WSS Block executables into zip file

I need a solution

Hello everyone

I need you help, in my portal of WSS I do a rule to block all executable files *.exe, according this KB

https://support.symantec.com/en_US/article.TECH245091.html

The rule work fine, but if the file *.exe is compress in file *.zip don´t work

Any idea of ​​why it does not work like that?

regards

Andres Garcia

0

Related:

  • No Related Posts

Bugcheck when initial ICA connection is established after upgrade to VDA 7.15 CU1

The issue was identified by the event in ProcMon trace: Found PicaSvc2.exe, operation RegQueryValue, results NAME NOT FOUND and the message: HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlCitrixSecurityDHParamL

In the ProMon trace for when customer saw the issue, we can see below registry key query was actually not successful, it seemed no related registry key was found:HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlCitrixSecurityDHParamI

PicaSvc2.exe Result NAME NOT FOUND

Related:

  • No Related Posts

ProxySG – Chrome Download behaviour

I need a solution

Hi All,

In ProxySG, We have configured the rule to block the exe based on the file extension and appreant data type. 

When user went to the google.com/chrome and click download option , they able to install the chrome sucessfully. 

Am wondering how it’s not blocked since it’s excutable fille. I took the policy capture where specific rule is neglected as “n/a”.

Rule :

Soucre              Destination               Action 

Any                   File Type                    Deny

Snippet from Policy Capture:

       <Proxy>
  miss:     category=All_Global_Denied_URL
   n/a:     condition=__CondList1Org_Global_Deny_CD

Thanks in Advance….

0

Related:

  • No Related Posts

Why does configuring Windows OS Agent log ‘Activation context generation failed for”C:IBMITMInstallITMx64AFUtil64.exe”‘ message in Windows Application log ?

If Log File Agent 6.2.3 FP1 is installed on Windows 2008 R2 SP1 Operating System (64-bit) which 64-bit Windows OS Agent 6.2.2 is running, configuring Windows OS Agent logs the following message in the Windows Application log.

————————–
C:UsersAdministrator>wmic ntevent where “(logfile=’application’ and sourcename=’sidebyside’)” list /FORMAT:VALUE

Category=0
CategoryString=
ComputerName=WIN-SBON0V8N7BL
Data=
EventCode=33
EventIdentifier=-1056899039
EventType=1
InsertionStrings={“Microsoft.VC90.CRT,processorArchitecture=”amd64″,publicKeyToken=”1fc8b3b9a1e18e3b”,type=”win32″,version=”9.0.21022.8″”,””,””,””,””,””,””,””,””,””,”C:IBMITM

InstallITMx64AFUtil64.exe”,””,””,””,””,””,””,””,””,””}
Logfile=Application
Message=Activation context generation failed for “C:IBMITMInstallITMx64AFUtil64.exe”. Dependent Assembly

Microsoft.VC90.CRT,processorArchitecture=”amd64″,publicKeyToken=”1fc8b3b9a1e18e3b”,type=”w
in32″,version=”9.0.21022.8″ could not be found. Please use sxstrace.exe for detailed diagnosis.
RecordNumber=251
SourceName=SideBySide
TimeGenerated=20160127083721.000000-000
TimeWritten=20160127083721.000000-000
Type=Error
User=
————————–

Related:

  • No Related Posts

7022309: Patch caching should fail if payload file can’t be downloaded

This document (7022309) is provided subject to the disclaimer at the end of this document.

Environment

ZENworks Configuration Management 2017

Situation

Patch caching may not show as failed when the “payload” file can’t download.

Patch remediation bundles are frequently consist of PLS, PLP and “Payload” install file actions. The payload file may be exe, cab etc and is the actual vendor patch.
In environments where a firewall disallows exe files but allows other types, it’s possible for the remediation bundle to be created only partially, without the exe file.
In the case that the remediation bundle install actions aren’t fully populated end user will see remediate error 20.
Example of error from loader-messages.log:
[DEBUG] [09/20/2017 13:30:49.998] [3150] [ZENLoader] [6183] [] [PatchManagement] [] [com.lumension.scr.exception.UnableToAccesURL: Unable to access URL (Code 403) http://cache.lumension.com/lpmdt/TimKosse/FileZillaClient/3.27.1.0/0/x64/all/Patch-Smart.TimKosseFileZillaClient3.27.1.0_x64.exe
at com.lumension.scr.util.Downloader.downloadFromURL(Downloader.java:551)
at com.lumension.scr.util.Downloader.downloadFromURL(Downloader.java:475)
at com.lumension.scr.util.Airgap.downloadFromURL(Airgap.java:200)
at com.lumension.scr.pojo.Package.getAllPackageFiles(Package.java:953)
at com.lumension.scr.pojo.Package.download(Package.java:382)
at com.patchlink.sapphire.download.SubscriptionDownloadActionHandler.processAction(SubscriptionDownloadActionHandler.java:525)

Resolution

Add the patch primary server to exclusion list for firewall to allow all downloads. For more information see:

Status

Reported to Engineering

Disclaimer

This Support Knowledgebase provides a valuable tool for NetIQ/Novell/SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented “AS IS” WITHOUT WARRANTY OF ANY KIND.

Related:

ClearCase failing to deliver .exe files

Hi.

I’ve encounter a case where the developer try to make a “Delivery from stream to default” from a dev stream to a int, select the activity containing the .exe file completes the operation. But, when you do a version tree or check the int view you can see that the version of the file didn’t travel at all, the UCMUtiltyActivity do not contain it, neither the baseline. So far happen two times and these files have nothing in common excepting that they are exe files.
The really strange thing is that the delivery also has others acitivities with others files that don’t have a problem at all.

Thank you for your time.
Kind regards.

Related:

SEP 14 Add Process Exclusions

I need a solution

Im asking foa assistance.. i need to exclude those processes in SEP

How can i do that ?

Cdb.exe

Microsoft.Exchange.Search.Exsearch.exe

Cidaemon.exe

Microsoft.Exchange.Servicehost.exe

Clussvc.exe

MSExchangeADTopologyService.exe

Dsamain.exe

MSExchangeFDS.exe

Microsoft.Exchange.EdgeCredentialSvc.exe

MSExchangeMailboxAssistants.exe

EdgeTransport.exe

MSExchangeMailboxReplication.exe

ExFBA.exe

MSExchangeMailSubmission.exe

GalGrammarGenerator.exe

MSExchangeRepl.exe

Inetinfo.exe

MSExchangeTransport.exe

Mad.exe

MSExchangeTransportLogSearch.exe

Microsoft.Exchange.AddressBook.Service.exe

MSExchangeThrottling.exe

Microsoft.Exchange.AntispamUpdateSvc.exe

Msftefd.exe

Microsoft.Exchange.ContentFilter.Wrapper.exe

Msftesql.exe

Microsoft.Exchange.EdgeSyncSvc.exe

OleConverter.exe

Microsoft.Exchange.Imap4.exe

Powershell.exe

Microsoft.Exchange.Imap4service.exe

SESWorker.exe

MSExchangeMailboxAssistants.exe

SpeechService.exe

Microsoft.Exchange.Monitoring.exe

Store.exe

Microsoft.Exchange.Pop3.exe

TranscodingService.exe

Microsoft.Exchange.Pop3service.exe

UmService.exe

Microsoft.Exchange.ProtectedServiceHost.exe

UmWorkerProcess.exe

Microsoft.Exchange.RPCClientAccess.Service.exe

W3wp.exe

0

Related: