Focus on Virus Mode:
(Page 9 of 62)  < Prev  4 5 6 7 8 9 10 11 12 13 14  Next >
RE: New Malware? 2006-07-20
Mike Alexander (mike alexander mail moray gov uk)
Bruce,

It *might* be related to this:
http://snipurl.com/tj1p
http://snipurl.com/tj23

Or it could simply be another one of these Google toolbars....which some
here might regard as a form of "malware" anyway!

Regards,

Mike
------------------------------------------------------------
Mike Alexande

[ more ]  [ reply ]
New Malware? 2006-07-20
Bruce Martins (BMartins extend COM) (2 replies)
I had a user who received an e-mail pretending to be from google updates
with a subject line of "New Google Toolbar Released"

The link actually takes them to=20

http://googletoolbar.com.sapo.pt

None of the AV scanners picked this up when downloading the EXE,
perimeter, nor desktop, and even with

[ more ]  [ reply ]
Re: New Malware? 2006-07-20
Luis Diaz Kaspersky (luis diaz kaspersky com mx)
Re: New Malware? 2006-07-20
.myke lyons (Myke Lyons cmtww com)
RE: Symantec AV reporting metrics. 2006-06-23
paul murgatroyd org uk
I have managed to get a publicly available reporter installation up and running, which people will be able to take a look at via the web.

However, I need some logs for it! If anyone would like to share some AV logs for the good of the community you will all see what reporter can do for you.

I

[ more ]  [ reply ]
RE: Symantec AV reporting metrics. 2006-06-22
Ted Senn (ted senn zurichna com)
The agents will only run on Windows 2000 and above, Not on NT

FYI In my experience the reporting server is a managers toll. It is
difficult to actually get working information from it. ie report of
infection and I haven't be able to find a way to determine if the infection
is still active, cleaned

[ more ]  [ reply ]
RE: Symantec AV reporting metrics. 2006-06-22
Turney, Tobin (Tobin Turney bcbsfl com)
I implemented SAVCE 10.1 with reporting on 11,000 clients with no issues. We have two primary servers. One of the primary servers is running IIS to host the reporting site. The SQL reporting DB is a shared instance on separate SQL server. The reporting agents and website are free as long as you own

[ more ]  [ reply ]
Virtualized app environment - Possible testing tool for malware 2006-06-22
Bill Stout (bill stout greenborder com)
Hi Guys,

We have a pre-GA tool that could become helpful for malware forensics.
I've included a download link and a 30-week license.

http://www.greenborder.com/earlyaccess

934OOY22AEGEK23IO3L6ACO3CK47OKD3 30 week license with 'SafeFile' option

We're working on the activity monitor which monitors

[ more ]  [ reply ]
RE: Symantec AV reporting metrics. 2006-06-20
Adams, Rhuel (AdamsR ctc com)

Not quite sure where you're getting the misinformation from, but SAVCE 10.1 with Gold Support includes reporting.

I had to contact the licensing dept. to get an updated license so that the latest version was "available" for me to download, but it definitely has reporting in the package.

So far,

[ more ]  [ reply ]
RE: Symantec AV reporting metrics. 2006-06-20
Ted Senn (ted senn zurichna com)
Interesting. I'm running Ver 10.1.0.401 Corp Edition and reporting server
works just fine.

Ted Senn
Security Engineer
Distributed Security
847-605-6837

"Nick Duda"

[ more ]  [ reply ]
RE: Symantec AV reporting metrics. 2006-06-20
paul murgatroyd org uk
Are you sure you have 10.1 and not 10.0.1?

I can confirm that 10.1 DEFINITELY comes with the reporting server. Its not currently available to gold customers, but will be soon. If you have a Platinum support account you can download it.

Leave the examples thing with me... I'll see what I can

[ more ]  [ reply ]
RE: Symantec AV reporting metrics. 2006-06-19
Howe, Paul H (paul howe nwa com)
Hmmm... If your management does not trust the patch fro 10.1, why do they trust the patch for 8.1?

> -----Original Message-----
> From: Serge Vondandamo [mailto:serge.vondandamo (at) wanadoo (dot) fr [email concealed]]
> Sent: Sunday, June 18, 2006 1:15 AM
> To: 'Ted Senn'
> Cc: focus-virus (at) securityfocus (dot) com [email concealed]; 'sekure'
> Subje

[ more ]  [ reply ]
RE: Symantec AV reporting metrics. 2006-06-18
Serge Vondandamo (serge vondandamo wanadoo fr) (1 replies)
I forgot to add that,

I have up to 6000 Clients located WW (Europe, Americas, APAC, and
Middle-east).

Thanks,
Serge

-----Message d'origine-----
De : Serge Vondandamo [mailto:serge.vondandamo (at) wanadoo (dot) fr [email concealed]]
Envoyé : dimanche 18 juin 2006 08:11
À : 'Ted Senn'
Cc : 'focus-virus (at) securityfocus (dot) com [email concealed]'; 'se

[ more ]  [ reply ]
RE: Symantec AV reporting metrics. 2006-06-19
Nick Duda (nduda VistaPrint com) (1 replies)
RE: Symantec AV reporting metrics. 2006-06-19
Roger Padilla (ropadill calpoly edu)
RE: Symantec AV reporting metrics. 2006-06-09
Ted Senn (ted senn zurichna com) (1 replies)
Installing the reporting server is the start. Unless you have a small
number of clients I would recommend a separate system. The reporting server
is somewhat CPU intensive in my experience.

Each AV server will need to have reporting agents installed on them.
However for testing you can set up the

[ more ]  [ reply ]
RE: Symantec AV reporting metrics. 2006-06-18
Serge Vondandamo (serge vondandamo wanadoo fr)
RE: Symantec AV reporting metrics. 2006-06-09
paul murgatroyd org uk
Depending on how you have your SAV infrastructure configured, you can get away with installing the agents just on the primary servers, however the data received is better if you install the agent on each parent too.

Normally, AV definition information, client versions, etc. come from the Parent s

[ more ]  [ reply ]
RE: Symantec AV reporting metrics. 2006-06-09
Ted Senn (ted senn zurichna com)
That will get the basics. However each Primary AV server (and ideally)
each AV server needs to have the reporting AGENTS install and configured to
report to the Reporting server. To configure the agents you need the 10.1
Symantec Center Console.

If you have a big infrastructure you should consider

[ more ]  [ reply ]
RE: Symantec AV reporting metrics. 2006-06-06
Ted Senn (ted senn zurichna com) (1 replies)
I am running Reporting server without any problem on version 10, and 9
servers. The agent installs and reports back to the reporting server. You
may need a special group with 10.1 for the reporting server only, but the
reporting will work with the lower version AV servers ( agent will not
install o

[ more ]  [ reply ]
RE: Symantec AV reporting metrics. 2006-06-09
Serge Vondandamo (serge vondandamo wanadoo fr)
RE: Symantec AV reporting metrics. 2006-06-05
Howe, Paul H (paul howe nwa com)
Or the expensive way.....

I pull the log files from the various parent servers, import into
MS/Access and generate reports.

Serge - your metrics seem less than usfull. Engine version, dat updates
etc are rarely very far out of compliance at our site (10K+ desktops).
I post #s on how many differen

[ more ]  [ reply ]
RE: Symantec AV reporting metrics. 2006-06-05
paul murgatroyd org uk (1 replies)
apologies for the delay in replying... i was on my way home!

We have seen customers use many ways to get information out of our log files, I've seen some quite useful information extracted using Microsofts Log Parser tool. (and could possibly get hold of some scripts)

What you will need if you

[ more ]  [ reply ]
RE: Symantec AV reporting metrics. 2006-06-09
Serge Vondandamo (serge vondandamo wanadoo fr)
RE: Symantec AV reporting metrics. 2006-06-05
Serge Vondandamo (serge vondandamo wanadoo fr)
Sekure and all,

Thanks but we don't have version 10.1 and unfortunately, I have to find a
way to report with the versions we have. I may suggest to upgrade but that
will not be possible now - IT Ops folks and other IS Managers will be
difficult to convince - given the heavy IT Governance and change

[ more ]  [ reply ]
re: Symantec AV reporting metrics. 2006-06-05
paul murgatroyd org uk (1 replies)
resending to due to evil HTML email...

------------------------------

what version of SAV are you running?

Depending on version I can give you ideas on several different reporting solutions.

I'm not trying to sell our products or services... just want to let you know whats available if y

[ more ]  [ reply ]
RE: Symantec AV reporting metrics. 2006-06-05
Shabbar Arsiwala (sarsiwala obleness org)
(Page 9 of 62)  < Prev  4 5 6 7 8 9 10 11 12 13 14  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus