Jump to content

tobiasperschon

Members
  • Posts

    28
  • Joined

  • Last visited

Everything posted by tobiasperschon

  1. I restarted the server and now it worked. so it was probably due to memory (RAM) exhaustion (Server has 2GB of memory)
  2. the firewall on my client and also on the server does not restrict outgoing connections.
  3. Downloading an all-in-one installer package (32 or 64bit) results in an Internal Server Error at about 60% progress. these lines are from trace.log: 2019-04-30 09:26:08 Error: CInstallersModule [Thread 7f90648bc700]: CInstallerPackageProcessor::BuilderThread end unexpected with error: I/O error 2019-04-30 09:26:08 Error: ConsoleApiModule [Thread 7f9067ff7700]: 14179 Unexpected error while processing GetFileProgress request: I/O error ESET Security Management Center (Server), Version 7.0 (7.0.471.0) ESET Security Management Center (Web Console), Version 7.0 (7.0.429.0) Debian (64-bit), Version 8.11 Update module1072 (20180813) Translation support module1733 (20190319) Configuration module1663.15 (20181129) SysInspector module1274 (20180918) SSL module1028.1 (20190327) Push Notification Service module1052 (20190122)
  4. Hi, yes I did that. I checked the installed application list and the new app does not appear and I looked through the list and a lot of installed apps (from before a couple of days) do not appear and a lot of them have old versions listed. Interestingly the "Last Connection" Time is current... Is there a way to "force refresh" the infos from the device? cheers
  5. I downloaded it from the Google Play Store. I just went there and checked again. For ESET Endpoint Secruity it says Version 2.1.18.0 Updated on 14.Jun 2017. This version is installed for more than one day... also I removed and re-enrolled the device already once.
  6. Hi, this is what I see under "outdated applications": Group by (Application name) Group by (Application vendor) Group by (Application version) Group by (Latest application version) ESET Endpoint Security ESET, spol. s r.o. 2.1.11.0 2.1.16.0 this is what is displayed under "Installed Applications" for the device: ESET Endpoint Security 2.1.11.0 Latest Application Version 2.1.16.0 but now it gets interesting, this is what is displayed in the device list: ESET Endpoint Security 2.1.18.0 here the correct version is listed (2.1.18.0) which is also displayed if I open the app and check the version on the phone. do you have an idea what caused this and how to fix it? ESET Remote Administrator (Server), Version 6.5 (6.5.417.0) ESET Remote Administrator (Web Console), Version 6.5 (6.5.388.0) Debian (64-bit), Version 8.8 what additional infos do you need? Thanks in advance!
  7. I applied the fix. I will check if the second problem is gone. I will also check the server if the first problem occurs again. Interestingly the server was running fine for over a year now. I apt-get upgraded it many times in this year but the first problem I mentioned just started recently. (I did not add more clients...) anyway, we'll see and I will get back to you! thanks for the advice so far! Update: so far no more errors... lets see how long the server will keep running Update2: The patch seems to have fixed both issues. Server is running fine now.
  8. Hi, I noticed that the server dies every 2 days or so. The trace log shows these lines ever 10 seconds: 2016-04-23 22:51:39 Error: NetworkModule [Thread 7fbab4ff9700]: remote_endpoint: Bad file descriptor 2016-04-23 22:51:49 Error: NetworkModule [Thread 7fbab77fe700]: remote_endpoint: Bad file descriptor 2016-04-23 22:51:49 Error: NetworkModule [Thread 7fbab4ff9700]: remote_endpoint: Bad file descriptor the last entries in the last-error.html: Scope Time Text NetworkModule 2016-Apr-22 17:09:32 remote_endpoint: Bad file descriptor SchedulerModule 2016-Apr-22 17:09:35 Received message: RegisterSleepEvent NetworkModule 2016-Apr-22 17:09:42 No descriptors available. Active session count:2 NetworkModule 2016-Apr-22 17:09:42 remote_endpoint: Bad file descriptor NetworkModule 2016-Apr-22 17:09:52 No descriptors available. Active session count:2 NetworkModule 2016-Apr-22 17:09:52 remote_endpoint: Bad file descriptor CCleanupModule 2016-Apr-22 17:09:55 Initiating calculation of status snapshots CCleanupModule 2016-Apr-22 17:09:55 Finished calculation of status snapshots SchedulerModule 2016-Apr-22 17:09:55 Received message: RegisterSleepEvent AutomationModule 2016-Apr-22 17:10:00 ReportManager: ProcessWatchdogCheck: Watchdog reports normal behaviour. ConsoleApiModule 2016-Apr-22 17:10:00 Session data cleanup timeout. CReplicationModule 2016-Apr-22 17:10:00 CStepProcessor: Server state changed to OK NetworkModule 2016-Apr-22 17:10:02 No descriptors available. Active session count:2 NetworkModule 2016-Apr-22 17:10:02 remote_endpoint: Bad file descriptor NetworkModule 2016-Apr-22 17:10:02 Socket accepted. Remote ip address: 178.191.54.94 remote port: 55989 NetworkModule 2016-Apr-22 17:10:02 Resolving ip address: 178.191.54.94 NetworkModule 2016-Apr-22 17:10:02 Receiving ip address: 178.191.54.94 from cache NetworkModule 2016-Apr-22 17:10:02 Successfully received ip address: 178.191.54.94 from cache NetworkModule 2016-Apr-22 17:10:02 remote_endpoint: Transport endpoint is not connected NetworkModule 2016-Apr-22 17:10:02 Socket accepted. Remote ip address: 213.47.170.12 remote port: 54350 NetworkModule 2016-Apr-22 17:10:02 Resolving ip address: 213.47.170.12 NetworkModule 2016-Apr-22 17:10:02 Receiving ip address: 213.47.170.12 from cache NetworkModule 2016-Apr-22 17:10:02 Successfully received ip address: 213.47.170.12 from cache NetworkModule 2016-Apr-22 17:10:02 Socket connection (isClientConnection:0) established for id 32342 NetworkModule 2016-Apr-22 17:10:02 Socket connection (isClientConnection:0) established for id 32343 NetworkModule 2016-Apr-22 17:10:02 Connection closed by remote peer for session id 32342 NetworkModule 2016-Apr-22 17:10:02 Connection closed by remote peer for session id 32343 NetworkModule 2016-Apr-22 17:10:02 Forcibly closing sessionId:32342, isClosing:0 NetworkModule 2016-Apr-22 17:10:02 Removing session 32342 NetworkModule 2016-Apr-22 17:10:02 Closing connection , session id:32342 NetworkModule 2016-Apr-22 17:10:02 Forcibly closing sessionId:32343, isClosing:0 NetworkModule 2016-Apr-22 17:10:02 Removing session 32343 NetworkModule 2016-Apr-22 17:10:02 Closing connection , session id:32343 NetworkModule 2016-Apr-22 17:10:03 No descriptors available. Active session count:2 NetworkModule 2016-Apr-22 17:10:03 remote_endpoint: Bad file descriptor NetworkModule 2016-Apr-22 17:10:03 Socket accepted. Remote ip address: 213.47.170.12 remote port: 55358 NetworkModule 2016-Apr-22 17:10:03 Resolving ip address: 213.47.170.12 NetworkModule 2016-Apr-22 17:10:03 Receiving ip address: 213.47.170.12 from cache NetworkModule 2016-Apr-22 17:10:03 Successfully received ip address: 213.47.170.12 from cache NetworkModule 2016-Apr-22 17:10:03 remote_endpoint: Transport endpoint is not connected I also notice a lot of the following warnings and errors in the tracelog: 2016-04-21 16:32:04 Warning: NetworkModule [Thread 7fbab7fff700]: The connection will be closed due to timeout. Resolved endpoint is NULL 2016-04-21 16:32:05 Error: NetworkModule [Thread 7fbab6ffd700]: Error reported by JobScheduler[Name:Dns job scheduler for not network operation]. Error message is:resolve: Host not found Installed ERA Server 6.3.148.0 Agent on Server 6.3.148.0 Debian (64-bit), Version 8.4 I hope you can help me... Kind regards
  9. But as I can only see the changelog for the ERA server. Even if I select the agent at the top of the page. Another thing: the current version for the agent reported by ERA Console is 6.2.190 but the download page lists version 6.2.200.0. Aparently the latest Linux and Windows Versions are different.
  10. Hi, in light of the recent agent update to 6.2.190.0, I was wondering where I can find the change logs? kind regards
  11. I have the same problem. Completely uninstalling and reinstalling ESS/EAV did not help. This did also not help: hxxp://support.eset.com/kb217/?locale=en_US&viewlocale=en_US Until this is fixed you can disable "Report network firewall issues" and "Report virus and spyware protection issues" via an agent policy.
  12. Hi, I have a customer with an & in the name added in ELA (e.g Company & Co KG). ELA displays the owner name correctly but in ERA the synced license displays only "Co KG" in the owner name section (ERA 6.2) This is going to be a problem if I have multiple customers that have a & Co KG in their names... kind regards
