Hi,
We are using Add Subject Prefix for every incoming e-mail (Adding "[EXTERNAL]" prefix,
We have noticed that on e-mails with "long" subject, Not clear why on some e-mails it happens, some it doesnt:
example (Also as seen on the client):
With the Problem: [EXTERNAL] Bea Alonso Takes the Lead of Dale t’s Global Product Marketing Group
Without the Problem: [EXTERNAL] BT Sport and Samsung kick-off 8K sports broadcasting in the UK
Any Ideas?
↧
Space is added in the middle of subject when "Add Subject Prefix" is being used
↧
Application names keep changing
Lately I've been getting a number of firewall prompts that seem to relate to the same application. On closer inspection these are different versions of the same application that have been unbundled into a temporary directory prior to running. The worst of these is the Visual Studio Background Updater, which generates a new name on every invocation, but there are others with different application paths depending on product version.
I want to allow these, but the endpoint it connects to can vary, so I'm having to allow a different communication several times a day. It's made worse by the firewall dialog which truncates the path name, and hides the fact that these are all in temporary directories.
My suggestion is that the application file name be permitted to include wildcards or regular expressions so that the variable part of the name can be accomodated.
I also suggest that the checkbox on the firewall dialog that allows 'edit before save' should be visible all the time rather than just in the 'advanced' part.
↧
↧
ESMC language problem
Hello,
i have a problem with language. As in screenshot below one thing is in english, second in portueguese. I want to have it in english, but how to change it?
↧
ESET server, packet discards, and large amounts of traffic
I'm a network engineer trying to figure out why our ESET server is seeing a large amount of discarded incoming packets. It's also see an unusually large amount of traffic for what I've been told is only doing anti-virus. For example, Monday at 9pm local time through Tuesday at noon, I see incoming traffic of a little over 600GB. Currently, every time I do a packet capture at our firewall looking at incoming traffic to this server, I see a pretty constant inbound stream. It's trying to download a file called update.ver.signed over and over again. Sometimes, this download results in an HTTP error code 401 (authorization required).
↧
EDR Compliance question
I have customer who is doing compliance and they need to see if they are EDR compliance using our ESET products.
They have ENDPOINT AV + File Security. I googled EDR and ESET and it comes up mentioning ESET Enterprise Inspector.
To be fully EDR compliant do you have to have this specific product called ENTERPRISE Inspector or does the ENDPOINT AV provide this protection?
↧
↧
Server Database Creation Fails During Installation
We're running Centos7 and Mysql 5.7.28 on Amazon RDS. Local mysql odbc client version is currently at 5.2.7, but receive the same error with 5.3.10.
I'm showing this error during the installation:
Stopping service... Creating database ... failure
The log explains further:
2020-03-12 03:17:34 Information: Leaving function: void Era::Setup::Common::CustomActions::CDatabaseWrapper::ExecuteScriptsInDirectory(const string&, const string&)
2020-03-12 03:17:34 Error: Statement execution failed. Code: 0. Error: GetServerUuid: failed to get server uuid. File: /tmp/tmp.7SrkMD9FKp/setup/Database/MySQL/SetupScripts/Install/2_do_install.sql. Statement: ERA_EXECUTE StoreStaticObjectPresets...
...
2020-03-12 03:17:34 Information: Installer: Failed creating database.
2020-03-12 03:17:34 Information: Installer: Error: 2543: Error occurred while creating database
Has anyone seen this error before? Is there some sort of database configuration (character set, collation, etc.) that we're missing? Appreciate any suggestions on next steps.
↧
Update about ESET AV Server Internet Traffic Utilization
Dear Sir,
Our below customer are facing some issue in eset. Kindly check it & try to resolve as soon as possible.
1) as per client said that eset all client are getting updates direct from internet (Not ERA).
As per client said Eset updates get daily more than 7 GB
Sophos firewall report send with attachment. please download and check it.
2) Client want to updates only from local server.
3) Customer want to direct delete Quarantine files (Not by Task.)
We create 4 Update server, Now client pc get update but give as per below error message
Product Update Failed
Unauthorized Access.
↧
ESMC Agent Setup ended prematurely
Dear All,
During the installation of ESMC Agent we encountered the error below , please advise on a workaround
Server Info during agent installation
Windows server 2012 R2 64bits OS
Exchange server
Kindly find attached document for ESET Log Collector log
emsx_logs.zip
↧
DPM buckup error
Dear Support!
