Trend Micro and Splunk

Similar Messages

• Trend micro and IPS

  Hello,
  I want to buy an ASA5510 + SSM for my lan.
  The goal is :
  - Make URL filtering/blocking within work hours
  - Deny some application like IM, P2P, web radio, during work hours.
  Trend Micro is good for the first think : url filtering by categories
  But is not good for blocking IM, ... (only check port 80 http)
  So, is it possible on an ASA to have Trend Micro and IPs working on the same appliance ?
  If no, what is the solution?
  Thx

  Hi.
  you can only install one module into the ASA. so yes, you can't have both the CSC and the SSM module in the same asa 5510.
  however the ASA does support url filtering via Websense or Secure Computing SmartFilter (formerly N2H2) . so if you have a any of those servers, you can configure the ASA to do the url filtering, and install the ssm ips module into the ASA to do the IM blocking.
  more info on asa web traffic filtering:
  http://www.cisco.com/en/US/docs/security/asa/asa83/configuration/guide/access_filter.html#wp1069318
  Regards,
  Fadi.
  if this answers your question please mark the thread as resolved.

• How do I downgrade to Firefox 5.0 I run trend Micro and that supports the toolbar for trend micro

  trend micro support told me they only support version 5.0 with there toolbar

  Firefox 5 isn't supported any longer, it is 3 versions behind the latest release. Tell Trend Micro to wake up and get with the Firefox Fast Release schedule or just stop providing extensions for Firefox.

• Trend Micro and iMS

  For those guys who are using trend to scan iMS, here are some tips:
  1. Ensure that imss folder and everything below it has r-x perms to others.
  2. change the trend_Vscan from scanscripts by adding -ppatternfilepath
  Best of luck

