Astaro security gateway detects Virus in 3.6.6 from indiana.edu site

Similar Messages

• Astaro security gateway and ical invitations

  When I want to reply to an ical invitation from an iCal server behind an Astaro Security Gateway, it's blocked by the Astaro. error 550: address unknown. I can understand that the astaro doesn't like addresses like [email protected]
  Has anyone experience with Astaro gateways? Before I take it up with Astaro I want to know what other options I have. I don't know if it's possible to do some regex on the address, or filter by some unique header.
  I do not manage the box. I'm just looking for information to provide to the people who do the support.
  Help much appreciated.
  Server OS 10.6.4

  Hi
  QM = Quick Mode = Phase 2.
  Phase 1 is either Main Mode or aggresive mode.
  So by the fact it is getting to QM that suggests phase 1 is working. What you do see if you do a "sh crypto isa sa" on the ASA ?
  Can you check the phase 2 settings to ensure they match ie.
  1) check your crypto map access-list and make sure that the local and remote subnet you have on your ASA matches the Astaro local and remote subnets
  2) Explicitly set PFS in phase 2 and get them to do the same on the Astaro firewall.
  HTH
  Jon

• Disable Java Security Warning: Allow access to the following application from this web site?

  Dear all,
  When I open web intelligence with BI launchpad, this warning has been shown:
  "The web site is requesting access and control of the Java application shown above. Allow access only if you trust the web site and know that the application is intended to run on this site.
  Allow access to the following application from this web site?"
  and it has just three button of "Yes", "No" and "Help".
  I go to Java Control Panel and Security tab, then set security level on the "Medium" and add my site in the Exception Site List but this warning is shown each time I open web intelligence.
  I have searched the internet very much but I haven't found any solutions for disabling of it. How can I disable this security warning?
  Java version 7 update 67
  windows XP
  SAP BusinessObject BI Platform 4.1 Support Pack 4 Patch 2
  best regards,

  Hello,
  We have the same issue with BI4.1 SP3 FP3.
  Can anyone help us ?
  Nawale.

• Can't access safe mode to delete System Security fake anti virus virus. HELP.

  Hi, our SL500 has become infected with "System Security" fake anti virus software. We have tracked down how to remove it.
  http://www.geekstogo.com/forum/system-security-malware-t222291.html
  However when we get to the "reboot your computer in safe mode" (see instructions below) we can't as this is not possible.
  We have tried F8...........Repeatedly . And also  Run->msconfig->BOOT.INI->/SAFEBOOT . But to no avail . Actually we get a pop up stating that Windows  can not find said command and have we typed it in correctly . Please could some one help us as this is driving us insane . One last thing . A computer WITHOUT a "safe mode " option, isn't that kinda of unsafe and a tad.....
  Thanks in advance.  
  Instructions for malware removal. 
  You will need to print out a copy of these instructions, or save them to NotePad and put a shortcut to the file on the desktop so that you can refer to while you complete this procedure as you will be required to boot into Safe Mode where you wont have internet access.
  Please download ATF Cleaner by Atribune.
  Caution: This program is for Windows 2000, XP and Vista only
  Double-click ATF-Cleaner.exe to run the program.
  Under Main choose: Select All
  Click the Empty Selected button.
  If you use Firefox browser
  Click Firefox at the top and choose: Select All
  Click the Empty Selected button.
  NOTE: If you would like to keep your saved passwords, please click No at the prompt.
  If you use Opera browser
  Click Opera at the top and choose: Select All
  Click the Empty Selected button.
  NOTE: If you would like to keep your saved passwords, please click No at the prompt.
  Click Exit on the Main menu to close the program.
  Run MBAM again, only this time perform a full scan and post the log.
  Please click here to download AVP Tool by Kaspersky.
  Save it to your desktop.
  Reboot your computer into SafeMode.
  You can do this by restarting your computer and continually tapping the F8 key until a menu appears.
  Use your up arrow key to highlight SafeMode then hit enter.
  Double click the setup file to run it.
  Click Next to continue.
  It will by default install it to your desktop folder.Click Next.
  Hit ok at the prompt for scanning in Safe Mode.
  It will then open a box There will be a tab that says Automatic scan.
  Under Automatic scan make sure these are checked.
  System Memory
  Startup Objects
  Disk Boot Sectors.
  My Computer.
  Also any other drives (Removable that you may have)
  After that click on Security level then choose Customize then click on the tab that says Heuristic Analyzer then choose Enable Deep rootkit search then choose ok.
  Then choose OK again then you are back to the main screen.
  Then click on Scan at the to right hand Corner.
  It will automatically Neutralize any objects found.
  If some objects are left un-neutralized then click the button that says Neutralize all
  If it says it cannot be Neutralized then chooose The delete option when prompted.
  After that is done click on the reports button at the bottom and save it to file name it Kas.
  Save it somewhere convenient like your desktop and just post only the detected Virus\malware in the report it will be at the very top under Detected post those results in your next reply.
  Note: This tool will self uninstall when you close it so please save the log before closing it.
  In your next reply I would like to see:
  C:\RSIT\info.txt
  MBAM log
  Kaspersky AVP scan results
  Also let me know how the computer is behaving. 
  This post has been edited by Octagonal: Dec 27 2008, 08:08 AM 

  Thanks for trying to help. Sadly, I followed the instructions and it rebooted to the blue screen again.
  It's going to have to go to Apple for repairs now. I'm out of options.
  I am wondering how much easier it would have been if I'd created a time machine restore point. I got what I deserved for failing to do that, but I'm doubtful even that would have worked in this case. It does seem to be because of that piece of widely reported malware that didn't want to leave without causing damage.
  The most frustrating aspect is the safe boot. I get to the desktop but without any menu, finder or dock. It seems to be similar to the problem below...
  http://www.macsmarts.com/?p=109
  But that's for Tiger. I tried that to no effect.
  Like I said, it's going to have to go to Apple now because I've done so many things I don't know if I'm just digging myself a deeper hole.
  Thanks again for offering help.

• Security threat detected by my cable operator but I can't find it

  I received the following email from Cogeco this morning and they are going to shut me down soon if I can't deal with it. From my research at McAffee and Symantec it appears to something that only Windows users would get. I am confused. How can I detect a problem on my Mac?
  You are receiving this email as Cogeco's network security dept has received reports of atypical traffic from your system that is indicative of malware (ie: a virus or trojan). Your system(s) are exhibiting symptoms of The Downadup (aka: Conficker) malware – see http://www.f-secure.com/v-descs/wormw32_downadupa.shtml for more detailed info.
  Some items to note about The Downadup malware,
  1. This malware could have been prevented by ensuring your Windows system(s) is updated regularly. In particular Cogeco recommends you ensure Windows Auto Update is enabled on all systems in your household – see http://www.microsoft.com/protect/computer/updates/mu.mspx for further info
  2. This malware can also propagate via USB drives, if you are using a USB external drive please review http://support.microsoft.com/kb/953252 for more on how to disable USB autorun feature in Windows
  For more information on how your system could be hijacked for these purposes see http://en.wikipedia.org/wiki/Zombie_computer
  If you are unable to contain and/or investigate this threat immediately we request you temporarily power down or disconnect your system from the internet until you are able to further investigate. To prevent any possible interruption in service we require a follow up email within 24 hours - what malware you found, alternate reasons for this activity, what actions you are taking to prevent further incidents.
  If you do not have access to an up to date security scanner or you would like a second opinion you can run a free online security scan at http://www.cogeco.net/security - you may also be interested in Cogeco's Security Services which are free for most customers. Alternately Windows users can visit http://www.microsoft.com/protect/support/default.mspx for further information on system security.
  *Remember that security scanners need to be updated with new signature files frequently and Windows operating systems need to check for critical security updates on a regular basis.*

  If you have a Windows virtual machine (VMWare or Parallels) or use Boot Camp to load Windows on your Mac, then it is possible. You should treat the virtual machine or copy of Windows you use in Boot Camp per their instructions. Window will always require additional anti-malware software.
  If you have a PC with Windows on your home network, that's a possible source of the problem. Also, if you use a wireless network and it's open, someone nearby with an affected PC might be infected and causing the problem (Cogeco couldn't know whether it was your computer or someone else's, only that it came through your network connection).
  If you don't have any of these things, then there's some confusion. You Mac system doesn't support the cited malware - it simply can't run on it. In that case, there's several possibilities: the Cogeco e-mail is fake (perhaps a phishing attempt to try and coax you into providing personal information or downloading software), or Cogeco's traffic analysis is wrong (the software used improperly interpreted some other activity as the virus, or the operator of said software has misinterpreted the results).
  In any case, you need to contact Congeco (by telephone) and point out that you don't use Windows and are not able to run Windows malware (even if you wanted to).

