CSA 6.0.1.106 Clam AV

Similar Messages

• Upgrade CSA MC v5.1.0.106 to v5.2.0.245 - password error

  Hi,
  I've just upgraded CSA MC from v5.1.0.106 to v5.2.0.245 (the latest hotfix which is a full product).
  The upgrade process went fine with no errors. I rebooted and things look fine.
  However, when I try to log into the web frontend either locally or over the network I cannot authenticate on the new 5.2 platform - I keep getting access denied. I configured the same username and password as I use for 5.1 and know that it is the same.
  I've had a look at the MSQL 'admin' tables for both 5.1 and 5.2 and both have the relevant usernames are there.
  Has anybody seen this before - there's no mention of this problem in the install guide or release notes. Alternatively, how can I create another admin user?
  Thanks.

  Hi Tom,
  I was going to use the same server, I am going to read the documentation tonite.
  Do you recommend using a second server. I was going to ghost the 5.1.0.69 and perform the upgrade.
  ~TS

• CSA Agent 6.0.1.106 for server

  i have an CSA agent 6.0.1.106 im trying to install on Server with windowns 2003 Enterperise 64 bit
  i know the Agent installation should be done on the background but nothing seems to be installing after i check the process running on windows CSAsetup.exe32 appears when i click install and disappears in 3 seconds back.

  As far as i remember no 64-bit windows o/s'es are supported yet, they will be in 6.0.2 which is coming very soon, but i doubt it will include win2003 64-bit. If you wanna see if it something in the installation that fails, you could create a new agent kit, like the one you use now, but without the silent install flag set.

• CSA 6.0 (Audit or Learn Modes turn off Clam AV)

  Hi All:
  I was told that when a host is in Audit or Learn Mode, ClamAV is turned off as well. I was also told that I could not have a 3rd-party AV product installed on the same host as CSA (Cisco would not support it). This seems to make Audit/Learn Mode useless, as I need virus protection - yet I need to tune the host. Are there any workarounds that I can use just so I can tune hosts using Audit/Learn Mode and sleep @ night knowing a virus won't kill the host? Any feedback is greatly appreciated.

  That's very interesting since I have CSA 6 and Trend Micro Officescan 8 running on the same machine.
  It also has this rule module applied:
  Security - 3rd Party AV Event Detection [W, V6.0 r220] Module to forward 3rd Party Anti-Virus Events to MC.
  I would say based these observations that 3rd party AV is supported (for now).
  You could still use policy or rule module audit mode for testiing and leave the AV in protect mode.
  Tom

• CSA prevents remote application from accessing the registry

  Hi all,
  I have recently install CSA 6.01.106 and I am getting the following notification in the event log.
  Audit: The process '<remote application>' (as user PROD01\S60MP6I$) attempted to access the registry key '\REGISTRY\MACHINE' and value ''. The attempted access was an open (operation = OPEN/KEY). The operation would have been denied.
  does anyone know how to create an execption without creating a blanket rule to permit everything?
  Or are you able to provide me with some more tips to assist me with what is going on here?
  many thanks

  You can create a user state that will allow remote connections if it is legitimate.
  It may be trying to read permissions to connect or run an application.
  Tom

• CPU upgrade on Satellite M30-106

  Hi folks
  Could do with some help please?
  Just got an old Toshiba Satellite M30-106 a few weeks ago and [to be fair] it runs not bad with xp on it. I purchased another 2 gig DDR which does make a difference speed wise but can I upgrade the processor from the Intel Pentium M processor 725 1.60 GHz front side bus : 400 MHz,2nd level cache : 2 MB thats in it just now ?
  Can it take a higher CPU if so whats the highest? Would be very gratefully of some advice please.
  Thanks in advance.......

