Sécurité Présentation | Communauté Symantec Connect

la Communauté de Sécurité

A Reminder about Rootkits

John H
Employé Symantec

Rootkit stories show up in the mainstream media on a regular basis these days. While these stories raise public awareness about what the bad guys are doing, they usually leave readers wondering what they can do to protect themselves from silent threats infecting their computers at home and...

Posté : 18 Janv. 2012 | 1 commentaire
Please Share Whether Or Not You Have A Current Support Agreement With Symantec

Hear4U

Hi folks, We are trying to get an idea of how many people on Connect have a contract, and actually use the site as their preferred method for resolving their issues. Answering this will answer # 1, and obviously not impact your experience on the site, nor impact our interest in helping you...

Posté : 19 Avr. 2011 | 135 comments

nouvelle discussion il y a 6 min

I need a solution Hi there! I've got a trouble while starting and connecting to ssim server: com.symantec.sim.app.exceptions.InvalidLicenseException: A valid license file has not been found on the server you are connecting to. Please install a valid license file and try again. at ...

commentaire sur la discussion il y a 11 min

Anamika a commenté : Symantec SEP Version

Thank you Pete.

commentaire sur la discussion il y a 20 min

pete_4u2002 a commenté : SEP 12.1 clients not updating

from the client log which is not updated, it is in process for downloading the ddefinition. didn't the client update? can you collect for longer time?

commentaire sur la discussion il y a 21 min

Symantec World a commenté : Clients are showing offline

As per the snapshot its seems that only SEPM system client is connected to SEPM that means there is some communication issue between this system to all clients. Please check your windows firewall and also follow the KN provided by Ashish Sharma.

commentaire sur la discussion il y a 40 min

pete_4u2002 a commenté : locked out automatically

great to hear :-)

commentaire sur l'article il y a 46 min

pkyadav a commenté : How to Install Symantec Endpoint Protection v. 11.x from the Symantec Endpoint Protection Manager v.12.1?

Hi, I found that we can manage sep 11.x clients from sepm 12.1, but we cannot manage sep 11.x logs. Is it right? . . .

commentaire sur la discussion il y a 1 heure 58 s

dfinkelstein a commenté : Is PGP Encryption really secure?

You're very welcome. Regards,

commentaire sur l'article il y a 1 heure 3 min

Shahnawaz a commenté : Contribution of Domain controllers in Integration of Windows 2008 with SSIM.

Thanks for sharing the valuable information regarding 2k8 Integration.....It was much needed.

commentaire sur la discussion il y a 1 heure 32 min

Mahendra Patel a commenté : Symantec Endpoint Management Domain Change

It will work without any problem, the client communication do not depend on domain name, it just needs the name or ip address of the server and the port number. As long as these three things are not changing on the server there will not be any issue in client server communication. And as Chetan said, its always better to be on safer side and take backup of the server before making any changes

commentaire sur la discussion il y a 1 heure 40 min

Simpson Homer a commenté : Symantec Endpoint Protection for Linux trial

Have you got what you were looking for?

nouvelle discussion il y a 6 min

Smartdoc a publié : SSIM client trouble

commentaire sur la discussion il y a 11 min

Anamika a commenté : Symantec SEP Version

Thank you Pete.

commentaire sur la discussion il y a 20 min

pete_4u2002 a commenté : SEP 12.1 clients not updating

from the client log which is not updated, it is in process for downloading the ddefinition. didn't the client update? can you collect for longer time?

commentaire sur la discussion il y a 21 min

Symantec World a commenté : Clients are showing offline

commentaire sur la discussion il y a 40 min

pete_4u2002 a commenté : locked out automatically

great to hear :-)

commentaire sur la discussion il y a 1 heure 58 s

dfinkelstein a commenté : Is PGP Encryption really secure?

You're very welcome. Regards,

commentaire sur la discussion il y a 1 heure 32 min

Mahendra Patel a commenté : Symantec Endpoint Management Domain Change

commentaire sur la discussion il y a 1 heure 40 min

Simpson Homer a commenté : Symantec Endpoint Protection for Linux trial

Have you got what you were looking for?

commentaire sur la discussion il y a 1 heure 54 min

Simpson Homer a commenté : Console having a latest definition but still it shows OUT OF DATE.

Is the issue resolved?

commentaire sur la discussion il y a 1 heure 55 min

Simpson Homer a commenté : Boot Record: \\.\PhysicalDrive0

Please scan the machine with the Symantec Endpoint Recovery Tool. Download the tool and follow the steps given in the PDF.

commentaire sur l'article il y a 46 min

pkyadav a commenté : How to Install Symantec Endpoint Protection v. 11.x from the Symantec Endpoint Protection Manager v.12.1?