DPM backup is running error most times because of ESET real-time check.
It doesn't fail unless real-time checking is turned off
Windows server 2016
Eset version: 7.1
Best Regards!
↧
↧
Alerts reported in ESET RA - "Product is not connected. No connection attempt occurred."
I see these alerts being triggered frequently in ERA referring to Linux servers. Considering last connected time of host and current status of hosts. As part of daily operations we use to implement client tasks for the hosts which are being triggered. Found the update task to fail with reason to be “Failed to start the task”. In process of finding the root cause of this alerts we have found one thing in common i.e., Dynamic Product activation to be Failed.
I believe this might be the reason for Product is not connected to ERA agent.Is it Correct?
I think as far as the issue is concerned we need have clear idea of below mentioned:
The current status of host needs to be known.
Need to verify that ESET product is actually running on those devices?
Getting more info through Agents Trace logs from the affected devices only if found reachable.
If we think Product activation solves the purpose. I need a clarification for below –
After the product activation task is done –Is it required to reboot the Host to complete Activation process??
If this is the case the hosts for which we are facing the current issue are found reboot to be disabled. What is the thing we can do to complete activation process??
And one last question is it required again to run client task(Module update) towards the hosts whose product activation is done??
↧
ESET Endpoint Antivirus para Linux 7 BETA
Hello people
Can you take a doubt?
Who has the ESET NOD32 Antivirus 4 Business Edition for Linux Desktop version within the 01 year validity period will be able to automatically upgrade to ESET Endpoint Antivirus version for Linux 7 when it is finished?
Is this BETA version possible to install on ArchLinux? If so, what are the commands for installation?
I thank you for your attention
Serial.com
↧
F.I.P.S. 140-2
Hello
Ok. So I guess there's a difference between Cryptographic Module Validation and Cryptographic Algorithm Validation.
The DESlock & ESET Endpoint Encryption algorithms are certified.
This makes sense now.
Thanks for your time.
Sincerely
Richard Kraus
PS No, I'm not quite sure this does make sense yet. If you've got the algorithms certified then where is the module certification?
On the DESlock website (https://www.deslock.com/fips_140-2.php) the following is explained:
"Products to be validated to the FIPS-140-2 standard are evaluated and tested by the Cryptographic Module Validation Program (CMVP) which is jointly operated by NIST in the US and the Computer Security Division of the Canadian Government."
But this seems to not apply to you. You only have validation from the Cryptographic Algorithm Validation Program as noted here: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#790
So really, if the DESlock website is right about how the standard works, your product isn't actually F.I.P.S. 140-2 validated. Note the quote below from the DESlock website.
"A cryptographic module must meet all the standards of FIPS-140-2 including the standards for algorithm implementations before it is validated as FIPS-140-2 compliant."
So if DESlock is right, then the ESET website, as noted below in the Original Message, may not be properly advertising their validation standards. Because if you have the Algorithm validation but don't have the Module validation, then you're not "Fully validated" F.I.P.S. 140-2 compliant because "all the standards" haven't been met.
As noted previously, all attempts to search the Cryptographic Module Program have yielded no results. Search term 'des'. Search term 'eset'. Etc.
edited 8:01pm P.S.T., U.S.
---2nd Message Below---
Hello
So I tried to make the message below this one to get help to find the N.I.S.T. document.
Then I got a really great Google search hit. That took me to the DESlock website. Here: https://www.deslock.com/fips_140-2.php
...where supposedly the F.I.P.S. Certificate is posted. Here: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/certificates/140crt1258.pdf
So great, right? Yay.
Or maybe not?
In the N.I.S.T. archive....all the information copy and pasted below here:
Triple DES - Validation number 790 hxxp://csrc.nist.gov/groups/STM/cavp/documents/des/tripledesval.html
AES (Advanced Encryption Standard Algorithm) - Validation number 1042 hxxp://csrc.nist.gov/groups/STM/cavp/documents/aes/aesval.html
SHA (Secure Hash Algorithm) - Validation number 992 hxxp://csrc.nist.gov/groups/STM/cavp/documents/shs/shaval.htm
RNG (Random Number Generators) - Validation number 593 hxxp://csrc.nist.gov/groups/STM/cavp/documents/rng/rngval.html
Cannot be found. The PDF of the Certifacte itself says it's certificate No. 1258.