• Please advise on security software/anti virus barrier

  Hi there,
  I would just like to know which security software/antivirus woks best with mountain lion?
  cheers

  1. This comment applies to malicious software ("malware") that's installed unwittingly by the victim of a network attack. It does not apply to software, such as keystroke loggers, that may be installed deliberately by an intruder who has hands-on access to the victim's computer. That threat is in a different category, and there's no easy way to defend against it. If you have reason to suspect that you're the target of such an attack, you need expert help.
  OS X now implements three layers of built-in protection specifically against malware, not counting runtime protections such as execute disable, sandboxing, system library randomization, and address space layout randomization that may also guard against other kinds of exploits.
  2. All versions of OS X since 10.6.7 have been able to detect known Mac malware in downloaded files, and to block insecure web plugins. This feature is transparent to the user, but internally Apple calls it "XProtect." The malware recognition database is automatically checked for updates once a day; however, you shouldn't rely on it, because the attackers are always at least a day ahead of the defenders.
  The following caveats apply to XProtect:
  It can be bypassed by some third-party networking software, such as BitTorrent clients and Java applets.
  It only applies to software downloaded from the network. Software installed from a CD or other media is not checked.
  3. Starting with OS X 10.7.5, there has been a second layer of built-in malware protection, designated "Gatekeeper" by Apple. By default, applications and Installer packages downloaded from the network will only run if they're digitally signed by a developer with a certificate issued by Apple. Software certified in this way hasn't necessarily been tested by Apple, but you can be reasonably sure that it hasn't been modified by anyone other than the developer. His identity is known to Apple, so he could be held legally responsible if he distributed malware. That may not mean much if the developer lives in a country with a weak legal system (see below.)
  Gatekeeper doesn't depend on a database of known malware. It has, however, the same limitations as XProtect, and in addition the following:
  It can easily be disabled or overridden by the user.
  A malware attacker could get control of a code-signing certificate under false pretenses, or could simply ignore the consequences of distributing codesigned malware.
  An App Store developer could find a way to bypass Apple's oversight, or the oversight could fail due to human error.
  For the reasons given above, App Store products, and other applications recognized by Gatekeeper as signed, are safer than others, but they can't be considered absolutely safe. "Sandboxed" applications may prompt for access to private data, such as your contacts, or for access to the network. Think before granting that access. OS X security is based on user input. Never click through any request for authorization without thinking.
  4. Starting with OS X 10.8.3, a third layer of protection has been added: a "Malware Removal Tool" (MRT). MRT runs automatically in the background when you update the OS. It checks for, and removes, malware that may have evaded the other protections via a Java exploit (see below.) MRT also runs when you install or update the Apple-supplied Java runtime (but not the Oracle runtime.) Like XProtect, MRT is presumably effective against known attacks, but maybe not against unknown attacks. It notifies you if it finds malware, but otherwise there's no user interface to MRT.
  5. XProtect, Gatekeeper, and MRT reduce the risk of malware attack, but they're not absolute protection. The first and best line of defense is always your own intelligence. With the possible exception of Java exploits, all known malware circulating on the Internet that affects a fully-updated installation of OS X 10.6 or later takes the form of so-called "trojan horses," which can only have an effect if the victim is duped into running them. The threat therefore amounts to a battle of wits between you and the malware attacker. If you're smarter than he thinks you are, you'll win.
  That means, in practice, that you never use software that comes from an untrustworthy source, or that does something inherently untrustworthy. How do you know what is trustworthy?
  Any website that prompts you to install a “codec,” “plug-in,” "player," "extractor," or “certificate” that comes from that same site, or an unknown one, is untrustworthy.
  A web operator who tells you that you have a “virus,” or that anything else is wrong with your computer, or that you have won a prize in a contest you never entered, is trying to commit a crime with you as the victim. (Some reputable websites did legitimately warn visitors who were infected with the "DNSChanger" malware. That exception to this rule no longer applies.)
  Pirated copies or "cracks" of commercial software, no matter where they come from, are unsafe.
  Software of any kind downloaded from a BitTorrent or from a Usenet binary newsgroup is unsafe.