Hi, I found that we can manage sep 11.x clients from sepm 12.1, but we cannot manage sep 11.x logs. Is it right? . . .

commentaire sur l'article il y a 1 heure 3 min

Shahnawaz a commenté : Contribution of Domain controllers in Integration of Windows 2008 with SSIM.

Thanks for sharing the valuable information regarding 2k8 Integration.....It was much needed.

commentaire sur l'article il y a 4 heures 48 min

Avkash K a commenté : Auditing/Monitoring of User Activity in DLP

Thumbs UP!!

commentaire sur l'article il y a 4 heures 50 min

Avkash K a commenté : What Protection Does Symantec DLP Provide? A Note for Beginners- Part-2

Thanx for the share!!

commentaire sur l'article il y a 5 heures 16 min

Avkash K a commenté : Squid Proxy SSIM Agent Installation (steps at linux machine)

Thums UP!!

commentaire sur l'article il y a 5 heures 43 min

AR Sharma a commenté : SSIM Backup & Restore (Graphical).

Good article

article mis à jour il y a 9 heures 35 min

Sanehdeep Singh a publié : Microsoft Print Spooler Service Impersonation Vulnerability Exploitation and Prevention Part 2

In Microsoft Print Spooler Service Impersonation Vulnerability Exploitation and Prevention Part 1, I explained How to exploit Microsoft Print Spooler Service Impersonation Vulnerability. In next part i will show you how to prevent Microsoft Print Spooler Service Impersonation Vulnerability with Symantec Critical System Protection . Microsoft Print Spooler Service Impersonation ...

article mis à jour il y a 9 heures 36 min

Sanehdeep Singh a publié : Microsoft Print Spooler Service Impersonation Vulnerability Exploitation and Prevention Part 1

Microsoft Print Spooler Service Impersonation Vulnerability This module exploits the RPC service impersonation vulnerability detailed in Microsoft Bulletin MS10-061. By making a specific DCE RPC request to the StartDocPrinter procedure, an attacker can impersonate the Printer Spooler service to create a file. The working directory at the time is %SystemRoot%\system32. An attacker can ...

commentaire sur l'article 13 Fév. 2012

Avkash K a commenté : SSIM Disaster recovery Procedure

Thumps UP!!

commentaire sur l'article 13 Fév. 2012

AR Sharma a commenté : DLP Agent in a Failover Environment

The information with screnshot that you have provided is very good to understand. One can grasp immediately after looking into it. I hardly took 5-7 mins to read and understand clearly. Thanks once again.

commentaire sur le billet il y a 4 heures 9 min

JB23zz a commenté : Attention Mac OS X Lion Users: Using PGP WDE or SEE FDE and the Imminent Release of OS X 10.7.3

If I am using FileConnect properly, I still can only D/L 10.2 MP3 as of 10:20 EST/7:20 PST. Is the update in fact available now? If so, I'll call customer support, as I seem to do for every upgrade.

commentaire sur le billet il y a 5 heures 32 min

Ashish Sharma a commenté : Delete Clients automatically in SEPM Server not sync in SEPM server

You can be reduce time period in your company or customer requirement.. thanks

billet mis à jour il y a 11 heures 35 min

Robert Keith a publié : Microsoft Patch Tuesday - February 2012

Hello, welcome to this month’s blog on the Microsoft patch release. This is a larger month—the vendor is releasing 9 bulletins covering a total of 21 vulnerabilities. Six of this month's issues are rated ‘Critical’ and they affect Internet Explorer, .NET, Windows, and GDI. The remaining issues affect Internet Explorer, Windows, Visio, and SharePoint. As always, customers are ...

commentaire sur le billet il y a 22 heures 10 min

Srikanth_Subra a commenté : Stronger Authentication Means Fewer Headaches in 2012

Info..

commentaire sur le billet il y a 22 heures 12 min

Srikanth_Subra a commenté : Why is Symantec Connect (Forum) Important?

My many problamatic situations are solved with the help of connect forum only..

billet mis à jour 13 Fév. 2012

Symantec Security Response a publié : サーバーサイドポリモーフィック型の Android アプリケーション

Windows の世界では、かなり以前からサーバーサイドポリモーフィズムの技法を使ってコンピュータに感染する手口が全世界で確認されてきました。これはつまり、ファイルがダウンロードされるたびに、異なるバージョンのファイルを作成して従来のシグネチャベースの検出をすり抜けようとすることを意味します。最近、この同じ手口が、ロシアの Web サイトでホストされている悪質な Android アプリケーションにも使われていることが判明しました。シマンテック製品では、この亜種をすべて Android.Opfake として検出します。Opfake をホストしているサイトにはリンクかボタンが設置され、それを使うと人気の高い Android ソフトウェアの無料版をダウンロードできることになっていますが、実際にダウンロードされるのは悪質なパッケージです。 ...

billet mis à jour 13 Fév. 2012

Joji Hamada a publié : Office を悪用した新しい標的型攻撃が出現

寄稿者: 中山雄克先日、標的型攻撃に関して取得したファイルを調べていたところ、妙なファイルセットが目に止まりました。それらのファイルを分析してみると、2 つのファイルがセットになって、今までに一般に確認されていない脆弱性を悪用するものであることが判明しました。Microsoft はこの問題を認識しており、 MS11-073 を適用したユーザーは完全にセキュリティ保護されると発表しています。これらのファイルが一般的な標的型攻撃と異なる点は、Microsoft Word の文書ファイルと .dll ファイルがペアになっていることです。通常、標的型攻撃に必要となるのは、マルウェアを投下するファイル 1 ...

commentaire sur le billet 13 Fév. 2012

Srikanth_Subra a commenté : SEP 12.1 is now Available

oh..OK Thanks..

billet mis à jour 13 Fév. 2012

Tim_Matthews a publié : CISOs are in a Mobile Mindset, but Plenty of Work Remains

With the end of 2011 upon us, one thing is sure: the mobile revolution is in full swing. Smartphones and tablets are everywhere. In fact, according to the analyst firm Gartner, sales of smartphones will exceed 461 million this year – surpassing PC shipments in the process – and rise to 645 million in 2012. Combined sales of smartphones and tablets will be 44 percent greater than ...

nouveau billet 13 Fév. 2012

Sean Dougherty a publié : Executive Level Overview of APTs to Demystify the Hype

One hot topic in IT and information security today is the Advanced Persistent Threat, usually abbreviated to APT. However, the P in APT might as well stand for People. And therein lies a clue as to how APTs differ from other targeted attacks, something about which there has been a some confusion. A standard targeted attack, while often requiring a significant investment of time, ...

téléchargement mis à jour il y a 12 heures 56 min

Srikanth_Subra a publié : SQL Performance Monitoring

Hi, This tool can be used for monitoring our SQL database used for our symantec endpoint manager.. we can monitor the performance of our database and find out any problems if they exist. SQL Performance.zip (Security, 12.x, Endpoint Protection (AntiVirus), Installing, Tip/How to, Troubleshooting) () Symantec, 12.x, Endpoint Protection (AntiVirus), ...

commentaire sur le téléchargement il y a 18 heures 44 min

james_stevenson a commenté : Replace Sylink

Thanks for the feedback. If anyone has had a negative experience with the script then get back to me and I will try to iron out any problems. It worked on my network environment.

commentaire sur le téléchargement 13 Fév. 2012

AR Sharma a commenté : Easy fileshare for Linux kernals - SSIM

This tool is helpful!

commentaire sur le téléchargement 13 Fév. 2012

Appel a commenté : SEP Content Distribution Monitor (for GUP health-checking)

Looks like there have been some great things going on here. Beta, testing, issues, resolutions, more issues and resoultions and so on. At this point is this tool now out of the beta and ready for prime time? Our SEPM’s are currenlty running 12.1 RU1 running a single SQL database on a separate server and the majority of the GUP’s are at 11.x.

téléchargement mis à jour 13 Fév. 2012

iamadmin a publié : Squash SymTMPs - from Mike's Tool Set

So...way, way back, somewhere around MR4 we started seeing an issue where lots of files (mostly TMP) were being created (and staying) in the xfer_tmp or the xfer folders. For us it was only with SEP, but from what I understand, SAV users were seeing some of this as well. Symantec wrote a very comprehensive cleanup document (which has since been shortened to reflect the current state ...

commentaire sur le téléchargement 13 Fév. 2012

Orient Dawn a commenté : To kill unknown process if task manager is disabled by virus

very useful, thanks a lot

commentaire sur le téléchargement 12 Fév. 2012

Jackie007 a commenté : Image Installation System Problem

Thanks for providing information. I will be check in my Organization for providing Information.

commentaire sur le téléchargement 12 Fév. 2012

kishan_243 a commenté : solution Doc to manage the unmanaged System in SEP 11.0.6005..

Mention tip is really help to manage the systems. thanks.

commentaire sur le téléchargement 10 Fév. 2012

Swapnil a commenté : Block the access of Extension (.mp3, .mp4, .mpg, .mpeg, .flv)

Nice info Sumit .

commentaire sur le téléchargement 08 Fév. 2012

roh234 a commenté : Best Practices for Symantec Endpoint Protection on Citrix and Terminal Servers

hi what about the verstion of 12.1 is these applicable to that also

événement mis à jour il y a 9 heures 41 min

ChrisCamp a publié : Washington DC Security & Compliance User Group Meeting - March 7, 2012

Hogan Lovells, 555 13th St NW, Washington DC 20004 Wed, 07 March, 2012 - 10:00 - 13:00 EST Join us for our next Washington DC Security & Compliance User Group meeting on Wednesday, March 7 . We have a great agenda lined up! ...

événement mis à jour 13 Fév. 2012

Steven B. a publié : Hazard Based Remediation - DLP Technical Advisory Board (TAB)

Webex Wed, 14 March, 2012 - 17:30 - 19:00 PDT Valued DLP Customers, We respectfully request your participation at our upcoming Symantec DLP Technical Advisory Board (TAB) for Hazard Based Remediation . Hazard based view is intended ...

événement mis à jour 13 Fév. 2012

Steven B. a publié : Hazard Based Remediation - DLP Technical Advisory Board (TAB)

Webex Tue, 13 March, 2012 - 8:00 - 9:30 PDT Valued DLP Customers, We respectfully request your participation at our upcoming Symantec DLP Technical Advisory Board (TAB) for Hazard Based Remediation . Hazard based view is intended to ...

commentaire sur l'événement 13 Fév. 2012

jaswad23 a commenté : South Florida Security & Compliance User Group Meeting - February 15, 2012

Can't wait.....

événement mis à jour 03 Fév. 2012

ShadowsPapa a publié : Iowa Security & Compliance User Group Meeting February 29th 2012

State of Iowa Judicial Branch, 1111 E Court Avenue, Des Moines, IA 50319 Wed, 29 February, 2012 - 10:00 - 13:00 CST Agenda: Gay and Lonnie (State of Iowa - Judicial Branch) will discuss their upgrade to SEP 12.1 Fayyaz ...

événement mis à jour 26 Janv. 2012

Holger S. a publié : Symantec Network Access Control – Einstieg über das Self Enforcement

WebCast Wed, 22 February, 2012 - 10:00 - 11:00 CET In diesem Webcast zeigen wir Ihnen, wie Sie mit wenig Aufwand komplexe Network Access Control Lösungen erstellen. Beispiele: aktivieren von Symantec Network Access Control ...

commentaire sur l'événement 24 Janv. 2012

Symantec World a commenté : Symantec Endpoint Protection Support Webcast

Regirstered for the same. Thanks Thomas.

événement mis à jour 24 Janv. 2012

Thomas K a publié : How-to Tackle Apple in the Enterprise

Online Webcast Tue, 14 February, 2012 - 10:00 - 11:00 PST Tuesday, February 14, 2012 @ 10:00 AM PT / 1:00 PM ET How-to Tackle Apple in the Enterprise Registration URL: https://symantecevents.verite.com/24308/131929 ...

événement mis à jour 24 Janv. 2012

Thomas K a publié : Keep Your Secrets from Walking Out the Door with Data Loss Prevention

Online Webcast Thu, 09 February, 2012 - 10:00 - 11:00 PST Thursday, February 9, 2012 @ 10:00 AM PT / 1:00 PM ET Keep Your Secrets from Walking Out the Door with Data Loss Prevention Presented by: Linda Park, Senior Product ...

événement mis à jour 24 Janv. 2012

Thomas K a publié : Symantec Endpoint Protection Support Webcast

Online Webcast Wed, 08 February, 2012 - 10:00 - 11:00 PST Wednesday, February 8, 2012 @ 10:00 AM PT / 1:00 PM ET Symantec Endpoint Protection Support Webcast Registration URL: https://symantecevents.verite.com/24265 ...

commentaire sur la vidéo 13 Fév. 2012

ajhay.siingh a commenté : Symantec Download Insight in Symantec Endpoint Protection 12.1

Hi, Very usful info by Mithun about insight features. thanks

vidéo mise à jour 09 Fév. 2012

mt5937 a publié : Symantec.cloud email security: using Track and Trace

An essential administrative feature of Symantec.cloud email security is Track and Trace. Track and Trace can track down missing but expected emails, however it can do much more. In the hands of a skilled administrator, Track and Trace can identify a wide range of internal or external email abuse. This video ...

commentaire sur la vidéo 09 Fév. 2012

Linas a commenté : Power Eraser Overview

It failed to detect anything The only thing it found was my VPN software Is the a newer definition file something newer then 01/04/2012 It’s especially frustrating when directed to use this tool for these specific threats and it didn’t even detect them

commentaire sur la vidéo 01 Fév. 2012

Swapnil a commenté : How do we Collect the Suspicious Files and Submit the same to Symantec Security Response Team.

Nice videos ,is there any video which defines sep dll's ? the entire process when scan gets initiated and which processess are triggered ?

commentaire sur la vidéo 30 Janv. 2012

swismax a commenté : Virtualization Security with SEP 12.1 Security

Excellent interview ,i think you are doing nice job this interview is very help full for me and i like to see it more . swismax

commentaire sur la vidéo 29 Janv. 2012

mrezap2000@yahoo.com a commenté : LiveUpdate Administrator 2.3: What's New

commentaire sur la vidéo 26 Janv. 2012

Kedarnath Lal a commenté : LiveUpdate Administrator: How to configure a remote Distribution Center

Good one. Thanks

commentaire sur la vidéo 18 Janv. 2012

Gurupreet a commenté : Symantec Endpoint Protection Manager 12.1 Fresh Install - SQL Database

good and informative video

commentaire sur la vidéo 18 Janv. 2012

Gurupreet a commenté : Symantec Endpoint Protection Manager 12.1 Fresh Install - Embedded Database

very helpful... good one

commentaire sur la vidéo 10 Janv. 2012

RicheeDiaz a commenté : Troubleshooting LiveUpdate Part 3

Good one. Amazing video

concept mis à jour il y a 9 heures 52 min

dcantey a publié : "Yes to All" for Deployment Package Conflict dialog box

When customers use the Upgrade Groups Wizard and select large heirarchy's of groups to upgrade they will get a dialog popup that they have to accept for every group and sub group. Can be hundreds of popups. This apparenly was not a problem before 11.0.7 but is still in SEP 12.1 RU1. (12.1.1000.0157). A "yes to all" option for the pop-up dialog box would make alot of sense. ...

concept mis à jour il y a 14 heures 36 min

NRaj a publié : System admin access Modification

We can modify a limited admin to admin & vice versa. But this is not possible for a system admin. We cannot change a 'system admin' to 'admin' or 'limited admin'. And we cannot change a 'admin' or 'limited admin' to a 'system admin'. This should be possible as the requirement changes along with users role in the project. ...

commentaire sur le concept il y a 15 heures 20 min

Neil74 a commenté : Prevent Info-Level "Application and Device Control is ready" events from triggering Notifications

Yes great idea, just had a customer requesting the very same functionality.

commentaire sur le concept il y a 16 heures 37 min

iamadmin a commenté : "Purge Now" Button for LiveUpdate Administrator 2.x

A very welcome addition to LUA!! -Mike

commentaire sur le concept 13 Fév. 2012

ycuyugan a commenté : Exceptions for SONAR in SEP 12

I have the same issue even though i have the VPN client i have an exception policy for it.

concept mis à jour 13 Fév. 2012

sumitgupta786 a publié : Safe Mode -Access block Utility

Hi, I am using the SEPM server from last 1 year and get the great success in using ADC policy. ADC policy will help me in all the matter but symantec not have any utility to block the USB in Safe Mode. So that most of the comapny use the Active directy Service to block the Acess because it helpfull in Safe Mode also. If symantec can implement these type of changes in ADC policy and no ...

concept mis à jour 13 Fév. 2012

sumitgupta786 a publié : Proper Failure event Message

Hi- When anyone have tried to connect any USB then event will generate and we get mail with event and that user user id. If same will update in Authentication event then it will helpfull to find the person. I mean when anyone try to login the console with wrong password, Event mail will generate with wrong console id and also upload that person lan id to catch it. if this will ...

concept mis à jour 13 Fév. 2012

sumitgupta786 a publié : To remove the SEP client

Hi- My request is that pls create one of the Batch file which help to remove the corrupted Antivrus with all "Dll" and "Registry" file from systems. So that we can reinstall succesfull the new client version. It help to safe the system from reinstallation. Thanks in Advance..!! (Security, 11.x, Endpoint Protection (AntiVirus), Basics, Troubleshooting) () Symantec, 11.x, ...

commentaire sur le concept 13 Fév. 2012

Dassy a commenté : Symantec USB encryption

Hi, I am also looking for this kind of solutions from Symantec.

commentaire sur le concept 13 Fév. 2012

Srikanth_Subra a commenté : Useful information when we move the cursor on the SEP icon in the system tray

Good idea..

Pouvez-vous les résoudre ?
Récemment résolu

A Reminder about Rootkits

Please Share Whether Or Not You Have A Current Support Agreement With Symantec

Technical Support

Symantec.com

Store

Statistiques de la communauté