Jump to content

Yasir Shehzad

  • Content Count

  • Joined

  • Last visited

Everything posted by Yasir Shehzad

  1. Hi, We have the exact same scenario, Can I ask that if the above scenario mentioned by Mr. pklaffehn is tested or not? whether we can push the KES10 for mobile latest version of Android using Air Watch MDM in terms of silent installation. Or if you guys can provide an answer file or any configuration file for the same. Regards, Yasir
  2. Hi, I want to make a request for feature in Kaspersky Security Center 10 and KES10 latest for the Application startup control. The Feature request is that currently we can add the Application on the basis of categories i.e. "Internet Softwares -- >Software Downloaders. So here we can select only the "Software Downloaders however there are different vendors in the same category i.e. "Microsoft and Nokia Etc." I will to block 1 specific application inside the Microsoft category which is "Windows Store". I believe in current version this is not possible so we want this feature in KSC/KES10 so that we can even select a specific application by a specific vendor not just the whole category. I am sure that this can be done. Kindly let us know here if this can be considered as a future request for adding the feature. Let me know if you have any question for this scenario. I will try to explain again. Regards, Yasir
  3. Hi below is the event Event type: Network attack detected Application\Name: Unknown User: PC\admin (Active user) Component: Network Attack Blocker Result\Description: Blocked Result\Name: Intrusion.Unix.Generic.sh.format-string.exploit Object: TCP from to local port 49424 Object\Type: Network packet Object\Name: TCP from to local port 49424 What info you mean to say about the source of attack? Source is a Linux Server used for an application. This is used as a linux Server version is "Red Hat Enterprise Linux 6". Regards, Yasir
  4. Hi, We use KES10 SP1MR2 and MR3. It is detected under Network Attack Blocker. I just want to know the details about the mentioned attack. How we can verfiy that it is genuine or false positive? Where it is detected, that PC have KES10 above version and the source PC is a linux machine and have no AV. Regards, Yasir
  5. Dears, If the below attack is detected on the client so what could be the reason on the source PC that can generate the mentioned alert and how we can fix the problem. Source is a Unix machine and appreciate if you can share the details of the below attack. "Intrusion.Unix.Generic.sh.format-string.exploit" Regards, Yasir
  6. Hi, Is there any information on release date for the new version of Kaspersky Light Agent MR3/MR4 which will be supported with the Citrix 7.0. Regards, Yasir
  7. Hi, It is appearing after the backup, once the backup is completed the services are coming up and we are receiving some scheduled reports also, but the thing is that we have configured around 7 reports to be delivered but we are receiving two/three reports only and at the same time the issue is coming. KL server will not accept any connection and it will generate "server busy event" and the port "13000" will become inactive even after restarting the services of Kaspersky (many times) it will not accept new connections. :dash1: It will be fixed after 5-6 hours when we restart the service. Regards, Yasir
  8. Hi, We are not able to connect to Administration Server and we are getting below events in the Event Viewer "Kaspersky Events" "Heartbeat from host 'hostname' has been rejected. Server is busy". This is happening from 3-4 days and every-time after the back we are not able to connect to the server and it is generating these warnings. We restarted the server even and also we tried to restart the services many times but still it is same, even telnet on port "13000" is not working however all the services of Kaspersky are running perfectly. Appreciate if someone can help on the same. KSC Version = 10.4.234 (Patch e) Regards, Yasir
  9. Dears, What is the exact solution for the mentioned problem "heartbeat from host "" has been rejected server is busy" not able to connect to the administration server. I restarted the server even but it is still same. services are also restarted many times but not helpful. No error in the event logs only above message is coming. Fed up with this thing. It happens everytime when backup completed and server is coming up. Appreciate if someone can share the solution. KSC = 10.4.234 (e) Regards, Yasir
  10. Hi, I have created the category and added the files in allow rule but still it is getting blocked. Can you please confirm that we cannot block/allow the file only on the basis of file name. Thanks.
  11. Hi, I have a query regarding the Application startup control. Can we block the application only by providing the application? The requirement is to block the file only by name as the MD5 Hash is keep changing so we cannot depend on the MD5. attached is the screenshot. KSC Version = 10.2.575 (patch d) Network Agent = 10.1.249 (patch f) KES 10 = (patch a) Regards, Yasir
  12. Hi, No it is not accessible, I am just telling the rule which I have specified. BTW the executable to WSEE 10 is also not loading however the executable of KSC10 SP1 is running when I am launching it. Regards, Yasir
  13. Just to add, Kaspersky is blocking the plugin of WSEE10. I have blocked the applications "Not Trusted by KSN" and ALL the application are allowed which are trusted by KSN. Regards, Yasir
  14. Hi, I have installed WSEE on server and created a Policy for WSEE 10 successfully, however after applying the policy and I tried to open the Policy and I am getting the attached message. Plugin is installed already (see the attached screenshot). KSC version = 10.2.575 (Patch d) Please advise. Regards, Yasir
  15. Addition !! Same thing with the Policy of KES10 MR1 ( as well. Regards, Yasir
  16. Hi, I have KSC10 SP1 Patch D and I moved one machine to this KSC having Network agent 10.1.249 Patch F installed. When I am trying to open the KSC --> Managed Computers --> PC --> Properties --> Applications --> Kaspersky Endpoint Security 10 MR1 (with patch a), then I am not able to see and settings on KES10. You can see the attached screenshots also Its not showing the statistics of KES10.2.1.23 also the Plugin is installed. Regards, Yasir
  17. Hi, I think this issue might be related to the Plugin as on the PC side it is working, but when we go the KSC PC--> Properties --> Applications --> Kaspersky Endpoint Security 10 --> Properties --> Protection Settings in the KSC and the options for the BADUSB Attack Prevention are changeable. So its on Kaspersky now which can define this as new version/feature issue which is related KES/KSC. Yasir
  18. Hi, I have enabled the BAD USB option in the policy and the "lock sign" is closed however if I go to the properties to the PC--> Properties --> Applications --> Kaspersky Endpoint Security 10 --> Properties --> Protection Settings in the KSC and the options for the BADUSB Attack Prevention are changeable. Kindly update if this is the expected behavior ?? You can see the attached screenshot. KSC is used with the Patch D and KES 10 SP1 MR2 Beta version. Regards, Yasir
  19. Hi, Is there any solution available for KSC 10.1.249? any patch? Yasir
  20. Hi Dmitry, Your statements are http://forum.kaspersky.com/index.php?showt...p;#entry2313321 hi, @dmitry i raised the same question few weeks back but you told me that it (c:\windows\*.log) works see your post http://forum.kaspersky.com/index.php?showt...p;#entry2313321 Thanks!!
  21. Hi, Ok, I understand you statement but in current version KES10 MR1 it's showing me the same information on all 3 tabs. see the attached screenshot. In Addition patch pf386 is installed on the KES10 as I faced an issue with the update time difference, so patch pf386 was provided from your side. Please confirm if there is any changing in the KES 10 SP1 regarding this time difference or it may be a bug. Note: This screenshot was taken right after when the update task was completed on the machine. see the screenshot. Let me know if you need more information. Thanks !!
  22. Hi, I was facing the same issue, but after updating the KSC the issues got solved. Please make sure that the "Download updates to repository" is completed on the server. Thank You !!
  23. Hi, This issue still in the KES 10 SP1 Beta 2. Please update which files you need from the machine? Thank You !
  24. Hi, The below one will work or not? C:\work\*.log Thanks !!
  • Create New...

Important Information

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.