Jump to content

Lockbits

Members
  • Content Count

    42
  • Joined

  • Last visited

Profile Information

  • Location
    Chile

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Thank you for all your help. I sent all the information you provided me to the customer. I really appreciate this.
  2. I'm uploading the files and I'm going to send you the URL via a private message. What's very strange is that almost all firewall alerts came from IPs that starts with 169.....
  3. Hello guys, Today I got some ESET Log Collector of two suspicious computer. One of them has many ARP poisoning attacks detections in firewall log. Can you check them? I analyzed the SysInspector logs and all looks pretty normal for me. Thank you. ees_logsCGonzalez.zip
  4. Hi itman, Thank you for your feedback. Tomorrow we’ll visit the customer in order to get the logs and necessary data.
  5. Hello guys, We've a customer that is experiencing the following issue. From today some switch are crashing due to a high amount of ARP traffic. They blocked some ports but the problem continued with others ports. Coincidentally there're some computers that are running EES and have some ARP Poisoning attacks recorded in log. Indeed one of them have such firewall detection every day. We are requesting from them some ESET Log Collector of the computers that have this firewall detection in order to see if there's something suspicious. In your experience, can a malware cause high amount of ARP traffic that led switch to crash? Thank you.
  6. Hello guys, We need to activate an EFS installation using eShell. It’s a Windows Core without any type of GUI. Whats is the command? We can’t find it. Thank you.
  7. Hello guys, We've a lead that is evaluating EFS 7 with ESMC. The problem is that there're still a few Windows Server 2000 that they can't upgrade at this time. Is there any possibility to use EFS 4.x and Agent 6.x in Windows Server 2000? The idea is to protect and (in second priority) the option to control the system using ESMC. Thank you.
  8. Lockbits

    ESMC and connections every second

    Thank you Patrik, explanation sent to customer. Best regards, André
  9. Hello guys, A customer is asking us why ESMC console is generating connections every second to ESET. Please see screenshot. What explanation can we give to them? Thank you.
×