  Software that purports to help you do something that's illegal or that infringes copyright, such as saving streamed audio or video for reuse without permission, is unsafe. All YouTube "downloaders" are in this category, though not all are necessarily harmful.
  Software with a corporate brand, such as Adobe Flash Player, must be downloaded directly from the developer’s website. If it comes from any other source, it's unsafe.
  Even signed applications, no matter what the source, should not be trusted if they do something unexpected, such as asking for permission to access your contacts, your location, or the Internet for no obvious reason.
  6. Java on the Web (not to be confused with JavaScript, to which it's not related, despite the similarity of the names) is a weak point in the security of any system. Java is, among other things, a platform for running complex applications in a web page, on the client. That was always a bad idea, and Java's developers have proven themselves incapable of implementing it without also creating a portal for malware to enter. Past Java exploits are the closest thing there has ever been to a Windows-style virus affecting OS X. Merely loading a page with malicious Java content could be harmful.
  Fortunately, client-side Java on the Web is obsolete and mostly extinct. Only a few outmoded sites still use it. Try to hasten the process of extinction by avoiding those sites, if you have a choice. Forget about playing games or other non-essential uses of Java.
  Java is not included in OS X 10.7 and later. Discrete Java installers are distributed by Apple and by Oracle (the developer of Java.) Don't use either one unless you need it. Most people don't. If Java is installed, disable it — not JavaScript — in your browsers.
  Regardless of version, experience has shown that Java on the Web can't be trusted. If you must use a Java applet for a task on a specific site, enable Java only for that site in Safari. Never enable Java for a public website that carries third-party advertising. Use it only on well-known, login-protected, secure websites without ads. In Safari 6 or later, you'll see a lock icon in the address bar with the abbreviation "https" when visiting a secure site.
  Follow the above guidelines, and you’ll be as safe from malware as you can practically be. The rest of this comment concerns what you should not do to protect yourself from malware.
  7. Never install any commercial "anti-virus" or "Internet security" products for the Mac, as they all do more harm than good, if they do any good at all. Any database of known threats is always going to be out of date. Most of the danger is from unknown threats. If you need to be able to detect Windows malware in your files, use the free software  ClamXav— nothing else.
  Why shouldn't you use commercial "anti-virus" products?
  Their design is predicated on the nonexistent threat that malware may be injected at any time, anywhere in the file system. Malware is downloaded from the network; it doesn't materialize from nowhere.
  In order to meet that nonexistent threat, the software modifies or duplicates low-level functions of the operating system, which is a waste of resources and a common cause of instability, bugs, and poor performance.
  By modifying the operating system, the software itself may create weaknesses that could be exploited by malware attackers.
  8. ClamXav doesn't have these drawbacks. That doesn't mean it's entirely safe. It may report email messages that have "phishing" links in the body, or Windows malware in attachments, as infected files, and offer to delete or move them. Doing so will corrupt the Mail database. The messages should be deleted from within the Mail application.
  ClamXav is not needed, and should not be relied upon, for protection against OS X malware. It's useful only for detecting Windows malware. Windows malware can't harm you directly (unless, of course, you use Windows.) Just don't pass it on to anyone else.
  A Windows malware attachment in email is usually easy to recognize. The file name will often be targeted at people who aren't very bright; for example:
  ♥♥♥♥♥♥♥♥♥♥♥♥♥♥!!!!!!!H0TBABEZ4U!!!!!!!.AVI♥♥♥♥♥♥♥♥♥♥♥♥♥♥.exe
  ClamXav may be able to tell you which particular virus or trojan it is, but do you care? In practice, there's seldom a reason to use ClamXav unless a network administrator requires you to run an anti-virus application.
  9. The greatest harm done by security software, in my opinion, is in its effect on human behavior. It does little or nothing to protect people from emerging threats, but if they get a false sense of security from it, they may feel free to do things that expose them to higher risk. Nothing can lessen the need for safe computing practices.
  10. It seems to be a common belief that the built-in Application Firewall acts as a barrier to infection, or prevents malware from functioning. It does neither. It blocks inbound connections to certain network services you're running, such as file sharing. It's disabled by default and you should leave it that way if you're behind a router on a private home or office network. Activate it only when you're on an untrusted network, for instance a public Wi-Fi hotspot, where you don't want to provide services. Disable any services you don't use in the Sharing preference pane. All are disabled by default.

• Anyconnect cannot confirm it is connected to your secure gateway

  Hi,
  I have configured cisco 1941 with anyconnect VPN. I have installed the anyconnect-win-3.1.07021-k9.pkg on the flash memory but it seems something is missing. When i access the router and download the anyconnect, the following message appears on the browser "Failed to get configuration because Anyconnect cannot confirm it is connected to your secure gateway". therefore, i have downloaded manually the anyconnect and tried to access my network. Unfortunately, the application does not connect and the "Anyconnect cannot confirm it is connected to your secure gateway" message appears.
  it can be noticed that i have an android phone which successfuly connects to my network without any problems.
  Please see below my configuration and i will appreciate if someone helps with this....
  crypto pki trustpoint test_trustpoint_config_created_for_sdm
   subject-name [email protected]
   revocation-check crl
  crypto pki trustpoint CRXX
   enrollment selfsigned
   serial-number none
   ip-address none
   revocation-check crl
   rsakeypair CRXX_RSAKey 512
  crypto pki trustpoint euro.lan
   revocation-check crl
   rsakeypair CRXX
  crypto pki certificate chain test_trustpoint_config_created_for_sdm
  crypto pki certificate chain CRXX
   certificate self-signed 01
    3082017A 30820124 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
    1B311930 1706092A 864886F7 0D010902 160A4352 4575726F 73757265 301E170D
    31353033 30373139 32383530 5A170D32 30303130 31303030 3030305A 301B3119
    30170609 2A864886 F70D0109 02160A43 52457572 6F737572 65305C30 0D06092A
    864886F7 0D010101 0500034B 00304802 4100896A 9A2F5ADB 6E1615AA 61ABC513
    2770253F 24F17DC4 A16D8ACD 5C9042C1 476AAAE9 D0E1EDDE 520D3A13 AD895518
    ED63C68E C734628D A6855FFA F9F3B099 AA230203 010001A3 53305130 0F060355
    1D130101 FF040530 030101FF 301F0603 551D2304 18301680 1467308D 8F138842
    4110A886 779CC1D5 D9302A5F FD301D06 03551D0E 04160414 67308D8F 13884241
    10A88677 9CC1D5D9 302A5FFD 300D0609 2A864886 F70D0101 05050003 4100376B
    789B83C7 D8F20FEC CFAC75B4 B71518EE 90078812 D86B5F35 23D54DB0 28C678E1
    BCB33BF5 81D47EE8 7392D4E8 1433CFA9 7157EC64 C9EA2357 EAADCB02 E789
          quit
  crypto pki certificate chain CRXX
   certificate ca 01
    3082030D 30820276 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
    81993133 30310609 2A864886 F70D0109 01162463 68726973 746F666F 726F732E
    70616E61 79694061 74686C6F 697A6F75 2E636F6D 2E637931 10300E06 03550408
    13076E69 636F7369 61310B30 09060355 04061302 63793115 30130603 55040313
    0C657572 6F737572 652E6C61 6E311530 13060355 040B130C 6575726F 73757265
    2E6C616E 31153013 06035504 0A130C65 75726F73 7572652E 6C616E30 1E170D31
    35303330 38303830 3532355A 170D3138 30333037 30383035 32355A30 81993133
    30310609 2A864886 F70D0109 01162463 68726973 746F666F 726F732E 70616E61
    79694061 74686C6F 697A6F75 2E636F6D 2E637931 10300E06 03550408 13076E69
    636F7369 61310B30 09060355 04061302 63793115 30130603 55040313 0C657572
    6F737572 652E6C61 6E311530 13060355 040B130C 6575726F 73757265 2E6C616E
    31153013 06035504 0A130C65 75726F73 7572652E 6C616E30 819F300D 06092A86
    4886F70D 01010105 0003818D 00308189 02818100 C7DFF639 00AAD60E DE260ED6
    87BEF428 A49386A2 5A4A6137 12811855 A8582E12 58ADAB6E 796E97EF 7A67309B
    F8F782BA 4BC027BB E751C271 DB81246E 8B975F40 648E0594 12C6162B 8B85ABB8
    E97732A9 0914C6A4 1AB99A3B 7676FBB7 74D9E2C0 0D5EDF59 CC705BD5 ADE10227
    48EDE22A DA782E6E CE813B71 63327693 2B8A3BA3 02030100 01A36330 61300F06
    03551D13 0101FF04 05300301 01FF300E 0603551D 0F0101FF 04040302 0186301F
    0603551D 23041830 168014D6 85F27FA8 59599438 BD252971 0BD29665 4E2F1930
    1D060355 1D0E0416 0414D685 F27FA859 599438BD 2529710B D296654E 2F19300D
    06092A86 4886F70D 01010405 00038181 00BAD0D8 41D25EE0 8546C804 05B82812
    28AA37A0 93247B1B A405622A 4553E897 B099DAF9 04F818A7 D1BB21D0 0343C186
    D5CCBCB7 6FB89E2F BD75ACB9 7B2FBB1F C5C0EF69 DBFFAB0E EB4F20AD 0DDCDAD5
    8B933B61 E6319A9C F73BD27E 61E90A9A FDD94EF9 0AE82CDA 12BC2D5B C1122649
    59236893 C5A1F5F1 D45C5471 01C87F98 1D
          quit
  crypto vpn anyconnect flash0:/webvpn/anyconnect-win-3.1.07021-k9.pkg sequence 2
  interface Virtual-Template3
   mtu 1406
   ip unnumbered GigabitEthernet0/0.1
  ip local pool SSL_admin_pool 192.168.251.1 192.168.251.254
  ip nat inside source list 100 interface GigabitEthernet0/1 overload
  access-list 100 deny   ip 126.0.0.0 0.0.0.255 192.168.250.0 0.0.0.255
  access-list 100 permit ip any any
  webvpn gateway gateway_1
   hostname CRXX
   ip address 213.X.X.X port 443
   http-redirect port 80
   ssl trustpoint CRXX
   inservice
  webvpn context ADMINS_Policy
   secondary-color white
   title-color #CCCC66
   text-color black
   virtual-template 3
   aaa authentication list ciscocp_vpn_xauth_ml_1
   gateway gateway_1
   ssl authenticate verify all
   inservice
   policy group policy_1
     functions svc-enabled
     svc address-pool "SSL_admin_pool" netmask 255.255.255.255
     svc default-domain "eurosure.lan"
     svc keep-client-installed
     svc dns-server primary 126.0.0.2
     svc dns-server secondary 126.0.0.1
   default-group-policy policy_1

  hello,
  Also, after update windows 8.1, I think, it is no longer work with ssl encryption rc4-sha1 !
  When my config contain the ssl encryption rc4-sha1
  I get the error:
  "Failed to get configuration because AnyConnect cannot confirm it is connected to your secure gateway. Contact your system administrator".
  After I change it to: ssl encryption aes128-sha1, AnyConnect client can connect to ASA."
  WORK!!

• Failed to get configuration from secure gateway. Contact your system administrator.

  I have an ASA 5515 running 9.1(1).
  One of my customers is attempting to connect with AnyConnect 3.1.02040 and after authenticating, he gets the message
  Failed to get configuration from secure gateway. Contact your system administrator.
  I have about 100 other customers who have not had this issue and can connect fine.
  Since it appears to be localized to his PC, he's uninstalled and reinstall the client, but to no avail. He's using Windows 7 Pro.
  On the ASA, while he is attempting to connect, I see this:
  15:48:04|302014|<<<REMOTE IP>>>|51032|<<<ASA IP>>>|443|Teardown TCP connection 495403 for outside:<<<REMOTE IP>>>/51032 to identity:<<<ASA IP>>>/443 duration 0:00:00 bytes 8241 TCP Reset-I
  14:48:04|725007|<<<REMOTE IP>>>|51032|||SSL session with client outside:<<<REMOTE IP>>>/51032 terminated.
  14:48:04|113039|||||Group <GroupPolicy_AnyConnect> User <etpdeir> IP <<<<REMOTE IP>>>> AnyConnect parent session started.
  14:48:04|734001|||||DAP: User etpdeir, Addr <<<REMOTE IP>>>, Connection AnyConnect: The following DAP records were selected for this connection: DfltAccessPolicy
  14:48:04|113008|||||AAA transaction status ACCEPT : user = etpdeir
  14:48:04|113019|||||Group = ibmdtsc, Username = etpdeir, IP = 124.128.162.43, Session disconnected. Session Type: AnyConnect-Parent, Duration: 0h:41m:41s, Bytes xmt: 885580, Bytes rcv: 1343, Reason: Connection Preempted
  14:48:04|716002|||||Group <GroupPolicy_AnyConnect> User <etpdeir> IP <<<<REMOTE IP>>>> WebVPN session terminated: Connection Preempted.
  14:48:04|113009|||||AAA retrieved default group policy (GroupPolicy_AnyConnect) for user = etpdeir
  14:48:04|113004|||||AAA user authentication Successful : server =  172.29.128.126 : user = etpdeir
  14:48:04|725002|<<<REMOTE IP>>>|51032|||Device completed SSL handshake with client outside:<<<REMOTE IP>>>/51032
  14:48:03|725001|<<<REMOTE IP>>>|51032|||Starting SSL handshake with client outside:<<<REMOTE IP>>>/51032 for TLSv1 session.
  15:48:03|302013|<<<REMOTE IP>>>|51032|<<<ASA IP>>>|443|Built inbound TCP connection 495403 for outside:<<<REMOTE IP>>>/51032 (<<<REMOTE IP>>>/51032) to identity:<<<ASA IP>>>/443 (<<<ASA IP>>>/443)
  Any ideas?

  i had this problem.  for me the cause had to do with internet explorer TLS settings.
  in IE8 go to tools, internet options, advanced and under security I had to make sure Use TLS 1.0 was checked (only Use SSL 3.0 and Use TLS 1.1 were checked.  I left them checked.).

• Windows 8 Pro 64bit, Aladdin eToken Pro, CISCO VPN-Client 5.0.07.0440 - Responding : Reason 403: Unable to contact the security gateway...

  Windows 8 Pro 64bit, eToken (Aladdin with newest Safenet etoken-Client V 8.2.85.0) Pro (V.with Cisco Systems VPN Client Version 5.0.07.0440 -> VPN Error-Log :
  VPN-Client Responding : Reason 403: Unable to contact the security gateway...
  (Detailled VPN-Error-Log see attached)
  Thanks in advance for any ideas or solution, its getting urgent !!

  First, try TheGreenBow's online troubleshooter. If that doesn't work, you can try their general support or simply contact them directly.

• I've just downloaded FF 4 beta, do i still need to purchase internet security software & anti-virus software for protection?

  I have not renewed my McAfee. i am not sure whether FF 4 beta security protection is good enough. I do internet banking often. do i still need to have other security or anti-virus software?

  Firefox is just a web browser, you still need anti-virus, anti-malware and firewall protection.

• Removal of central security service randomware virus from macbook air

  How to remove Central Security Service randomware virus from MacBook Air OS X 10.8.5

  Go step by step and test.
  1. Force Quit .
      Press command + option + esc keys together at the same time. Wait.
      When Force Quit window appears, select the Safari if not already.
      Press Force Quit button at the bottom of the window.   Wait.
      Safari will quit.
      Relaunch Safari holding the shift key down.
  2. Safari > Preferences > Extensions
      Turn those off and try Safari.
  3. Safari > Preferences > Privacy > Cookies and other website data:
      Press “Remove all website data” button.
  4. If adware is installed without your knowledge,
      download AdwareMedic by clicking “Download ” from here
      http://www.adwaremedic.com
     Install , open,  and run it by clicking “Scan for Adware” button   to remove adware.
     Once done scanning and removing the adware, quit the app by clicking AdMedic in the menubar
      and selecting “Quit AdwareMedic”.

• Connecting ADT security gateway to Time Capsule

  I'm having issues with my ADT security Gateway communicating with my airport time capsule. I'm not able to view live camera feed from my security system via wifi or LTE. ADT has replaced 3 gateways already and same issue. The Tech said he has a lot of problems with Apple routers. I have already messed with the ports and nothing fix that. My current set up is modem to time capsule to ADT security gateway. My ISP is not blocking no ports either. Any help would be greatly appreciated

  The issue is that ADT is expecting their service to be used with routers that have a feature called Universal Plug and Play (UPnP), a process that enables the router to automatically open the correct ports to allow access from the Internet.
  Unfortunately, Apple does not support UPnP, so although it might be possible to manually enter the port settings on the Apple router using a method that Apple calls NAT-PMP, the process may or may not work reliably with ADT.  It never worked very well for me, and I'm pretty good with network stuff.
  If you want to stay with ADT, ask their tech support folks to recommend a router that will work well with the ADT gateway. You can then configure the Time Capsule to operate in Bridge Mode behind the main router and things will be fine.

• WRVS4400N - Local Security Gateway Type - problems

  Hi,
  I've setup several VPN gateways and one Cisco gateway to our Juniper SSG140 with no issues, until today. We purchased a WRVS4400N and I'm trying to configure it to connect to our Juniper firewall, as a "dial-up" connection. I can get it to work if I set the "Local Security Gateway Type:" to "IP ONLY", but when I change it to "IP + Domain Name (FQDN) Authentication" it fails with the Cisco router not sending ANY IPSEC messages on the Cisco or Juniper, not even error messages. The last line of the VPN log says "Initiating Agressive Mode #1, connection" and nothing changes even after hitting the "Connect" button on the Cisco router.
  The VPN router is Version 2, with firmware 2.0.8 loaded. Not sure if I have a bad Cisco wireless router, or this is by design.
  Thanks for any help.
  Keith

  i suggest that you change the local ip address of the RVL200 to 192.168.2.1 instead of using 192.168.0.1.  please check also the encryption and the security on both ends of the tunnel. make sure that you use the same encryption and same authentication. you may also want to start with low encryption and security to make sure that it is not the problem.

• Citrix Secure Gateway over https reverse proxy - mouse delay

  Hello,
  i've a citrix secure gateway 3.1 server behind BM 3.9 SP2. I've configured a https reverse proxy to the gateway webserver. the citrixfarm is in our internal lan. My problem is, that i've very strange delays in citrix applications with mouse movement. The delay is about 1-2 seconds. If i connect directly from the DMZ to the gatway server, no delay was happend? So, my idea is, that the reverse proxy is the problem? Any idea would help!
  Is it possible to create filter exceptions, delete the reverse proxy, and connct directly per SSL to the citrix secure gateway server. If yes, can anyone tell me the filter exception rules.
  Thanks for your help!
  Regards,
  Norbert

  On 09/26/2012 05:16 PM, NSuttner wrote:
  >
  > Hello,
  >
  > i've a citrix secure gateway 3.1 server behind BM 3.9 SP2. I've
  > configured a https reverse proxy to the gateway webserver. the
  > citrixfarm is in our internal lan. My problem is, that i've very strange
  > delays in citrix applications with mouse movement. The delay is about
  > 1-2 seconds. If i connect directly from the DMZ to the gatway server, no
  > delay was happend? So, my idea is, that the reverse proxy is the
  > problem? Any idea would help!
  >
  > Is it possible to create filter exceptions, delete the reverse proxy,
  > and connct directly per SSL to the citrix secure gateway server. If yes,
  > can anyone tell me the filter exception rules.
  >
  > Thanks for your help!
  >
  > Regards,
  > Norbert
  >
  >
  tid7004603

• Secured Gateway on iWeb?

  Hi,
  Does anyone know if it's possible to create a secured passworded area on an iWeb website? Or through iWeb itself?
  Thanks,
  Dave.

  Dave:
  You can password protect an entire site. So if you have just one page that you want protected make it a separate site and link to it from the open site. The password and user name is set in the Inspector/Site pane (far left button in the Inspector's toolbar).
  OT