mogobjah
Members-
Posts
19 -
Joined
-
Last visited
Everything posted by mogobjah
-
We have installed EFS for Linux on a Cent OS 7 web server and noticed that the CPU usage of "oaeventd" becomes too high, causing the server to hang and respond very slowly. Could anyone advice why is this happening and how can this be rectified? And is there any best practice on settings for EFS running on web servers? Thanks.
-
Endpoint Security Anti phishing non functional
mogobjah replied to cookieboy69's topic in ESET Endpoint Products
Are the new (fixed) v6.5 installers for ESET file security available? Kindly share the download links here. If NO, please provide ETA. -
Endpoint Security Anti phishing non functional
mogobjah replied to cookieboy69's topic in ESET Endpoint Products
Understand that ESET is working on this. Could you please indicate when can we expect to receive the second version of the patch that supports the rest of the affected versions? We need to provide customers a clear picture on this. -
Web and email protocol filtering is non-functional
mogobjah replied to mogobjah's topic in ESET NOD32 Antivirus
The given solution worked. Thanks. -
Web and email protocol filtering is non-functional
mogobjah replied to mogobjah's topic in ESET NOD32 Antivirus
Looks like the module reappears every time the PC is rebooted. Please refer below screenshots. Before reboot: After reboot: -
Web and email protocol filtering is non-functional
mogobjah replied to mogobjah's topic in ESET NOD32 Antivirus
Yes, i'm very sure the log was collected following execution of the command and a system reboot. -
Web and email protocol filtering is non-functional
mogobjah replied to mogobjah's topic in ESET NOD32 Antivirus
Hi @Marcos, i have tried your suggested solution, but the result is still the same. I have taken another set of logs for you, just in case. Kindly help to see into this problem. eav_logs.zip -
Web and email protocol filtering is non-functional
mogobjah replied to mogobjah's topic in ESET NOD32 Antivirus
Some updates: Same set of errors even after installing ESET Internet Security. But managed to collect the logs as per your instructions. Also, we have received reports that more customers are facing similar issue. eis_logs.zip Diagnostics folder.rar -
Web and email protocol filtering is non-functional
mogobjah replied to mogobjah's topic in ESET NOD32 Antivirus
Hi Marcos. The logs are attached. eav_logs.zip -
Our customer is currently getting the following error message: We upgraded the product from version 9 to the latest version (12.2.23.0). Even tried uninstalling and reinstalling the product from scratch, but the problem persists. Can anyone please help on this? I've taken ESET Log Collector logs from the endpoint, please let me know if its required, i will send it to you privately. Thanks.
-
Our customer is using ERA virtual appliance with Squid proxy instead of Apache HTTP proxy - because all traffic to internet has to go through an upper level proxy which requires authentication. We are not sure why, but most of the ESET clients are not receiving update files properly from the Squid proxy. Are you able to see any issue in the attached access log? I notice that there is no ".nup" files being downloaded. Any pointers is appreciated.
-
High CPU usage on ERA Virtual Appliance
mogobjah replied to mogobjah's topic in ESET PROTECT On-prem (Remote Management)
Any chance customer made some custom changes in VA configuration? No. The VA was setup based on the steps provided in the official guide. No additional configuration was applied to the VA. Scheduling own tasks or using WebMin for configuration? WebMin is currently enabled. any chance customer is using some outside connections to this VA? This may be possible, but im not exactly sure which command was executed. Currently the server is accessible from outside because they have some PCs in remote offices that they want to manage from the ERA console. For the external agents to communicate back to the server, i had requested the customer to open port 2222 in the firewall (at the time of deployment), but today found out that additionally, port 443 and 22 have been open as well all this while. Since SSH and HTTPS are not really required i have instructed them to close these two ports immediately. but have they tried to reboot it? If so, does this issue with strange "su" is there just after startup? We tried rebooting the server again today. After reboot, the process with "su" command went missing, but strangely another process showed up with command "route -n" with similar (high) CPU usage pattern. As a workaround, I would recommend to check what happens when this problematic process is killed. The customer has a policy of backing up VMs every month, so as suggested, i tried killing the process. Observed the server for a few hours and noticed that the process with high CPU usage is not recreated, but the memory usage keep increasing slowly. I will monitor this further and share the outcome here. -
High CPU usage on ERA Virtual Appliance
mogobjah replied to mogobjah's topic in ESET PROTECT On-prem (Remote Management)
Hi MartinK, as requested. The memory usage also keeps increasing over time since last reboot (yesterday). Fyi, the no of endpoints currently managed by the server is around 100. -
For some reason, our customer's ERA VA is showing high CPU usage. The VA is configured with 4 virtual CPUs and on average, the CPU consumption shows between 60-100%. But at times, i notice the usage can go up to 386%, which lasts for a few seconds (Refer screenshot). This is caused by a single process, and triggered by the command "su" (Refer screenshot). Any idea what this means, and is it normal to have this usage pattern? Very high CPU usage Average CPU usage
-
Agent installation error
mogobjah replied to mogobjah's topic in ESET PROTECT On-prem (Remote Management)
I'm attaching the traffic captured while the agent is being installed. Thanks. Server IP: 192.168.1.23, Client IP: 192.168.62.225 Agent.rar -
Agent installation error
mogobjah replied to mogobjah's topic in ESET PROTECT On-prem (Remote Management)
Hi, I'm using the latest ERA version 6.5 on a Windows server, not VA. And yes, it was set up by me. -
Hi, We are currently in the midst of ESET deployment, and while installing the agent program manually, we are receiving an error with the following message on some client endpoints: "Error occurred while receiving peer certificate (try to reconnect)." The affected client endpoints are able to ping the server and get a reply. And they could also establish telnet connection to the server via port 2222 and 2223 successfully. We tried using the "Offline installation" option instead, but still received an error of certificate password mismatch (Note: We did not set any password for all the certificates). We wonder what this error means, and why is it occurring on a few endpoints only, while other endpoints are able to successfully complete the Server assisted agent installation without any issue. Any help is highly appreciated.