kapela86
-
Posts
190 -
Joined
-
Last visited
Posts posted by kapela86
-
-
VA, I uploaded whole httpd directory because proxy settings are in proxy.conf.
And just to let you know, I changed CacheMaxFileSize and added that last ProxyMatch (it was in migration instruction)
-
-
ESMC uses this date format:
But Protect uses this:
How can I change it to be the same as in ESMC? Or to some other format?
-
It's not that, I had it on Automatic
I checked /var/log/httpd/access_log and there are lot of entries
[01/Dec/2021:13:38:47 +0100] "CONNECT epns.eset.com:8883 HTTP/1.1" 200 - "-" "-"
but no GET entries.
I disabled proxy in policy, after waiting a bit that notification is gone, so now we know that proxy is the culprit here. I didn't have it enabled on ESMC policies, I only changed it in Protect. I can live without it, but we have almost 90 computers in our LAN that use ESET, so I would like to start using proxy.
-
This was right after reboot, in event logs I see that exactly on 11:18:54 DHCP client started, so there was no network configuration at that time and probably after few seconds it received ip adress etc from dhcp server.
-
I rebooted PC immediately after enabling logging, and after reboot I ran my usual programs and waited few minutes for that notification to show up in ESET, then I disabled logging. I checked that zip and biggest files are
EpfwLog.pcapng
EsetProxyInner.pcapng
EsetProxyOuter.pcapng
EsetSslInner.pcapng
EsetSslOuter.pcapngBut never mind that, I captured logs on second pc, it's fresh laptop with almost nothing on it, logs occupy 92 MB, I attached them here.
-
It's 2.15 GB, even 1 day log
-
How do I upload them? Should I contact Technical Support, or can I upload it to our hosting and paste link here? Will link be visible to everyone or only to mods/admins? And do you need all 30 days, or just 1 day?
-
I noticed in Endpoint Security changelog this entry:
"Brute-force attack protection against password guessing for RDP nad SMB services"
Is this also implemented in ESET Server Security? If not, is it planned? -
After migrating from ESMC to Protect, when I create new all-in-one installer, in "Server hostname (optional)" is hostname of old server, not new one.
-
After migrating ESMC to Protect i pointed two computers to that new server, then updated them to 9.0.2032.2
On both computers I get notification that it can't connect to ESET Push Notification Service
I checked that outgoing TCP connections to port 8883 are allowed, I even checked it with nmap
-
Well, at least that's something. You could link to
-
And that's the problem, right there. You announce "ESET PROTECT 9.0.10 has been released" but there is no easy way to see what version I have installed. Why you don't put "package" version in about page?
-
It doesn't state that it's version "9.0.10"
I edited html in browser to show you how in my opinion it should show version information
-
I just installed ESET PROTECT 9.0.10 VA and in About page it doesn't show correct version.
-
I just updated from ESMC to ESET Protect and I'm very sad to see none of my requests got implemented. I asked about them more that a year ago:
-
I didn't find any documentation about this upgrading Virtual Appliance, so I'm asking here. Should I upgrade ESMC to ESET Protect using "Update product" from web interface? Or should I deploy new ESET Protect Virtual Appliance and somehow migrate everything from ESMC? I don't ant to lose anything (policies, task, etc).
-
Well, since it's running with system privilages then he can just get this list from
HKEY_USERS\[USER_SID]\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
I know that works only for users that are currently logged in, but it's still better than nothing and easy to implement.
-
Some applications allow you to install them only for current user, a good example is Microsoft Teams or One Drive. Information about them is stored in
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
Eset Agent probably doesn't report them to ESMC. Can you fix it so it also reports them?
-
8 minutes ago, MartinK said:
Currently it is not decided of the future, and even latest version is using CentOS7-based appliance, which is supposed to be supported until 2024 (i.e. much longer than mentioned CentOS8). We currently rely on fact that security patches are available, even for tomcat 7 which is part of official CentOS7 repositories.
Just out of curiosity, what would be your preferred Linux distribution for future? Asking as there is not many "free" distributions guaranteeing reasonably long support and stability of environment for future migrations.
If you want to stay with RedHat/CentOS, then maybe Oracle Linux?
https://linux.oracle.com/switch/centos/
I personally prefer Ubuntu, LTS versions are supported for 5 years. Debian LTS is also supported for 5 years.
-
On 12/9/2020 at 12:55 PM, Nono said:
I hope I'm falling on the right thread for this ..
Description: (Next) Up-to-date system to host the ESMC Virtual Appliance
Detail: The ESMC Virtual Appliance is running under CentOS 7 with some higly outdated software (like tomcat 7 among others).
What's the plan for the next virtual appliance version, knowing the recent information about the End Of Life of CentOS in 2021: https://www.cyberciti.biz/linux-news/centos-linux-8-will-end-in-2021-and-shifts-focus-to-centos-stream/ ?
They just released ESET PROTECT, it's essentialy a renamed ESMC v8. I don't know what version of tomcat it uses.
https://help.eset.com/protect_deploy_va/80/en-US/?va_upgrade_migrate.html
-
-
-
I had the same situation and our sales partner said that it can't be done this way, I mean generate new license and then deactivate old one after some time when every seat is reactivated. Only way to do this is generate new license and the old one is instantly deactivated.
Endpoint Security can't connect to Push Notification Service
in ESET Endpoint Products
Posted · Edited by kapela86
It's not displayed in ESET Protect, it's displayed in Endpoint Security. Although it's probably sent to Protect.