  At first I must say that I agree with you that this notebook runs well with WXP. At least this notebook model is designed for WXP. ;)
  I found some info about CPUs on Satellite M30:
  +The Satellite M30 computer is equipped with an Intel Banias Processor, which+
  +incorporates a math co-processor, a 64KB L1 cache memory and a 1MB L2 cache+
  +memory. The processor runs with one of the following speeds:+
  +Intel Banias Processor 1.40GHz (1.35V) / 1.20GHz (0.85V)+
  +Intel Banias Processor 1.50GHz (1.35V) / 1.20GHz (0.85V)+
  +Intel Banias Processor 1.60GHz (1.35V) / 1.20GHz (0.85V)+
  +Intel Banias Processor 1.70GHz (1.35V) / 1.20GHz (0.85V)+
  So maybe you can use this fastest 1.70GHz CPU. I don't think you will see big difference.
  Best thing you can do is to upgrade RAM to max and optimize preinstalled WXP and you will be happy with this oldie.

• Black and White Tv Pictures with Qosmio G10-106

  Grey hairs and going bald from pulling hair out. Bought Toshiba G10-106 in Jan 05,living in Ireland using ordinary Tv cable for laptop and cannot get Tv to work properly.B&w images are the best ive got so far.
  Is there compatability issues with Toshiba driver and Windows MCE?Also if i launch Tv without booting windows i get one channel(E4) in colour but totally fuzzy. Would love to have this cracked as spent lot of dosh on the laptop and am relatively new to computers and would like some feel good factor rather than depression.
  Thanks all.

  Sorry,i should have clarified. My hopes were to watch TV on the laptop itself using the built in TV tuner and the Antenna adapter supplied with the Qosmio,using no other equipment.
  I have launch media centre/settings/current region=Ireland/cable or digital selected/analogue terrestrial pal/secam selected/No selected to "Do i have a set top box?",then i return to Tv settings as there is no Guide listings for Ireland.
  I then scan for services. Thirty seven services found all in Black and White and some quite fuzzy. Hope this will narrow things down,i cant figure it.
  Thanks for help.

• CSA MC Install error: Unable to load patch information

  When we try to install CSA MC 5.2.0.263 (and 5.2.0.203) on Windows Server 2003 Ent Ed (or R2) we receive error:
  "Unable to load patch information into the database"
  How to solve the given error?

  Just a couple things to check. If running the CSA agent on the MC make sure its disabled during the upgrade
  You have enough free space in the installation directory

• CSA 6.0 will not install. Crashes on Patch Information.

  I have tried to install CSA 6.0 a few times and it crashes on "Unable to load patch information into database. setup will now abort". can anyone tell me why this keeps happening. I have installed 5.2 just fine but I want to use 6.

  If you encounter problems with installing or uninstalling the CSA, perform the following tasks:
  • Verify that you rebooted the server.
  • Verify that the Cisco Security Agent service is not disabled and that its Startup Type value is
  Automatic.
  • Obtain the installation logs from :\Program Files\Cisco\CSAgent\log. Review the
  Cisco Security AgentInstallInfo.txt and driver_install.log files.
  • For installations, verify that you installed the Network Shim. The driver_install.log file should state
  that csanet2k.inf installed. If the Network Shim is not installed, uninstall the Agent and then install
  the Agent again.
  • Verify that you did not use Terminal Services.

• CSA MC 6 - How can I create an SSL Certificate that points to a name other than the hostname?

  I have just installed CSA MC 6.0.2.  My company has a bunch of customer's that are on different domains.  We are all linked through VPN tunnels and would like to have all the agents point to a specific URL for updates rather than the hostname of the machine.
  FQDN:                    testserver.abc123.internal
  URL:                       thisserver.abc123.com
  We already have everything setup so that the clients can reach thisserver.abc123.com but I need to create a certificate with this name without changing the server's hostname.  We also don't wnat update their host files.  Any ideas?
  If anyone could help I would greatly appreciate it as we're looking to start upgrading the agents on all servers ASAP.
  Thank you,
  Cory

