Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Security Community Blog
Showing posts in English
robertckl | 23 Jul 2014 | 1 comment

A special request was made today: "How does SSL work? What is an SSL handshake?"

Here are some quick info.


SSL/TLS are protocols used for encrypting information between two points. It is usually between server and client, but there are times when server to server and client to client encryption are needed. For the purpose of this blog, I will focus only on the negotiation between server and client.


For SSL/TLS negotiation to take place, the system administrator must prepare the minimum of 2 files: Private Key and Certificate. When requesting from a Certificate Authority such as Symantec Trust Services, an additional file must be created. This file is called Certificate Signing Request, generated from the Private Key. The process for generating the files are dependent on the software that will be using the files for encryption.

For a list of the server softwares Symantec has, have a look at:...

robertckl | 22 Jul 2014 | 0 comments

Look! I have a lock, I see https://, I even see the Green Bar, I believe I have protected my server and the clients connecting to our services from attackers now. I can't start increasing security and block clients to my site by disabling SSLv3, MD5 or RC4. I'll be losing customers and profit! I can accept a weaker security as long as user traffic and profit are not affected.


Performance vs Security is a constant struggle between security experts and management. When it comes to SSL it is no different. Do we allow as many clients to access our site as possible, or do we block all the weak connectivities. There has been numerous studies on this, so I won't go into it here. As a SSL security expert, allow me to take sides this time. Allow me to provide some more gear for us to convince our management why SSL security is more important and how we can migitate the risks without affecting performance or traffic too much.


Last year September a...

Adam Burt | 18 Jul 2014 | 2 comments

If you don't care for the details of this blog, there is a Summary at the bottom.


Recently I was called, at home, informing me that my computer was “downloading viruses”. This is the fourth time this has happened and so I decided to take notes, screenshots and follow through with what happens.

Just a quick note about my setup; I pretended that my machine was a Windows XP SP2 box, which is actually virtualised and has many snapshots already taken. This means, if required, I can give control to anyone online of this machine without worry. Consequently, whilst the caller was describing my problems, I had created a backdoor to this system that allowed me to control processes from another computer. This meant, if anything TOO bad was about to happen, I can cut them off. I also had to pretend that I knew next to nothing about my computer and that I just used it for web browsing and e-mail.

So, here’s what happened: I received a call at...

SebastianZ | 17 Jul 2014 | 0 comments

Following Security Bulletins have been released in July 2014:



Microsoft Security Bulletin Summary for July 2014

Symantec product detections for Microsoft monthly Security Advisories - July 2014



Cumulative Security Update for Internet Explorer (2975687)


Remote Code Execution


Vulnerability in Windows Journal Could Allow Remote Code Execution (2975689)

InsentraCameronM | 14 Jul 2014 | 0 comments

Because of its non-centralised nature, PGP key management can be challenging. This is especially true when you are managing your own PGP keys.

Follow the steps below to get up and running quickly with PGP encryption.

Note: The steps below apply to all PGP/GPG clients.

Personal PGP Key Management

  1. Install a PGP client such as Symantec Encryption Desktop
  2. Create/generate a PGP private key
    1. Ensure that you use a strong pasword
    2. Set an expiry date
    3. Set an appropriate key strength
    4. Create a revocation certificate
  3. Create a PGP public key
    1. Export your public key using the following format for the filename: Firstname Lastname (0xFFFFFFFF) pub.asc
      1. Replace (0xFFFFFFFF) with you PGP public key's fingerprint/key id
  4. Distribute your PGP public...
SebastianZ | 14 Jul 2014 | 1 comment

The newest version of LiveUpdate Administrator (LUA) - 2.3.3 has been released.

The version can be downloaded from here:


What's new in LiveUpdate Administrator 2.3.3

  • System requirements:

You can upgrade from through 2.3.2 to 2.3.3.LiveUpdate is packaged with Apache Tomcat version 7.0.54 and PostgreSQL version 9.3.1. See “System requirements for LiveUpdate Administrator” on page 6.

  • Installation changes

When you install LiveUpdate Administrator, the installation folder, temporary folder, and download folder cannot be empty. Also, the root drive (such as C:\ or D:\) must use a subfolder that does not contain other files. The subfolder should use a local path, as network paths are not allowed.

robertckl | 09 Jul 2014 | 0 comments

Today SSL is an integral part of online businesses and any secured communication. It is however not an area that many system administrators or security experts are comfortable with. For most administrators the correct installation of the private key and its corresponding certificate is sufficient. As long as the green bar, the padlock, or https:// can be seen during the SSL/TLS negotiation, both the administrators and their clients trust that the connectivity is secure.


However many security flaws and vulnerabilities have been discovered in the recent years. From the server side there is the infamous Heartbleed bug or CCS injection - CVE-2014-0224, side-channel attacks such as Beast, Lucky 13, Crime or BREACH, and others (SSL Attack Survey).  It is not sufficient to just have a correct installation of the private key and certificate pair on the server...

ryanschoenherr | 08 Jul 2014 | 0 comments

Need complete visibility into your environment?  Do you find yourself reactive to breaches or always behind intrusions?  MetriX dashboards can provide complete visibility into your security environment and give you the power to be proactive!


Check out MetriXdashboards for more information and ways to utilize MetriX to increase your efficiency.


EP dashboard.png

DLP dashboard.png


For more information or to schedule a demo please contact:

Ryan Schoenherr



Sym_Chris | 25 Jun 2014 | 0 comments

Here in support, we speak to a lot of customers. We handle over 18 thousand client communications a month, via telephone, email, and online chat. It’s no wonder then, that we spend a lot of time looking at all our support data to ensure we do the right thing for you, the client.

One of the things we’ve found is that 1 in 4 support cases are not technical issues, but informational ones. put the technical folk right on the end of the phone to give you the best possible help and support. With that in mind, you may sometimes find it more convenient to use some of our other resources;

Online Help:

Online Help has been created with set up and configuration in mind. If you are a new administrator or just need a reminder of how things work, there is no better place to learn how to get the...

Stephen Heider | 21 Jun 2014 | 0 comments

The following important changes are being made to the Symantec Data Loss Prevention (DLP) and Data Insight (DI) Knowledgebase.

The content for both products is moving to a new location, to the same Technical Support Knowledge Base for other Symantec products.

Please note: