EZAV 6170 autodownload problem?

Hi all

a new (to me anyway) hassle with autodownload; it's reporting defs up to date when they are not (pic)

had all sorts of problems with autodownload before - won't connect, "handle in wrong state" - but this bug causes things to appear OK when they aren't

==

manual update link for v6170

(if using IE use <Ctrl>F5 to refresh this page before you believe what it says)

==

have just been looking at SANS etc., there's talk of a new pack of Beagles (?Bagles)(?Bagels) and recommendation to update defs frequently... conversely, not a good time to be running out of date defs without knowing it

best wishes, HJ

 

seems to be resolved

appears to be working OK again

best wishes, HJ

 

Why don't you go here ftp://ftpez.ca.com/pub/myeTrust/apps/ and get the new one? It updates automatically or you can have it update on a schedule. You are entitled to any updates.

 

Hi maggie

I tried one of the more recent versions (6.3.0.9) but didn't get on with it - and more to the point it didn't get on with Kerio. Kerio won!

...was going through a rather busy phase at the time (it does happen sometimes...) I chickened out and reverted to 6.1.7.0

normally I update defs frequently but manually... I tried autodownload for the first time in ages mainly because of the problems in this thread to see what would happen, was curious to see if I could get the "handle is in the wrong state" error again.

==

What I didn't do - and am now kicking myself over - was to check the contents of "version.txt" at the time I took the screen capture of my first post

Two very different possibilities!

- if it was just that version.txt hadn't been updated correctly at the server it's a bit untogether, but it doesn't imply any security loophole with the program

- if version.txt was indeed correct at the server at the time, then I'm being lulled into a false sense of security.

==

I didn't like the email checking aspect of v6309 and its footprint seemed far larger than the old style v6170. Also, v6309 is very "busy " in terms of socket usage by comparison...

I'll have a go with the more recent products - but unless they revert to the superb simplicity of the original program then they aren't for me

thanks for your reply and best wishes, HJ.

 

You might want to cruise through the forum http://supportconnect.ca.com/sc/support/Index
Antivirus
http://forums.ca.com/eshare/server?...RT=565536&BSORT=4&AEXPAND=&BEXPAND=&BOARD=325
I did a cursory search and didn't see anything about Kerio. You do have to give Ezantirus a bunch of permission it does list the files in Help.
All the files running in the firewall need to be in the trusted,Internet, Server(Trusted) I use ZA and EZarmor and they both have to be done like that or the downloads get blocked.
If there is a way to put ? mark so you are asked they should get through and you can configure it. You are going to loose any support for version 6 sometime this year.

 

Hi again

many thanks for the links - from what you say I will investigate v7 soonish!

==

BTW it's Kerio 2.1.5 not any later version... 2.1.5 is a tad "buggy" but I'm very fond of it

happens by itself if you haven't made a rule to cover what's going on, you can customise the rule if you wish at that stage - or edit later on for a tweak if need be

==

what seemed to be happening was that the very first internet access was getting blocked when I was using v6309 - it seems this is a known habit of K215 if you have a LAN - erm, I don't think you are actually meant to use K215 with a network. But none of the rest of the software I run gives any trouble - only v6309 had problems...

==

it made me consider the different methods of updating v6170 and v6309

v6170 - autodownload gets version.txt, susses if new defs are required and downloads aup????.exe if need be

v6309 - far more "interactive" picking up only the modules which need updating

I like hanging on to the aup????.exe file, it fits well with my backup strategy

==

If anything goes seriously wrong (OS wise)(W98) I use a bootable floppy to copy a "good" image of C: (as it gets left with Windows closed down) - from another partition (registry and all)

I suppose a bit like a "poor man's system restore "...

(my user data, mailboxes, My Documents, Favo(u)rites, Desktop etc. folders have been relocated onto another partition - so I haven't lost them)

==

after replacing C: with a known good OS, the very next thing I want to do is to bring the AV defs up to date. Holding on to the aup????.exe file allows me to do that without even going on line... before I even touch the internet I have my defs pretty well up to date

but with the way v6309 works I couldn't do that - I'd have to back up the whole OS partition after ever time I update my virus defs

at the moment I only have to back up the OS after I've been off to WindowsUpdate


very best wishes, HJ.

 

For some reason I never got an email notice for your last thread. If you do get version 7 they do make it a little more complicated to get the update but it can be done.
Patches ftp://ftpez.ca.com/pub/myeTrust/autodownload/sigs/patches/
Sigs ftp://ftpez.ca.com/pub/myeTrust/autodownload/sigs/
Get the patcher file off this page and keep it http://crm.my-etrust.com/CIDocument.asp?KDId=1908&GUID=E7398C86A4CC4B859E3E10385F495004
Then download the patch open the patcher file point it to the patch it will update the file. If there is more than one patch either download them all or just get the latest sig and run that. If you use the sig file you will have to reboot.
What a joke that they make it so hard. I'll have to say I have mine download automatically and have never been behind. It will check when you boot up the machine also.
Their site is a nightmare so I find easier ways to navigate and keep them in my favorites. Plus for some reason the FTP site shows up in My Networks folder so I use that also.

 

Hi again

- thanks for the useful links

that's the crucial thing for me - I never found a way to do it with v6309, which was the major reason I gave up on that version - I really like getting the defs in *before* hitting the internet...

best wishes, HJ

 

Hi maggie

thanks for the moral support, without which I would probably have given up - really. I installed v7 a couple of days ago - still reckon it's a step backwards but no choice in the matter. How on earth that UI is meant to be an improvement is beyond me - windows that won't maximise are a real pain.

Glad that it's possible to abort the mandatory first full scan - because it comes preset to "clean" as well as "quarantine ". Whoa! I had visions of my carefully garnered "check my vulnerability" bits of defused exploit code (saved from various anti-malware sites) getting eaten.

The website is, as you say, a nightmare - and I got a surprise using Opera the other day - the site won't play at all, even setting Opera to identify as MSIE ummm, interoperability???

But the updating thing works well, and doing the rules for the firewall wasn't hard, just a few more of them... Give all those modules "full access" - no way! - nothing on this computer gets carte blanche.

thanks again and best wishes, HJ