Webcast

Online Webcast Wed, 08 February, 2012 - 10:00 - 11:00 PST Wednesday, February 8, 2012 @ 10:00 AM PT / 1:00 PM ET Symantec Endpoint Protection Support Webcast Registration URL: https://symantecevents.verite.com/24265 ...

comentario sobre video 13 Febrero 2012

ajhay.siingh ha añadido un comentario a: Symantec Download Insight in Symantec Endpoint Protection 12.1

Hi, Very usful info by Mithun about insight features. thanks

video actualizado 09 Febrero 2012

mt5937 ha publicado: Symantec.cloud email security: using Track and Trace

An essential administrative feature of Symantec.cloud email security is Track and Trace. Track and Trace can track down missing but expected emails, however it can do much more. In the hands of a skilled administrator, Track and Trace can identify a wide range of internal or external email abuse. This video ...

comentario sobre video 09 Febrero 2012

Linas ha añadido un comentario a: Power Eraser Overview

It failed to detect anything The only thing it found was my VPN software Is the a newer definition file something newer then 01/04/2012 It’s especially frustrating when directed to use this tool for these specific threats and it didn’t even detect them

comentario sobre video 01 Febrero 2012

Swapnil ha añadido un comentario a: How do we Collect the Suspicious Files and Submit the same to Symantec Security Response Team.

Nice videos ,is there any video which defines sep dll's ? the entire process when scan gets initiated and which processess are triggered ?

comentario sobre video 30 Enero 2012

swismax ha añadido un comentario a: Virtualization Security with SEP 12.1 Security

Excellent interview ,i think you are doing nice job this interview is very help full for me and i like to see it more . swismax

comentario sobre video 29 Enero 2012

mrezap2000@yahoo.com ha añadido un comentario a: LiveUpdate Administrator 2.3: What's New

comentario sobre video 26 Enero 2012

Kedarnath Lal ha añadido un comentario a: LiveUpdate Administrator: How to configure a remote Distribution Center

Good one. Thanks

comentario sobre video 18 Enero 2012

Gurupreet ha añadido un comentario a: Symantec Endpoint Protection Manager 12.1 Fresh Install - SQL Database

good and informative video

comentario sobre video 18 Enero 2012

Gurupreet ha añadido un comentario a: Symantec Endpoint Protection Manager 12.1 Fresh Install - Embedded Database

very helpful... good one

comentario sobre video 10 Enero 2012

RicheeDiaz ha añadido un comentario a: Troubleshooting LiveUpdate Part 3

Good one. Amazing video

idea actualizada hace 9 horas 52 min.

dcantey ha publicado: "Yes to All" for Deployment Package Conflict dialog box

When customers use the Upgrade Groups Wizard and select large heirarchy's of groups to upgrade they will get a dialog popup that they have to accept for every group and sub group. Can be hundreds of popups. This apparenly was not a problem before 11.0.7 but is still in SEP 12.1 RU1. (12.1.1000.0157). A "yes to all" option for the pop-up dialog box would make alot of sense. ...

idea actualizada hace 14 horas 36 min.

NRaj ha publicado: System admin access Modification

We can modify a limited admin to admin & vice versa. But this is not possible for a system admin. We cannot change a 'system admin' to 'admin' or 'limited admin'. And we cannot change a 'admin' or 'limited admin' to a 'system admin'. This should be possible as the requirement changes along with users role in the project. ...

comentario sobre idea hace 15 horas 21 min.

Neil74 ha añadido un comentario a: Prevent Info-Level "Application and Device Control is ready" events from triggering Notifications

Yes great idea, just had a customer requesting the very same functionality.

comentario sobre idea hace 16 horas 37 min.

iamadmin ha añadido un comentario a: "Purge Now" Button for LiveUpdate Administrator 2.x

A very welcome addition to LUA!! -Mike

comentario sobre idea 13 Febrero 2012

ycuyugan ha añadido un comentario a: Exceptions for SONAR in SEP 12

I have the same issue even though i have the VPN client i have an exception policy for it.

idea actualizada 13 Febrero 2012

sumitgupta786 ha publicado: Safe Mode -Access block Utility

Hi, I am using the SEPM server from last 1 year and get the great success in using ADC policy. ADC policy will help me in all the matter but symantec not have any utility to block the USB in Safe Mode. So that most of the comapny use the Active directy Service to block the Acess because it helpfull in Safe Mode also. If symantec can implement these type of changes in ADC policy and no ...

idea actualizada 13 Febrero 2012

sumitgupta786 ha publicado: Proper Failure event Message

Hi- When anyone have tried to connect any USB then event will generate and we get mail with event and that user user id. If same will update in Authentication event then it will helpfull to find the person. I mean when anyone try to login the console with wrong password, Event mail will generate with wrong console id and also upload that person lan id to catch it. if this will ...

idea actualizada 13 Febrero 2012

sumitgupta786 ha publicado: To remove the SEP client

Hi- My request is that pls create one of the Batch file which help to remove the corrupted Antivrus with all "Dll" and "Registry" file from systems. So that we can reinstall succesfull the new client version. It help to safe the system from reinstallation. Thanks in Advance..!! (Security, 11.x, Endpoint Protection (AntiVirus), Basics, Troubleshooting) () Symantec, 11.x, ...

comentario sobre idea 13 Febrero 2012

Dassy ha añadido un comentario a: Symantec USB encryption

Hi, I am also looking for this kind of solutions from Symantec.

comentario sobre idea 13 Febrero 2012

Srikanth_Subra ha añadido un comentario a: Useful information when we move the cursor on the SEP icon in the system tray

Good idea..