Jump to content

ewong

Most Valued Members
  • Content Count

    176
  • Joined

  • Last visited

  • Days Won

    1

ewong last won the day on December 13 2018

ewong had the most liked content!

Profile Information

  • Gender
    Not Telling
  • Location
    Hong Kong

Recent Profile Visitors

995 profile views
  1. @Rami nope. I don't have a full disk; though not sure how I can find out if it is blocked. I mean, it downloads to 63% so it is downloading (*I think*); and if it was blocked (for some reason), wouldn't it have complained about it at the beginning? Going to try to do a packet tracing and see what's going on. Thanks Edmund
  2. It shouldn't be a problem since eventually, the computer's agent will reconnect with the ESMC. :ewong
  3. Well, I feel a bit dense, even with the information provided. It's my understanding that the command you ran was on the AWS instance and not your workstation (or whereever you access this AWS instance). Is the ESMC server behind a firewall? If so, do you happen to have the correct port-forwarding rules? If it's a system directly connected to the Internet requiring no firewall, then check the ESMC system's firewall. If it's a windows system, check the incoming port allowances. If it's a linux ESMC system, check for selinux and iptables rules. Edmund
  4. Just updated the MirrorTool and while the repo creation worked, the updates still fail as shown below: ============= UPDATES MODE ========== Mirror Tool, Copyright (c) ESET, spol. s r.o. 1992-2019. All rights reserved. Creating mirror for product: ep6. Mirror type changed to regular Initialization Initialization finished Perform full mirror started Update status for product 'ep6' changed to: Preparing structures and analyzing Downloading file: update.ver.signed. Downloaded: 100 % Downloading file: update.ver. Downloaded: 100 % Update status for product 'ep6' changed to: Downloading files Downloading file: em023_32_r0.dll.nup. Downloaded: 92 % Update status for product 'ep6' changed to: Updating Downloaded: 100 % Update status for product 'ep6' changed to: Finished Perform full mirror finished Uninitialization Uninitialization finished Creating mirror for product: era6. Mirror type changed to regular Initialization Initialization finished Perform full mirror started Update status for product 'era6' changed to: Preparing structures and analyzing Downloading file: update.ver.signed. Downloaded: 100 % Update status for product 'era6' changed to: Downloading files Downloading file: em045_64_n15.nup. Downloaded: 100 % Update status for product 'era6' changed to: Updating Downloaded: 38 % Update status for product 'era6' changed to: Finished Perform full mirror finished Uninitialization Uninitialization finished Error: Perform full mirror failed with error: Undocumented serious error. Error code is: 4122 Error occured.
  5. The first thing to check to see if the server's firewall has that port blocked. :ewong
  6. Hi, Where is this being shown in? The agent installation log or somewhere else? What operating system does this AWS instance run on? :ewong
  7. In theory, once the PCs have gone through the GPO software install, I believe they keep track of the agent 'version' and won't install it again unless you updated the GPO policy. Installing software from ESET's repository requires access to the internet. But since you've already gotten them deployed, I guess all's well. Edmund
  8. Related to basically, it's the following query: delete from dbl_tags_zig; I'm assuming that's the same issue; if so, then yeah the above query should work (assuming that you don't have any existing tags). I didn't, so I was able to delete all the entries. Edmund
  9. As I only have that log line to go by the following is just a guess. Since it's an eset.com system, it's external and therefore, the first suspect would be the firewall rules (either the windows firewall, or your corporate firewall). Edmund
  10. If I understand this correctly, the offsite IT team changed the names of the systems and I would further assume they modified the DNS to reflect the changes? First and foremost, take a gander at the logs for the agents to see why they can't connect to the server. (I'm assuming the IPs stayed the same). My guess is it's a certificate issue. I think the simplest way (as far as I can understand, though I'm sure ESET admins have a better idea) Add a CNAME (old name of esmc server) to the dns to have the agents connect to the new name. Generate a new set of certificates (CA, Server and Client) and create a new set of policies to apply the new certs to the agents. What this does is have the agents find the 'new-name' server via the 'old-name', connect to it (since they are using the old-system certificates). (Here's the part where I'm not sure if things are going to work well). Once connected, the new policies will ensure the new certificates get applied to the new agents/servers. I guess, worse comes to worst, you'd re-do the whole shebang (but that's a very tedious way). Edmund
  11. Thanks @MichalJ, will wait for the next version.
  12. Most likely those policies that affect the firewalls (either ESET Security or Windows). Methinks you'll need to check whether or not any of the ports are blocked as mentioned in here. Edmund
  13. Hi, While trying to figure out the "Anti-phishing protection is not function" issue for a client workstation, I was checking its configuration via "Request Configuration" and found out that if I selected the Agent's configuration, I have no way of going back to check the AV configuration. Steps to reproduce: Select a client's Configuration tab Click on "Request Configuration" and wait a bit There are two configurations listed, the agent and the AV. Select Agent and click Open Configuration. Now there's no way to select the AV configuration. It's literally stuck in the Agent's configuration even if I click on Request Configuration again. I'd have to go back to the Computers list, click refresh, then go back into the client's entry and click on configuration. Then it'll show the list of configurations. Am I missing something? Thanks Edmund
  14. I would assume that since the authentication is via AD, I'm assuming you've set the permissions to specific AD users and you've somehow changed the permissions for the currently logged in user. Check the permissions for the currently logged on user to see if you've disabled/removed any permissions. (Just a suggestion) Edmund
  15. Hi MartinK, It's not that the updates are missing and I do apologize for not explaining properly. I meant that you send an update operating system task to the client, and it would ignore it and would say it succeeded. That said, I've been playing around with this task on some systems and have noticed that it isn't even obvious that the system is updating until it reboots itself. Not even in the Control Panel -> Windows Update does it show it is updating. It just shows that there are x amount of updates not yet installed. Which sparked my confusion. What is seemingly happening is it's updating behind the scenes without even notifying the Windows Update dialog. I'm still wondering if that's a good thing or a bad thing. But just as long as they're updating.. I should be a happy camper. Sorry for the false report. Edmund
×
×
  • Create New...