skello
Members-
Posts
14 -
Joined
About skello
-
Rank
Newbie
Profile Information
-
Location
USA
Recent Profile Visitors
661 profile views
-
Unistall Agent with command line
skello replied to baran's topic in ESET PROTECT On-prem (Remote Management)
Was looking for this! -
Description: When running the uninstallation task there is an option for "Uninstallation parameters" Detail: Can we please change the "Uninstallation parameters" line when running an uninstall from the protect server to "Uninstallation Password" since the only "Uninstallation parameters" are "PASSWORD=", at least from what Sue E. has confirmed for me through support chat.
-
She gave me a link to the wrong product, please ignore moving to the on-prem product.
-
Solved!! Not entirely sure what I did differently but I simply recreated a new policy, making sure to select EXACTLY the same settings that I did the 12 previous times. This time it just worked. It's possible that it's working because of the newest updated agent and this cleared some kind of cache? However I do notice on the agents that I have now installed with active working reports that they have a new folder for the cert.
-
skello reacted to a post in a topic: Chrome being blocked
-
Best practice server/client policies.
skello replied to Monster's topic in ESET PROTECT On-prem (Remote Management)
Generally you have a default policy for your organization, then you customize an additional policy per site/location that appends the default policy. Hope this was the info you were looking for. -
skello reacted to a post in a topic: ESET Enterprise Inspector for Linux (Agent)
-
skello started following Missing or invalid SSL certificate or certificate authority
-
Two EI agents in one location, I have one agent that is communicating correctly and another agent that is displaying "Missing or invalid SSL certificate or certificate authority" they are in the same network, same everything. I used the same installer yet this error will not go away. Anyone have any suggestions on next steps? I've tried re-creating the SSL but no luck. Both used same method of installation from ESMC Protect console. Excerpt from logs on agent with no errors: 2022-02-14 10:43:39 00290 Info: Events sent successfully to ***.*******.****.com:8093. Server responded with 200 status code in 0s054ms. 2022-02-14 10:44:19 00e3c Info: Received (Agent.ServerAddress:***.*******.****.com) from ESMC 2022-02-14 10:44:19 00e3c Info: Received (Agent.ServerDataPort:8093) from ESMC 2022-02-14 10:44:19 00e3c Error: Failed creating certificate authority file: *.***.*******.com 2022-02-14 10:44:19 00e3c Info: Unable to apply part of configuration policy 2022-02-14 10:44:19 01d50 Info: Enabled additional hashes for: SHA2_256 2022-02-14 10:44:19 01c84 Error: Error while sending control request to server at "***.*******.****.com:8093". read: A blocking operation was interrupted by a call to WSACancelBlockingCall [system:10004] 2022-02-14 10:50:34 01278 Info: Events Statistics, From:, 2022-02-14 10:43:34, To:, 2022-02-14 10:50:33, Duration (s):, 419, Events Per Second:, 5.578, Events:, 2337, File:, 190, Registry:, 512, TcpIp:, 0, Http:, 0, Dns:, 0, Process:, 310, Injections:, 0, Dll:, 58, Traffic:, 0, Info:, 1, Metadata:, 63, Livegrid:, 63, OriginUrl:, 0, Alarms:, 0, UserActivity:, 738, Wmi:, 388, Scripts:, 0, ExeDrops:, 0, OpenProcess:, 14, TrafficSize:, 0, TrafficInterval:, 0, Executions:, 0, Subprocesses:, 0, Connections:, 0, Batch Size (bytes):, 153907 2022-02-14 10:50:35 00290 Info: Events sent successfully to ***.*******.****.com:8093. Server responded with 200 status code in 0s056ms. Excerpt from logs on agent with errors: 2022-02-14 12:58:34 01130 Info: EI and Endpoint integration has been successfully enabled 2022-02-14 12:58:35 01310 Info: Received (Agent.ServerAddress:***.*******.****.com) from ESMC 2022-02-14 12:58:35 01310 Info: Received (Agent.ServerDataPort:8093) from ESMC 2022-02-14 12:58:35 01310 Error: Failed creating certificate authority file: *.***.*******.com 2022-02-14 12:58:35 01310 Info: Unable to apply part of configuration policy 2022-02-14 12:58:35 01130 Info: Certification authorities found in CA store: 2022-02-14 12:58:35 0123c Info: Enabled additional hashes for: SHA2_256 2022-02-14 12:58:35 01130 Info: EIAgentSvc has started 2022-02-14 12:58:35 01b88 Error: Error while sending control request to server at "***.*******.****.com:8093". certificate verify failed (SSL routines, tls_process_server_certificate) [asio.ssl:337047686] 2022-02-14 12:58:35 01bfc Error: Error while sending request to server at "***.*******.****.com:8093". certificate verify failed (SSL routines, tls_process_server_certificate)
-
Works just fine after reinstall. Not sure what broke, what caused this to get blocked but other browsers worked fine. Anyone else having this issue as well?
-
Have one device that has chrome blocked entirely. Disable firewall works fine. There were no rules, nothing added special to this device. I reset device back to default and still wouldn't allow chrome access. Just uninstalled ESET 8.1.2031.0 from the device, tried to access chrome and no issues. Going to reinstall 8.1.2031.0 and test from same device. Users do not have access to add in rules so this wouldn't have been added by the user. Any insight from others? Also, this is being typed in Chrome from a device in the same group, same policy setup and everything as the device that was being blocked.
-
Email message in Outlook changed to draft by ESET
skello replied to kevint8's topic in ESET Endpoint Products
This has been going on for about 3 months for my company. We have to make sure we disable the ESET plugin to stop this from happening. We still haven't found a fix.