Jump to content

sysadminPA

Members
  • Posts

    16
  • Joined

  • Last visited

About sysadminPA

  • Rank
    Newbie
    Newbie

Profile Information

  • Location
    Germany

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Hello, We are using in our organization still EEA 4 on our Ubuntu 20.04 devices, and we are looking to migrate to EEA 8, especially since we have started to encounter some errors where EEA 4 does not seem to be able to connect to the Agent that is running on the machine, and I am getting this message in our ESET Management server "Product is not connected. No connection attempt occurred." I have been testing EEA 8 on Ubuntu 20.04 for a while and I cannot really say I am very satisfied, especially regarding the Secure Boot issues. Our devices have Secure Boot enabled, and we want to keep it that way. The workflow offered by the guide for EEA 8 to deal with Secure Boot is not that comfortable to deploy on multiple machines, and more so the management of said machines can be quite cumbersome, as for any Linux kernel update, if one forgets to run the script to sign the headers, their computer might not boot next power cycle. Is there a way to actually make this more streamlined like EEA 4 used to work, where I did not need to actually set the keys manually in UEFI for Secure Boot to work seamlessly? Thanks in advance!
  2. Thanks for your reply! Yet I find that you might have misunderstood or misread my post. I have already mentioned that link you posted from EFS 8 for linux myself as I have already read through. However, I am not using EFS 8 for linux but EEA 8 for linux, and as I mentioned in my post, I have seen that EFS 8 for linux comes with a script to sign the kernel, but I cannot find this script in the installation folder of EEA 8 for linux. I have already added the output of my eea service status that mentions that Secure Boot is enabled. The command you pasted from the EFS 8 secure boot help page outputs when run "SecureBoot enabled" as is expected, as also the eea service states the same. I understand that I need to sign the EEA kernel module, yet I am not sure how to do this as a script is not provided like in the case of EFS. Am I missing something? If not, can you provide an alternative script for EEA 8 like the one for EFS 8? Thanks in advance!
  3. Hello, We are using ESET in our company and are looking to upgrade to the new version of EEA 8 for Linux. I am testing it on an up to date machine with Ubuntu 20.04. The environment satisfies all the system requirements. I have downloaded and installed the product from the ESET website, as our ESET Protect server is not set yet to install this version, but the agent is running on the machine, so the server was able to activate the product. Now I am left with the eea service on the machine reporting "Real-time file system protection is non-functional" Apr 20 12:38:19 Computer-name oaeventd[1675]: ESET Endpoint Antivirus Error: Secure Boot is enabled. Please sign the kernel module /lib/modules/5.8.0-50-generic/eset/eea/eset_rtp.ko or disable Secure Boot in BIOS/UEFI. Apr 20 12:38:19 Computer-name oaeventd[1675]: ESET Endpoint Antivirus Error: Initialization of system handler for on-access scan has failed. Please update your OS and restart your computer, then check system logs. In the EEA GUI I can see the same message (pictures attached). Now I have double-checked the instructions and the only point regarding the Real-time protection is here https://help.eset.com/eeau/7/en-US/realtime-protection-cannot-start.html, but it does not apply to my situation. Going back to the error message in the console I can understand that disabling Secure Boot would be a solution, but this is not desirable in my company. The solution would be signing the kernel modules. Unfortunately I did not find a guide for this, and I am wondering if it is possible for this version of the product. I have found that ESET File Security 8 for Linux has a script that does this as detailed here https://help.eset.com/efs/8/en-US/secure-boot.html, but this script does not seem to be present in the EEA 8 for Linux installation folder. I have tried also the commands listed in this thread (adapted for my kernel version) but with no success. I am hoping you can help me with this, either pointing out something I have missed or simply providing a set of commands or a script similar to the EFS 8 one. Thanks in advance!
  4. Hi Marcos, thanks for your reply. This mailbox file is unused. I will need then to open it with a client and delete the single email (not sure I have so much time I can work with this employees laptop :)). It would help already if Eset can identify these emails, but we are not 100% sure about it? Thanks Emiliano
  5. Good day, we have an employee in our company who has a Trojan, in the specific a PDF/Phishing.A.Gen. Those are in a .olm file, which is an Outlook for Mac local mailbox file. I have found a similar topic here but they are talking only about pst files, Any idea how it will act a full system scan enabling the option to check mailboxes? Thanks in advance Emiliano
  6. Thanks, I did all you said and send the logs to ESET Technical Support.
  7. Thanks, but unfortunately this did not solve my issue, actually nothing has changed after retrying to activate from ESMC, it still reports successful in ESMC, but on the client I get the same errors.
  8. I am sorry in case I misunderstood the question. What do you mean by activating it via offline license file? I have first tried activating it from the ESMC as the agent was reporting to the ESMC that the product was not activated. I ran the activation task and then the ESMC was not reporting that the product was not activated on the client anymore. But then checking the status of the eea service on the client showed the activation error still as you have seen in my logs snippet. Afterwards I tried to run the activation command /opt/eset/eea/sbin/lic -k XXXX-XXXX-XXXX-XXXX-XXXX on the client, using the key instead of the placeholder (key that I got by using the credentials in the convertor on your website). The result was as I have posted above. Any idea what steps I can try next? Or please let me know if I got anything wrong! Thanks in advance!
  9. I think not, because this is the license we use currently with all the other linux clients running EEA version 4.0.95.
  10. I ran the activation task in ESMC and it was reported to have run successfully. (In the ESMC only the Real-time protection error mentioned above is shown). Also tried to run it on the client in the terminal and am getting this error "Error: Activation failed" and in the logs I see this "licensed[1350]: ESET Endpoint Antivirus Error: Activation was not successful: 0x20515010". Also want to mention that before I ran the activation task from ESMC when I tried to update module on the client I got a prompt that product is not activated, but after the activation task was reported to have run successfully on the ESMC, I could update the modules with the command on the client. This makes the "Product is not activated." error very weird in my eyes.
  11. so it does not work to activate it via ESMC?
  12. Hello, I have been trying to test the new ESET Endpoint Security 7 for Linux on an up to date Ubuntu 18.04 machine. The ESET Agent is already installed (version 7.1.503.0) on the machine and reporting to my company's ESMC Server without issues. I installed ERA 7.0.13.0, activated it via ESMC, updated the modules, and this error is reported in ESMC "Real-time file system protection is non-functional". I have also attached the log file from the client. Hope you can help me get it running. Thanks in advance! Emanuel eea.txt
  13. I have clicked on the link and I get this error. Sorry, there is a problem You do not have permission to view this content. Error code: 2F173/H I have written a message by clicking the "Contact us" button below the warning but got no reply. Is this an issue or am I missing something? Thanks in advance!
×
×
  • Create New...