  Here is my imta.cfg:
  ! tcp_local
  tcp_local smtp mx single_sys inner switchchannel remotehost subdirs 20 maxjobs 7 pool SMTP_POOL maytlsserver maysaslserver sa
  slswitchchannel tcp_auth
  tcp-daemon
  !tcp_imss
  tcp_imss smtp mx single_sys defragment allowswitchchannel routelocal switchchannel remotehost daemon [127.0.0.1] port 10025 m
  aster_debug
  tcp_imss-daemon
  dispatcher.cnf
  [SERVICE=SMTP_IMSS]
  PORT=10026
  IMAGE=/opt/imsvol/ims/bin/msg/imta/bin/tcp_smtp_server
  !INTERFACE_ADDRESS=127.0.0.1
  LOGFILE=IMTA_LOG:tcp_imss_server.log
  PARAMETER=CHANNEL=tcp_imss
  STACKSIZE=2048000
  now, when i send a mail from internet, i get the error
  Return-path: <[email protected]>
  Received: from tcp_imss-daemon.webmail.mydomain.com by webmail.mydomain.com
  (iPlanet Messaging Server 5.2 Patch 2 (built Jul 14 2004))
  id <[email protected]>
  (original mail from [email protected]); Fri, 23 Sep 2005 00:18:42 +0530 (IST)
  Received: from xproxy.gmail.com (xproxy.gmail.com [66.249.82.207])
  by webmail.mydomain.com
  (iPlanet Messaging Server 5.2 Patch 2 (built Jul 14 2004))
  with ESMTP id <[email protected]> for
  [email protected] (ORCPT [email protected]); Fri,
  23 Sep 2005 00:18:42 +0530 (IST)
  Received: by xproxy.gmail.com with SMTP id s8so122274wxc for
  <[email protected]>; Thu, 22 Sep 2005 11:50:27 -0700 (PDT)
  Received: by 10.70.43.3 with SMTP id q3mr319238wxq; Thu,
  22 Sep 2005 11:50:27 -0700 (PDT)
  Received: by 10.70.42.11 with HTTP; Thu, 22 Sep 2005 11:50:27 -0700 (PDT)
  Date: Fri, 23 Sep 2005 00:20:27 +0530
  From: Srinivas A <[email protected]>
  Subject: wwwwwwwwwwww
  To: arun <[email protected]>
  Reply-to: Srinivas A <[email protected]>
  Message-id: <[email protected]>
  MIME-version: 1.0
  Content-type: multipart/alternative;
  boundary="----=_Part_11034_18216992.1127415027243"
  DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com;
  h=received:message-id:date:from:reply-to:to:subject:mime-version:content-type;
  b=kM6R5keYY2ULtWHBqWFhYpvIjAq+TBtASd9DfjJVyFTu0c7B+VaxXMjojLHqI2RBXMdrR6EQ2C8FmQyvvEc5roYihUTw/RKLTbcFS88Pp42qKKVCDD3ZZbEjhJha21sufAMDuJnyAFY84cDdRsI1law2bfQAfmGfz/CHCqm13Ik=
  Your message cannot be delivered to the following recipients:
  Recipient address: @diamond.mydomain.com:[email protected]
  Original address: [email protected]
  Reason: Remote SMTP server has rejected address
  Diagnostic code: smtp;530 5.7.1 Relaying not allowed: @diamond.mydomain.com:[email protected]
  Remote system: dns;[127.0.0.1] (TrendMicro IMSS SMTP proxy)
  Original-recipient: rfc822;[email protected]
  Final-recipient: rfc822;@diamond.mydomain.com:[email protected]
  Action: failed
  Status: 5.0.0 (Remote SMTP server has rejected address)
  Remote-MTA: dns;[127.0.0.1] (TrendMicro IMSS SMTP proxy)
  Diagnostic-code: smtp;530 5.7.1 Relaying not allowed:
  @diamond.mydomain.com:[email protected]
  I tried adding dequeue_removeroute to both channels. But, this is sending the message in a loop. I think @diamond.mydomain.com:[email protected]
  is not being understood properly.
  Here is what i get in master debug
  00:18:42.23: Initializing message dequeue via quc_rinit, file "/opt/imsvol/ims/msg-webmail/imta/queue/tcp_imss/ZZ0IN800E09EX6
  ZY.00"
  00:18:42.23: Reading first To: address
  00:18:42.23: Forced routing to [127.0.0.1]
  00:18:42.23: Setting up connection to "[127.0.0.1]", initial mailbox "arun"
  00:18:42.23: No connection currently open
  00:18:42.23: Opening new connection for [127.0.0.1]
  00:18:42.23: No MX lookup done
  00:18:42.23: os_smtp_open: Connecting to [127.0.0.1]
  00:18:42.23: TCP active open: Trying to connect to 127.0.0.1
  00:18:42.23: smtp_open to [127.0.0.1] returned 9
  00:18:42.23: Reading initial status line from remote server...
  00:18:42.23: Got status : "220 webmail -- Server ESMTP (iPlanet Messaging Server 5.2 Patch 2 (built Jul 14 2004))"
  00:18:42.23: Starting SMTP dialogue
  00:18:42.23: Sending : "EHLO webmail"
  00:18:42.24: Got status : "250-webmail"
  00:18:42.29: Got EHLO options:
  00:18:42.29: - - - - - - - - - - - -
  00:18:42.29: SIZE=0
  00:18:42.29: ETRN=
  00:18:42.29: PIPELINING=
  00:18:42.29: 8BITMIME=
  00:18:42.29: - - - - - - - - - - - -
  00:18:42.29: DSN extension not found
  00:18:42.29: Sending : "MAIL FROM:<[email protected]> SIZE=2048
  00:18:42.29: Sending : "RCPT TO:<@diamond.mydomain.com:[email protected]>"
  00:18:42.29: Sending : "DATA"
  00:18:42.29: Got status : "250 2.5.0 Address and options OK."
  00:18:42.34: Got status : "530 5.7.1 Relaying not allowed: @diamond.mydomain.com:[email protected]"
  00:18:42.34: Decoded status value: 5000000
  00:18:42.34: Got status : "554 5.5.0 No recipients have been specified."
  00:18:42.34: Initializing MM for submission
  00:18:42.34: Initializing message from postmaster
  00:18:42.34: Read message header
  00:18:42.41: Successful delivery of file: /opt/imsvol/ims/msg-webmail/imta/queue/tcp_imss/ZZ0IN800E09EX6ZY.00
  00:18:42.41: Shutting down message dequeue and any open connections
  00:18:42.41: Shut down SMTP with QUIT command
  00:18:42.41: Sending : "QUIT"
  00:18:42.41: Got status : "221 2.3.0 Bye received. Goodbye."
  00:18:42.41: Closing SMTP channel
  00:18:42.41: smtp_pmt_close: [0x0000000b] status 0
  00:18:42.41: End of processing list, connections closed.
  any thoughts?

• How do i uninstall this latest version? I have trend micro anti virus and it said you are incompatible at this time. you did not give me a choice of opting out so I am opting out of using firefox since my protection is now gone.

  Several days ago firefox wanted to upgrade and I refused because trend micro was not supported. Today it automatically made the change. I have trend micro and your message said it would not work. I would think that an antivirus program would be one of the most important features to be able to work. Either fix it or tell me how to roll back to the other version. If you cannot I am dumping firefox and going back to internet explorer. So for now I am closing this window and using IE untill I hear from you

  I've had almost every issue you've had.  Finally on Friday the screen blacked out.  It was obviously still charged, since I could hear the message ring, but when I tried to light up the display it didn't light so I was unable to get to it unless I removed the battery.  Then, as soon as the display timed out, I couldn't get it lit up again without removing battery.  I had the same slow movements throughout the display as well as slow text messaging.  Every issue you had other than the alarm clock (that always worked well).
  I took it in yesterday and, after over an hour spent there with a 'professional', I still had no answers.  He told me to come home and copy everything from my sd card to my computer, then re-format my card.  Well, my phone didn't even recognize that I had an sd card installed!!  Nor did my computer! 
  So then I got to experimenting...I removed the card and viola!!!!!!  The phone worked GREAT!  It's never worked so fast!  I then installed my husbands sd card to see if it was my phone's card reader or my card.  Turns out that the phone still worked great with his card installed and it did recognize his card in my phone.  So, my conclusion is that I need a new card.  I couldn't believe the difference in speed of everything!  It's like a brand new phone! 
  As for the hard reset...I did that over the weekend, before I could get to a verizon store.  It didn't work at all.
  I'd say, do the same thing I did and see if that works.  Can't hurt!!!  Please keep me posted.  I'd like to see what you find out 
  Good Luck!!!!

• Installed Trend Micro Titanium and now some sites look scrambled, facebook and espn, how do I fix this?

  Called Trend Micro and said it was Firefox's problem. I am sure that is bull, but can I fix this? I uninstalled Trend and was still having the problem.

  Can you attach a screenshot?
  *http://en.wikipedia.org/wiki/Screenshot
  Use a compressed image type like PNG or JPG to save the screenshot and make sure that you do not exceed the maximum file size (1 MB).
  Clear the cache and the cookies from sites that cause problems.
  "Clear the Cache":
  *Tools > Options > Advanced > Network > Offline Storage (Cache): "Clear Now"
  "Remove Cookies" from sites causing problems:
  *Tools > Options > Privacy > Cookies: "Show Cookies"

• Trend micro toolbar is not compatible in this version

  Many of the toolbar and add ons which were working with previous versions of FF are not compatible with this version

  Many toolbar and addon developers don't do updates for Beta, pre-release versions. You might have to wait for the actual release of Firefox 4.0 before those incompatible addons are updated. Now is the time for users to contact outfits like Trend Micro and let them know they need to get-on-the-stick as far as updating their extensions for Firefox 4.0.