Not a thing in the archive. 1258 is missing. So is 790. So is 1042. So is 992. So is 593.
Not only does it not show them on the list of validated certificates when "Show All" is selected. It returns the text below when you specifically search for them.
"No certificates match the search criteria"
Please explain this, or get in touch with me about this.
Thank you very much.
Sincerely
Richard Kraus
edited 6:56pm P.S.T., U.S.
----Original Message Below---
Hello
General question.
I'm a customer, if that makes a difference. I have ESET Endpoint Encryption, and I think I subscribe to the Regular ESET antivirus service.
I'm wondering about the F.I.P.S. 140-2 encryption standard for ESET Endpoint Encryption.
The ESET website says that the Encryption product meets this standard.
On this webpage (https://www.eset.com/us/business/endpoint-security/encryption/) it says (copy & paste) "Fully validated ESET Endpoint Encryption is FIPS 140-2 validated with 256 bit AES encryption."
Ok. Great.
But on the National Institute for Standards in Technology (N.I.S.T.) website (link below to the relevant search portal), I can't seem to find either ESET or Deslock in the Cryptographic Module Validation Program archive. It's my understanding that this is where F.I.P.S. 140-2 validation takes place.
N.I.S.T. link https://csrc.nist.gov/projects/cryptographic-module-validation-program/validated-modules/search
Please assist. Please explain.
Thank you very much.
Sincerely
Richard Kraus
3/12/2020 @ 6:23pm P.S.T., U.S.A.
Edited at 6:33pm
↧
New Version: 7.0.13.0 ESET Business to Linux
Hello Eset Team
I'll rephrase the question
Please!
This version Filename: eeau.x86_64.bin | File size: 235 MB | Version: 7.0.13.0
replaced this one:
Filename: ueavbe.x86_64.pt_br.linux | File size: 100 MB | Version: 4.0.93.0,
If so, how to migrate. https://www.eset.com/us/business/endpoint-security/linux-antivirus/download/ being within the effective period of 01 and if possible.
It got a little confusing for me and I look forward to an answer if possible.
I thank you for your attention
Serial.com
↧
↧
Peer certificate is invalid
Hi I have about 40 pcs that shows me this error
Peer certificate is invalid
What should I check?
Server:
ESET Security Management Center (Server), Version 7.1 (7.1.503.0)
ESET Security Management Center (Web Console), Version 7.1 (7.1.393.0)
Clients:
Agente 6.5.522.0
ERA 7.1.2053.0
------
I made that update in July last year and had to update all the clients win7 and XP manually
At the time create a completely new server from 0.
this is the status.html3
Scope
Time
Text
Last authentication
2020-Mar-11 11:26:49
Enrollment OK
Last replication
2020-Mar-11 11:26:50
ERROR: InitializeConnection: Initiating replication connection to 'host: "192.168.0.100" port: 2222' failed with: Request: Era.Common.Services.Replication.CheckReplicationConsistencyRequest on connection: host: "192.168.0.100" port: 2222 with proxy set as: Proxy: Connection: 192.168.0.54:3128, Credentials: Name: gaston, Password: ******, Enabled:1, EnabledFallback:1, failed with error code: 14, error message: Connect Failed, and error details:
Replication details: [Task: CReplicationConsistencyTask, Scenario: Automatic replication (REGULAR), Connection: 192.168.0.100:2222, Connection established: false, Replication inconsistency detected: false, Server busy state detected: false, Realm change detected: false, Realm uuid: c9571c4d-bc84-11e9-9313-1a4868efc0ac, Sent logs: 0, Cached static objects: 53, Cached static object groups: 10, Static objects to save: 0, Static objects to delete: 0, Modified static objects: 0]
All replication attempts: 33123
Last successful replication
2020-Mar-09 11:02:49
OK
Successful replications: 30217
All replication attempts: 30219
Connection: 192.168.0.100:2222
Scenario: REGULAR
Peer certificate
2020-Mar-11 10:59:49
Error
Agent peer certificate with subject 'CN=Agent at *, C=US' issued by 'CN=Server Certification Authority, C=US' with serial number '018437f343bd744248ba7128a7e21ba08501' is invalid now (NodVerifyTrustResult: 42, NVT_NotTrusted, X509ChainStatus: 0x10000, X509CSF_PartialChain)
Peer certificate may be valid but can not be verified on this machine
Check time validity and presence of issuing certification authority
Product
2020-Feb-17 11:29:38
Product install configuration:
Product type: Agent
Product version: 7.0.577.0
Product locale: en_US
Replication security
2020-Mar-11 11:26:50
OK
Remote host: 192.168.0.100
Remote product: Server
I have not changed any certificate not in clients or servers, I have only run updates for the server through the console
↧
latest version for Windows XP??