  13. Hi, when installing MDM on Debian the startup of the service fails because the installer sets the following for systemctl (in /etc/systemd/system/eramdmcore.service) ExecStart=/opt/eset/RemoteAdministrator/MDMCore/eramdmcore --daemon --pidfile /var/run/eramdmcore.pid but the file in the directory is named ERAMDMCore. I edited the config file to the correct uppercase name and did a systemctl daemon-reload but this is something that could potentially be overwritten by an MDM update. So please fix this in the next version. kind regards
  14. Hi, I would like to setup a fail2ban rule for blocking failed ERA logins. The problem is that in the server trace.log only this is logged: "Error: CServerSecurityModule [Thread 7f48f2ffd700]: AuthenticateNativeUser: Native user login failed" But not the IP from where the login attempt was made. Is possible that you print the IP in this Error line in any future update? (I don't really want to set the log to higher verbosity) Thanks in advance
  15. Hi, what is the best practise to switch clients from direct ERA connection to ERA proxy? I have clients with agents set up to connect to the ERA FQDN (which is outside of the local network). I installed ERA Proxy on the on-premise server and the proxy function is showing up correctly in ERA for this server. I set up a policy with configurations for the ERA Agents and added the FQDN of the on-premise server to the "connects to" list. But I also added the remote ERA Address in case the proxy has problems or is off line. Is this correct? Is the order of the "Servers to connect to" list honoured? Or does the agent connect to all the entries (round-robin like) and I should only set the local proxy address? Is it possible that the agent on the Proxy Server connects to localhost or must the "proxy agent" connect directly to external ERA? Thanks in advance
  16. thank you for your offer! I just reinstalled the complete server with Debian 8 (with Debian 7 the era console could not connect to era server - maybe because of outdated openssl-lib) and now everything is working perfectly. All added computers are showing up with all symbols. Tasks get executed immediately and results are seen almost instantly in ERA console. Is it now possible with ERA 6.2 to install MDM on the same server?
  17. Update: ERA is starting to drive me crazy. I did a full fresh reinstall with ERA 6.2 now only tomcat, era and an agent are present on the server. Era Server appeared in the list with the agent symbol (only the agent symbol, I think there is also a symbol for era server?) then I added some clients - on all of them I removed the old one and did a fresh reinstall of the agent. Replication is working but in ERA Console there is a mixed picture: one out of three displayed agent and endpoint symbol and also PC Infos are displayed correctly (under details) the other two don't display any OS or PC info and no agent symbol and the don't show the installed endpoint AV. In addition after waiting a night the agent symbol from the era server entry disapeared in addition with all the OS and PC information... what is going on? why is stuff working only sometimes, while other times only working half the way?
  18. I was talking about my Wildcard Domain Certificate which I used for Tomcat to secure the https connection to ERA Webconsole. The cert was fairly cheep so it uses an intermediary CA. The PFX file that tomcat uses to secure the Websonsole contains the Domain-Wildcard Cert and the Intermediare CA (the Root is present on all? devices - GlobalTrust) When installing MDM you are supposed to choose a cert for the https (Options: --https-cert-path= and --https-cert-password=) and also an agent cert (when you do an "offline install") otherwise you have to pass the installer the ERA login credentials and it will pick an agent cert. For https you would use a normal domain cert with an public CA so that end users have no trouble opening the MDM site (e.g. enrollment page) without warnings. The problem (as stated above) is that the MDM webserver does only send the domain and not also the intermediary CA to the browser. So I don't think you have to (or should) use an public ("purchased") as an agent cert.
  19. okay I uninstalled MDM and I will wait if the agents on the clients are recognised again. Edit: No luck so far... I also reinstalled Agent on the ERA server
×
×
  • Create New...