截屏视频帮助

How to unblock or white list internal production FTP from SEP false positives ?

创建时间: 25 10 月 2012 • Updated: 25 10 月 2012 | 9 条评论
此问题已解决。 请查看解决方案。

Hi,

My client has just installed SEP 12.1 RU1 MP1, so how can I disable this false positives ?

Thanks

评论 条评论跳转至最新评论

John Santana 的图片

I don't want to turn off the NTP component for this client, but rather I'd like to include a white list the Production FTP site so that the rest of the company is not affected by this random issue.

Kind regards,

John Santana
IT Professional

--------------------------------------------------

Please be nice to me as I'm newbie in this forum.

Brɨan 的图片

You can add it to the Excluded Hosts list in the IPS policy. 

Setting up a list of excluded computers

http://www.symantec.com/business/support/index?page=content&id=HOWTO27084

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

解决方案
John Santana 的图片

According to this article: http://www.symantec.com/security_response/attacksignatures/detail.jsp?asid=20903 it is harmless and not needing any action.

Kind regards,

John Santana
IT Professional

--------------------------------------------------

Please be nice to me as I'm newbie in this forum.

Brɨan 的图片

It is recommending to apply patches to your FTP software.

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

John Santana 的图片

Ah ok, so in this case it is the webserver in the SOlaris box that behaves erratically.

thanks for the suggestion.

Kind regards,

John Santana
IT Professional

--------------------------------------------------

Please be nice to me as I'm newbie in this forum.

Brɨan 的图片

I would make sure it is fully patched.

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

John Santana 的图片

yes, that's correct Brian.

Thanks for the quick response.

Kind regards,

John Santana
IT Professional

--------------------------------------------------

Please be nice to me as I'm newbie in this forum.

Brɨan 的图片

You're welcome.

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

Ashish-Sharma 的图片

HI,

 It's always Recommended you can apply latest Microsoft security patch apply.

Thanks In Advance

Ashish Sharma