  What about putting the CSAMC in your DMZ and allowing those ports through your firewall?
  The nice thing is it allows hosts to communicate with the MC no matter where they are.
  You'd have to open up 80 to the MC for software updates but we haven't had any problems in 6 years with that setup.
  Tom

• Firmware Version 4 1 106 1982 of IomegaEZ MAL PERFORMANC​E and improve performanc​e

  Firmware Version 4.1.106.31982 of IomegaEZ MAL PERFORMANCE !!! and improve performance?
  I upgraded to version 4.1.106.31982 the IomegaEZ and enter SETUP MAL has PERFORMANCE WEB, it is very slow unlike the previous firmware version; as performance improves VERSION of this? You can return to the previous version without losing data?
  Thank You
  Ruben Arno
  ESPAÑOL
  Version de Firmware 4.1.106.31982 de  IomegaEZ de MAL RENDIMIENTO !!! como mejorar el rendimiento ?
  He actualizado a la version 4.1.106.31982 el IomegaEZ y al ingresar al SETUP WEB tiene MAL RENDIMIENTO,  es muy lento a diferencia de la version de firmware anterior; como se mejora el rendimiento de esta VERSION ? se puede volver a la version anterior sin perder datos ?
  Gracias
  Ruben Arno

  Hello pcyservice
  There is NOT a way to downgrade/roll-back/revert to a previous firmware without wiping all data.  This is specifically mentioned on the firmware update page:
  " CAUTION!
  This update is not data destructive, however, ALWAYS back up your data before performing any firmware update!
  Once you have updated the firmware, you will NOT be able to revert to an older firmware version."
  I recommend you disable any unnecessary features/protocols such as Media Server and Active Folders, then reboot the unit.
  If you are still experiencing performance issues, please contact LenovoEMC support to troubleshoot further.
  LenovoEMC Contact Information is region specific. Please select the correct link then access the Contact Us at the top right:
  US and Canada: https://lenovo-na-en.custhelp.com/
  Latin America and Mexico: https://lenovo-la-es.custhelp.com/
  EU: https://lenovo-eu-en.custhelp.com/
  India/Asia Pacific: https://lenovo-ap-en.custhelp.com/
  http://support.lenovoemc.com/

• Emond[106]: Host at 10.0.0.100 will be blocked for at least 15 minutes

  After a clean install of Lion Server 10.7.3 (1.3.1) and making the basic configuration (users etc.) i enabed the Time Machine service with a WDC MyBook Studio Edition II as the destination. Setting up the first client using this TS Service works fine, but the second client reports the error "Time Machine cannot complete the backup, backup disk not available" after starting the initial backup.
  Only indication on the server side that it fails is the message "Feb 25 13:22:48 paris emond[106]: Host at 10.0.0.100 will be blocked for at least 15 minutes" in the system log as an isolated message;
  Feb 25 13:21:50 paris org.clamav.clamd[74]: SelfCheck: Database status OK.
  Feb 25 13:22:48 paris emond[106]: Host at 10.0.0.100 will be blocked for at least 15 minutes
  Feb 25 13:31:50 paris org.clamav.clamd[74]: SelfCheck: Database status OK.
  I tried the following to solve it;
  Flush the firewall
  sudo /sbin/ipfw -f flush
  Change the default firewall address from 127.0.0.0 to the ip-addres of the ethernet interface of the Lion Server
  vi /etc/af.plist
  <?xml version="1.0" encoding="UTF-8"?>
  <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
  <plist version="1.0">
  <dict>
          <key>blacklist_file</key>
          <string>/var/db/af/blacklist</string>
          <key>default_set</key>
          <string>17</string>
          <key>default_timeout</key>
          <string>15</string>
          <key>firewall_address</key>
          <string>10.20.0.100</string>
          <key>log_facility</key>
          <string>SBS_Security</string>
          <key>log_level</key>
          <string>5</string>
          <key>start_behavior</key>
          <string>enable</string>
          <key>state_file</key>
          <string>/var/run/af_state</string>
          <key>sweep_interval</key>
          <string>20</string>
          <key>whitelist_file</key>
          <string>/var/db/af/whitelist</string>
  </dict>
  </plist>
  serveradmin stop ipfilter
  serveradmin start ipfilter
  Add the subnet 10.x.x.x to the firewall whitelist
  /usr/libexec/afctl afctl -w 10.0.0.0/8
  Till now not, no joy .
  The only indication i could find till now is the "emond[106]: Host at 10.0.0.100 will be blocked for at least 15 minutes" message in the
  system log. Anyone any suggestions , ideas , hints how to analyze this issue further or better to resolve this ?