Hello, the latest version for Windows XP operating systems through SMC is version 6.5.2132.6 ???
↧
AD Synchronization problem
I have updated ESET Remote Administrator 6.x.x to ESET Security Management Center (Server), Version 7.1 (7.1.503.0)ESET Security Management Center (Web Console), Version 7.1 (7.1.393.0) .
and also update the Centos 6 to Centos 7 (ERASERVER)
Since then i was unable to run task to Sync User form Active Directory Server.
I was checking some configuration and find out my ERASERVER was unable to join to my domain. After a few reaserch i have manage to join the ERASERVER to my domain.
So i try to run the User Synchronizacion task again but i have a problem with LDAP and can't figure it out how to solve it.
↧
all-in-one installer product list missing
Hi:
I just install a new ESMC 7.1 server and create all-in-one installer to deploy. after testing, I found it didn't activate automatically. so I think maybe something wrong. I delete the installer and create a new one. then I am surprised that I can't find the product (endpoint antivirus) any more. only some products I don't need show at the list ( as attached). how can I refresh the product list so I can find the product I need?
↧
↧
VPN connection problem with Endpoint Antivirus
Hello,
We're using ESET Endpoint Antivirus version 7.2.2055.0 (older 7.x versions affected too) and have random problems while connecting to our corporate Watchguard VPN. If I delete ESET completely, VPN is working OK. I added two vpn exe modules to to "Protocol Filtering" - "Excluded applications". I added our VPN IP address to "Protocol Filtering" - "Excluded IP addresses". I added also vpn address to "allowed url list".
Nothing helps, what else can be done?
↧
ESET Endpoint Solutions on MacOS not installing with epi_mac_live_installer.pkg
Hello,
My company gave me an epi_mac_live_installer.pkg to install ESET on my Mac, (Mac OS Catalina), and I can't finish the installation.
The process ends with "installation a échoué" (sorry I am French ^^), and that's all.
Something interesting : I have ESET Endpoint Security and ESET Remote Administrator Agent installed, but not functioning.
I can found some logs on my Mac related to ESET installation, but I'm not sure if it's OK :
eset_daemon :
Exception Type: EXC_BAD_ACCESS (SIGSEGV)
Exception Codes: KERN_INVALID_ADDRESS at 0x0000000000000158
Exception Note: EXC_CORPSE_NOTIFY
Termination Signal: Segmentation fault: 11
Termination Reason: Namespace SIGNAL, Code 0xb
Terminating Process: exc handler [6017]
eset_gui :
Exception Type: EXC_BAD_ACCESS (SIGSEGV)
Exception Codes: KERN_INVALID_ADDRESS at 0x0000000000000030
Exception Note: EXC_CORPSE_NOTIFY
Termination Signal: Segmentation fault: 11
Termination Reason: Namespace SIGNAL, Code 0xb
Terminating Process: exc handler [5459]
Or, in system log :
Mar 14 16:59:33 MacBook-Pro com.apple.xpc.launchd[1] (com.eset.remoteadministrator.agent): The RootDirectory key is not yet implemented. If you rely on this key, please file a bug.
Thanks for your help !!!
Vivien
PS : I wanted to open an issue, but I can't find my case in the form 😕 (there is not Mac OS on OS list)
↧
all-in-one installer with policy can not activate
hi:
I try to create endpoint antivirus all-in-one-installer which can activate automatically. after try and error, I found if I include endpoint policy or agent policy with the installer, then the installation can not activate. only installer without any policy can activate automatically.
is this a known issue or I miss something important?
↧