• Trend Micro Titanium wont work with firefox v4 what can i do

  I'm haveing trouble with trend micro and firefox 4 dose not work will what can i do

  Either downgrade to the previous secure version of Firefox which is 3.6.17, or change your antivirus program.
  Avast is free and just as good as Trend Micro, if not better: http://www.avast.com/free-antivirus-download
  To downgrade, do the following:<br><br>
  #Go to [http://www.mozilla.com/en-US/firefox/all-older.html Download Firefox v3.6.17] and download it to the desktop.<br><br>
  #Then go to Add/Remove Programs, scroll down to "Mozilla Firefox" and remove it, choosing to keep your bookmarks, customizations etc., (don't checkmark the box).<br><br>
  #Then reboot and delete the folder called "Mozilla Firefox" at this location: C:\Program Files\Mozilla Firefox<br><br>
  #Finally run the installation file you downloaded to the desktop earlier.<br><br>
  Your bookmarks, customizations etc., are maintained in a different location and will become available to you again once you complete the installation.<br><br>

• Trend micro antivirus expired to early!

  i got a samsung computer around july 30,2010 and it came with a year antivirus from trend micro and it expired on feb 28,2011. It dosent even scan or protect my computer. need help please ?

  Again, Best Buy provides 6 months free of antivirus. The op would need to look at their receipt to see if they paid for a year or just took the free 6 months.
  Crystal
  Superuser
  Forum Guidelines | Terms & Conditions | Community Guidelines | What is a Superuser?
  *Remember to mark your questions solved and click the star to give kudos to show your thanks!*
  While I used to be a Best Buy Employee, I no longer have any affiliation with Best Buy.
  My opinions do not in any way shape or form represent Best Buy's Official decisions.

• How can I uninstall Trend Micro Safe Surfing once the app has been deleted from my Mac OS X?

  How can I uninstall Trend Micro Safe Surfing once the app has been deleted from my Mac OS X?

  Check to see if there's such a folder as  either
  /Library/Application Support/Trend Micro
  ~/Library/Application Support/Trend Micro
  and if so, see if either contains an uninstaller.
  Failing that, download the demo version of the app from Trend Micro, and try the uninstaller that it should contain.
  If all else fails, the manual way would be to use something like EasyFind and search for anything with "com.trendmicro" in the filename (you can use Finder, but be sure to include system files and invisible files in the search options). Pay particular attention to the folders
  /Library/LaunchAgents
  /Library/LaunchDaemons
  ~/Library/LaunchAgents
  ~/Library/Internet Plug-Ins
  ~/Library/Preferences

• Network Icon red X - NlaSvc service failed - Trend Micro TROJ_Generic.ADV

  Current situation...
  The NlaSvc Service is failing to start. The symptoms on the desktop are a red "X" on the network icon. (The pop-up message is "Connection status: unknown The dependency service or group failed to start." However, the network connection is working OK, but Vista is apparently unable to recognize the network.
  How it started...
  Trend Micro detected a problem:
  "To remove a trojan horse program we need to restart the computer.
  Trojan name: TROJ Generic.ADV
  Restart now | Restart Later"
  On restarting immediately, the entire OS failed and restarted about 4 times. Once boot-up became stable, the network icon contained the red "x", and I eventually discovered the failed NlaSvc.
  I have seen two other posts with the identical problem in http://forums.microsoft.com/TechNet/ShowPost.aspx?PostID=3842672&SiteID=17.
  Both Trend Micro and MBAM scans now say the system is clean from threats.
  Any ideas how to find/repair the problem with NlaSvc?

  How to Delete/Change a System File in Windows Vista (and fix nlasvc.dll)
  Warning: Do not delete system files. Bad things will probably ensue.
  If you need to delete or overwrite a system file in Windows Vista, you'll quickly notice that you cannot delete system files, even as administrator. This is because Windows Vista's system files are owned by the TrustedInstaller service by default, and Windows File Protection will keep them from being overwritten.
  Thankfully, there's a way that you can get around this. You need to take ownership of the files, and then assign yourself rights to delete or modify the file. For this, we'll use the command line.
  Open an administrator command prompt by typing cmd into the start menu search box, and hit the Ctrl+Shift+Enter key combination.
  To take ownership of the file, you'll need to use the takeown command. Here's an example:
  takeown /f C:\Windows\System32\nlasvc.dll
  That will give you ownership of the file, but you still have no rights to delete it. Now you can run the cacls command to give yourself full control rights to the file:
  cacls C:\Windows\System32\nlasvc.dll /G your username:F
  At this point, you should be able to delete the file. If you still can't do so, you may need to reboot into Safe Mode and try it again. For the filename in the example, I was able to overwrite it without safe mode, but your mileage may vary.
  Oncethe file has been replace you should set the permissions back but…
  TrustedInstaller does not exist in the "visible" users and groups as it runs as an NT Service so to restore:
  Right mouse button click on the file and choose Properties
  Click Security tab
  Click Advanced button
  Click Owner tab
  Click Edit button
  Click Other User or Group and type in NT SERVICE\TrustedInstaller
  Press Ok on all dialogs until all property dialogs are closed
  Kind regards
  Terry Downing MBCS CITP MIoD
  Chartered Information Technology Professional

• My Trend Micro Internet Security keeps removing my Firefox browser, saying it contains "HTTP_TROJAN_REQUEST-46".

  I have reinstalled Firefox 3 times already but it keeps getting removed. Not sure what is going on, but I don't think it's a virus on my laptop as my Trend Micro and Malwarebytes scans both came up negative.
  Any help would be much appreciated!

  Hi, thanks for your reply. I've been downloading Firefox directly from the Mozilla website.
  Nevertheless, I'll try again once again and hopefully it works this time.
  Edit: The download didn't work - the programme got removed again by Trend Micro.

• Installed Trend Micro Smart Surfing on new MacBook Pro and now it has caused error that won't let computer boot up.  How do I get it to a point that I can delete program?

  Installed Trend Micro Smart Surfing on new MacBook Pro and now it has caused error that won't let computer boot up.  How do I get it to a point that I can delete program?

  Try booting up in Safe mode (holding down the Shift key while booting). If the software came with an unistaller, use it to remove alll traces of the software - it's nothing that you need and, as you've experienced, can do more actual hard than good (as is the case with most software of this type). When you're booted in Safe Mode, if you can't run an uninstaller, at least check to make sure that there are no Trend Micro items that are set for automatic log in, at least.
  Clinton

• I installed Firefox 4 and it's telling me that the Trend Micro NCS extension is not compatible.

  1. What is the NCS extension? I have no idea. Is it necessary?
  2. Does this compromise my computer in an IMPORTANT way when surfing the internet? If so, then how do I go back to the previous version.
  3. Please don't tell me to go to Trend Micro's site. I did, and they have no information whatsoever.
  Thank you.

  Please help!

• Mac OSX Maverics (Ver 10.9.4) Reboots after installing and removing Trend Micro Smart Surfing

  Hi,
  I have recently installed Trend Micro Smart surfing with serial number starting with TCEF. I am currently running my mac book pro on OSX Maverics Version 10.9.4. As soon as I installed the software, I got the error message that the software is not compatible with this version of OS. I went to applications and selected Trend Micro Smart surfing and moved it to trash and also emptied the trash. After this my laptop is rebooting frequently. I even went to safe mode and then into
  system preferences ---> users and groups---> Login items and found nothing related to Trend Micro smart surfing. I have also tried to reinstall max osx and still having reboot issue. I have a lot of data and I am afraid I will loose this. Can anyone please help me out.
  Thank you in Advance for all the help.

  Uninstall the Trend Micro product by following the instructions on whichever of the pages linked below is applicable:
  Removing Trend Micro Titanium Internet Security
  Uninstalling Trend Micro Smart Surfing
  Restart. If the program was incompletely removed, reinstall it and start over. Back up all data before making any changes.