Jump to content

tmuster2k

Members
  • Content Count

    329
  • Joined

  • Last visited

  • Days Won

    1

tmuster2k last won the day on June 30 2016

tmuster2k had the most liked content!

Profile Information

  • Location
    USA

Recent Profile Visitors

2,684 profile views
  1. @MartinK I know the easy way is through the GUI but per my post I mentioned there are some instances of ERA 6.5 OVA that do not have this and it is likely because the previous version they had (example OVA 6.2) never came with this and when they did components upgrade it did not bring it over. Also I would like to know this command because the OVA MDC Appliance also does not have option to backup database and I was wondering if there is easy command to accomplish this.
  2. Wanting to do a Database Backup and Restore to new ESMC OVA. The ERA 6.5 I am trying to backup does not have the "Backup Database" option on the console window. This was likely a 6.2 or 6.3 appliance that got upgraded but none of the other items that should be there for ERA 6.5 OVA. Is there a way to backup the current database via terminal window to a file and then I will move it over to the new Appliance. If I move it to /root/era-backup.sql when I do the Database restore will it see it and bring in the raw data to new ESMC OVA?
  3. I want to be able to use the built in report in ESMC called "Outdated applications" but need to know what users are currently logged in that are on that version. When I go to Data or filter there is no option to add USER >> User Name. Is there something missing or this is not possible to do with the report and can only filter by Static Group Name?
  4. Wanting to run the Windows Update task in ESMC to run on the 2nd and 16th of each month. Any help on setting up this trigger would be helpful.
  5. Why is a duplicate ip address detection being flagged as >> Rule/worm name;Application;SHA1;User?
  6. getting this detection on all endpoints >> Rule/worm name;Application;SHA1;User 10/15/2020 4:36:11 PM;ARP Cache Poisoning attack;Blocked;10.4.2.1 [00:09:0f:97:54:78];10.4.2.1 [00:16:6c:9a:0d:25];ARP;;;0000000000000000000000000000000000000000; Time;Event;Action;Source;Target;Protocol;Rule/worm name;Application;SHA1;User 10/12/2020 11:58:26 AM;Duplicate IP addresses on network;Blocked;10.4.2.1 [00:09:0f:97:54:78];10.4.2.1 [00:16:6c:9a:0d:25];ARP;;;0000000000000000000000000000000000000000; NOTE: the 10.4.2.1 is the IP Address of the router. Is this likely a false det
  7. I did not see specific category for ESET Secure Authentication so I am posting here. Using ESA management server and RDP on a Windows Terminal server. Customer connects multiple RDP sessions to this server using Microsoft (CAL) Client access license that allows to connect 25 machines to server. https://support.hostway.com/hc/en-us/articles/360002191484-Microsoft-RDS-Client-Access-Licenses-CALs-#:~:text=A client access license (CAL,an RDS CAL is needed. With ESA installed, only 2 machines max can connect to this server using the ESA 2fa. If the ESA core service is stopped then more machine
  8. I was wondering if ESET is planning on changing the way upgrades are handles for ENDPOINT AND FILE Security products for Windows. Is it possible to make an upgrade over the top without the restart? I have many customers who bypass the REBOOT option via upgrade tasks in ESMC. Some of them forget about the restart and then have many machines in the pending reboot status with modules in NON-Functional status. Question. In this pending reboot status are the machines vulnerable to malware? I tested one of the machines in this non-functional status after upgrade and it was not picking up Eicar test
  9. When using Web Control and implementing GROUP 1 has the category "NOT Categorized" checked by default. One of my customers who used this recently was then blocked out of just accessing his internal VSPHERE console. When you hit the drop down on this it just says "Not categorized" where as other categories give you details and items you can trim down. Question is what does this very generic category block and why is there no details on it when you hit the drop down for it? What purpose does this category offer?
  10. I have noticed that with ESMC the Show Details >> Users section is hit or miss when showing users. Even when I have confirmed user is logged in (tried domain admin login and standard user) and rebooted machine multiple times but same. Did multiple wake up calls and still does not show. Not sure why some computers will show and some do not.
  11. The ESET alert is coming up on any web site that is visited by end users not just this one which is not even a web site. Seems to be some kind of test of PROXY server maybe. When I am testing the ESET Proxy when troubleshooting one of the tests is for example >> hxxp://esmcserver:3128/index.html and it comes up with "IT WORKS' when PROXY is enabled and working.
  12. Customer of our is getting "Untrusted Certificate" for ssp.meba.kr. I looked up on digicert and output was found below. if you go to that server it reports back "IT WORKS". IS this possibly coming from an ADD-ON in Internet Explorer? This just started happening today. TLS Certificate has not been revoked OCSP Staple: Not Enabled OCSP Origin: Good CRL Status: Good TLS Certificate expiration The certificate expires September 19, 2021 (417 days from today)
×
×
  • Create New...