Endpoint Protection

 View Only

  • 1.  LiveUpdate Server - FakeNews.com?

    Posted Sep 27, 2018 03:20 PM

    Hi all,

    I just joined a project at a university where SEP is being used on a windows server 2008.  I'm not sure how things were managed previously but the below appears in the LiveUpdate Status.  I am continuing my search through the forums but figured I would post anyway.  The fakenews.com part is what throws me.  

     

    Initializing...
    Connecting to fakenews.com...
    Failed to connect to the LiveUpdate server.

    Session summary: 0 update(s) available, 0 update(s) installed.
    LiveUpdate session is complete.
     

    Thanks



  • 2.  RE: LiveUpdate Server - FakeNews.com?

    Posted Sep 27, 2018 05:28 PM

    Never saw that before. May want to engage support.



  • 3.  RE: LiveUpdate Server - FakeNews.com?

    Posted Sep 28, 2018 12:22 AM

    Hi Islander516,

    Would also be a good idea to have a look at the hosts file, and also whatever DNS the server is pointing to.  Possibly someone has tampered with these for whatever reason.....you are in a Uni, so plenty of would-be hackers :)

    Fakenews.com is a real site, although obviously not a LiveUpdate server.

    Hope this helps,

    Steve



  • 4.  RE: LiveUpdate Server - FakeNews.com?

    Posted Sep 28, 2018 06:15 AM

    Hi Islander516,

    Just as a first reaction, I have to agree with Systems Team's instincts.  Sounds like someone has altered the configuration in order to play a prank.  I recommend getting in touch with the admin who manages SEP at the university and asking them to look into it.  It's important that LU is functioning correctly to deliver all the latest protection signatures.   



  • 5.  RE: LiveUpdate Server - FakeNews.com?

    Posted Oct 03, 2018 08:14 PM

    Thanks all, 

    I'll update if anything interesting is found.

    Hosts file doesnt have anything entered aside from comments.