  I had a similar problem. I fixed it using a few steps. I think the important steps were performed on the Time Machine client although I also rebooted the Time Machine server once and cycled the Time Machine service on and off a few times. I also turned on and off the external drives connected to the Time Machine server.
  Now to the steps that I think actually fixed the problem. They were performed on the Time Machine client.
  1) Under Time Machine in System Preferences, turn it off and remove the remote backup destination.
  2) Under Keychain Access in Utilities within Applications, look for entries under login and System related to your Time Machine server machine.
  3) From the client, I connected to the Time Machine server both through Finder and through Time Machine preferences under System Preferences. Instead of just entering the password, I changed the password a few times.
  4) I also deleted the Keychain entries between some of these password changes.
  5) Then I went back to Time Machine one last time and set up the remote volume on the Time Machine server and turned it on.

• CSA causing BSOD - btaudio.sys

  Hey Guys,
  We're trying to build a new SOE, but on a laptop when you turn on/off bluetooth we recieve a Blue screen of death. With CSA uninstalled the error does not occur. With CSA turned off (right clicked on task bar) we still get a BSOD, so that kinda rules out any rules/policies.
  Any ideas without upgrading the server to version 5 or 6? I'm not confident with this software to upgrade.
  V4.5.1 build v657
  Thanks!

  btaudio.sys is part of the bluetooth stack for windows, it can be from WIDCOMM or a repackaged version from ibm/ms/dell/hp whatever, i would consider searching for BSOD in regards to the bluetooth driver for that specific platform, otherwise you are looking at a bug, which is not easily solved by changing rules in csa, in 5.x there is a class called "only needing kernel protection", which sometimes can be used, but this sounds like a bad driver, that tries to install itself in the same call tables as csa, and causes a BSOD, so looking into fixing the driver problem, might be simpler and quicker than trying to fix csa.

• Error 106 when Installing Photoshop 7?

  Hello,
  I don't know much about computers and my english is not perfect, so please bear with me!
  I just bought a netbook with Windows 7 Starter OS, and since my new netbook doesn't have a CD drive, and I was trying to install Photoshop 7 on here through my network from my old computer.
  At about 40% of installation, it gives me this message:
  Media Name: data
  Compenent: Preset libraries/Brushes
  File group: Preset Brushes
  file: dry media brushes.abr
  error number: 106
  Does anyone know why it does this?
  Does it mean that the file corrupt or something? And if so, how do I replace it without having to buy the program again?
  I would really appreciate your help!

  If you're looking to run ancient software on your modern netbook, you might consider learning more about Windows UAC (User Account Control) and making an informed decision to disable it.
  Just running a program As Administrator doesn't work around several of the issues (Registry and File System Redirection) that UAC introduces.  Some old programs might never run properly with UAC enabled.  I don't know, specifically, about Photoshop 7, because that's the one version I never bought; I went from 6.0 to CS.
  -Noel

• Satellite L655-106 - CD/DVD drive does not read disks

  Toshiba satellite L655-106 dvd rom is reading all types of cds as blank.
  I have run the registry cleaner and re-installed the driver but no effect

  Are all disks no readable?
  Try to clean the laser lens using cotton wool tip and alcohol.
  Then try again