Video Screencast Help

After successfully upgrading SEP Client from 11.0.4 into 12.1 RU1 legacy FTP software stopped working ?

Created: 10 Jan 2013 | 6 comments

Hi People,

Can anyone please assist me in resolving this issue with the 

Everytime the user tries to use open up the application, there is pop up saying 

[SID: 20903] FTP Generic Command Overflow detected which comes from the old Solaris server, after that the whole people in the department cannot use their FTP software to pull out the report from the server ?

how to safely ignore any false positive "attacks" from that server, because previously in version 11 it works as normal.

Comments 6 CommentsJump to latest comment

.Brian's picture

You can set this host to be excluded from IPS

Check here:

 

Setting up a list of excluded computers

Article:HOWTO27084  |  Created: 2010-01-08  |  Updated: 2010-01-15  |  Article URL http://www.symantec.com/docs/HOWTO27084
 

 

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

John Santana's picture

Brian, it doesn't work, I have found the IP address of the server in question already in the whitelisted list.

The application still doesn't work

Kind regards,

John Santana
IT Professional

--------------------------------------------------

Please be nice to me as I'm newbie in this forum.

.Brian's picture

You can either upgrade the Solaris server FTP app to latest version or exclude that signature from the IPS policy

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

pete_4u2002's picture

upgrade the ftp software on the target machine , also check the response from the above link I posted

Response

There are patches available for each installation of FTP. However as a best practice it is recommended to;

1. Ensure the latest version of the FTP installation is installed
2. Log and Audit any FTP use, more specifically from connections made from systems outside of the network.
3. Disable any unneeded use of FTP.