Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Topics - wim.cossement

Pages1
#1
General Support / F-secure flagging the latest agent as malware on Windows server?
June 10, 2021, 09:51:51 PM
I might be jumping the gun here but when I wanted to upgrade some agents on some Windows servers F-Secure server security premium blocked the installer and said it was malware with this link:
https://www.f-secure.com/v-descs/w32_malware.shtml

It's however not happening on all servers, I was able to upgrade it on another one. It's a centrally managed F-secure so all servers have the same version and definitions and so on are updated daily.
It's also happening on various Windows server versions.

I see it's also possible to report false positive malware to F-secure and upload the installer but I must check this with my colleagues first tomorrow.

Holler if you need more info.
#2
General Support / Monitoring a specific network interface
May 28, 2021, 05:15:05 PM
Hi,

I'm again a bit stuck; now I want to monitor the status of a specific NIC on a Windows box.
I get reports via de default EPP rules at the beginning but I'd like this to happen for a specific NIC on Windows VM's but now I'm testing this on my laptop.

If I work analogue to other metrics that I can get working I take the following steps (like here or here):

- Create new event configuration - or use existing ID's 4 and 5
- Create new data collection configuration for the machine with parameter Net.Interface.OperStatus("Wi-Fi")
- Instance name in threshold is set to Wi-Fi, expression equal to 0 with SYS_IF_DOWN as activation event.
   Wi-Fi is the name of the wireless NIC in Windows.
- Edit the Event processing library and disable rule 4 and 5 and create my own copies of them.

Kind regards,

Wim
#3
General Support / Sending emails from a Windows server with Office365?
May 25, 2021, 10:07:54 PM
Hello,

Has anyone already been able to use smtp.office365.com as their mail server from a Windows box?

Ive been playing around at home with a Debian client and Debian server and via Postfix I can relay mail alerts to Gmail but now they want me to implement the whole shebang on a Windows only environment for an internship. But sending mails from a Windows machine seems to be a PITA.
I can use a tool to test it that saves it's account settings in an XML file like SwithMail and this works file from the command line as a local user but if I define this (for testing) in the server actions nothing happens.
PowerShell could perhaps be another option but then again, the action needs to be executed so am I missing something?

Thanks,

Wim
Pages1