spfister
-
Posts
2 -
Joined
-
Last visited
Posts posted by spfister
-
-
I'm a network engineer trying to figure out why our ESET server is seeing a large amount of discarded incoming packets. It's also see an unusually large amount of traffic for what I've been told is only doing anti-virus. For example, Monday at 9pm local time through Tuesday at noon, I see incoming traffic of a little over 600GB. Currently, every time I do a packet capture at our firewall looking at incoming traffic to this server, I see a pretty constant inbound stream. It's trying to download a file called update.ver.signed over and over again. Sometimes, this download results in an HTTP error code 401 (authorization required).
ESET server, packet discards, and large amounts of traffic
in ESET Endpoint Products
Posted
I'm not sure what to post. I'm doing a large amount of packet captures at our firewall examining traffic going to the ESET server. It looks like the server does a GET /eset_upd/ep7/dll/update.ver.signed about every five minutes. Before every GET, there is a HEAD command for the same path. This gets a 401 (authorization needed) response from the server. So far, about half past the hour, it appears to do this 2 or 3 times in a row, about a second apart.
I'm not the person who administers this server, but I can ask him about settings. I'm just trying to figure out why there's such a large amount of traffic to and from this server at all hours.