| Subcribe via RSS

Trend Micro: Rollback of VSAPI Version 9.000 from ActiveUpdate

November 24th, 2009 | No Comments | Posted in Security, Software, Trend Micro

Some of might have noticed this, but I’m writing a post about it any way.

Trend Micro is now rolling back the VSAPI 9.000 from ActiveUpdate. Reason: “There have been reports of issues on the following products scanning certain malformed PDF files”.

The version available through ActiveUpdate is now 9.100.1001, this is essentially version 8.952.

The products affected are:
OfficeScan
ServerProtect
Worry-Free Business Security (WFBS)

Earlier, they sent out an advisory about VSAPI 9.000 and problems with Windows NT (think it was OfficeScan 7.3 and ServerProtect). The problems resulted in the Scan Engine being unable to load the pattern files.

Read the entire Customer Notification here:

CUSTOMER NOTIFICATION Rollback of VSAPI Version 9.000 from ActiveUpdate

Tags: , , , , , , , ,

Trend Micro VSAPI 9.000 soon available through ActiveUpdate

November 9th, 2009 | No Comments | Posted in Security, Software

If you didn’t get the latest Technical Advisory from Trend Micro
Here is a brief summary.

On November 16, 2009, Trend Micro will make the VSAPI 9.000 available through ActiveUpdate (AU).

It will be released for the following products:
– OfficeScan
– Client Server Messaging Suite / Client Server Suite
– Worry Free Business Security
– ServerProtect for NT
– Trend Micro Control Manager

And it will include the following new features:
– Support for the detection of files that contain known PDF exploits
– Support for shellcode detection
– Recognition of the following additional file types:
– Flash Video (FLV)
– Microsoft Document Imaging (MDI)
– Moving Picture Experts Group (MPEG)
– QuickTime (MOV)
– RIFF
– SITX
– ZIP64
– Support for the detection of exploits to Microsoft Office vulnerabilities

Edit: The entire Advisory has been posted on the TCSE community – from ACAPacific blog.

Tags: , , , , , , ,

VMware Workstation 7.0 and VMware Fusion 3.0

October 29th, 2009 | No Comments | Posted in Software

Woho, VMware released Workstation 7.0 and Fusion 3.0 a couple of days ago.

VMware Workstation 7.0 Release notes:
http://www.vmware.com/support/ws7/doc/releasenotes_ws7.html

VMware Fusion 3.0 New Features:
http://communities.vmware.com/docs/DOC-10957

A list of the most interesting new features in VMware Workstation:

More »

Tags: , ,

Trend Micro OfficeScan 10 – Some thoughts

September 1st, 2009 | 48 Comments | Posted in Security, Software

So, just some thoughts about Trend Micro OfficeScan 10. Its been some months now, since the GM build release of OfficeScan 10. And most people should have had enough time to test it properly. So what are the current pros and cons? Should you upgrade, or wait a bit longer? Anyone?

In my opinion:
It depends on your values.
You should upgrade if the new features appeals to you. The Device Control, and the Smart Network stuff.

But, performance wise, there are still some issues. E.g.: Extracting a Windows XP cd (from an ISO file) takes at least 50% more time with OfficeScan 10 (using Winrar). This is with conventional scan mode, I get about the same results with Smart Scan, but you can’t really compare it, since its not cached.

In addition, the Trend Micro Unauthorized Change Prevention Service (tmbsrv.exe) is a nice feature, but I believe it requires a bit more resources than the old Watchdog service.

So what about the stand alone scan server? I haven’t had time to test this one properly, at least not performance wise. So if anyone has done any real performance testing, with 100-500+ clients, I would really like to know. At least Trend Micro managed to get something right with the new Smart Scan feature. If what I’m seeing is correct, the impact on the network is really low. Sending those hashes back and fourth doesn’t consume that much bandwidth. Yay!

And just one last tip: When you install OfficeScan 10, install the integrated scan server. Even though you`re not planning to use it. Why? Because its really complicated to install it after you`ve finished the installation of the OfficeScan server. Just install it, and remove it from the list of scan servers in the GUI.

Anyway, if my sense of time is correct, its about two weeks left, until the Service Pack 1 of OfficeScan 10 is released to the public. The beta looked okay, but I`m really curious whether or not they managed to fix some of those performance issues.

Tags: , , ,

Cisco visio stencils

August 7th, 2009 | No Comments | Posted in Cisco, Software

Just something I stumbled over, Visio stencils for Cisco devices. And its free!
http://www.cisco.com/en/US/products/prod_visio_icon_list.html

Configure apt-get to use a proxy (Ubuntu)

July 3rd, 2009 | 3 Comments | Posted in Linux, Software

Open the following configuration file: /etc/apt/apt.conf.d/70debconf

And add:
Acquire::http::proxy “http://<IP_TO_PROXY>:<Proxy_Port_WEB>”;
Acquire::ftp::proxy “ftp://<IP_TO_PROXY>:<Proxy_Port_FTP>”;

If authentication is required, add this instead

Acquire::http::proxy “http://<username>:<password>@<IP_TO_PROXY>:<Proxy_Port_WEB>”;
Acquire::ftp::proxy “ftp://<username>:<password>@<IP_TO_PROXY>:<Proxy_Port_FTP>”;

<IP_TO_PROXY> = The IP address of the proxy, e.g.: 192.168.1.10
<Proxy_Port_WEB> = The proxy web port, e.g.: 8080
<Proxy_Port_FTP> = The proxy ftp port, e.g.: 2121

If authentication:
<username> and <password> (doh, no need to explain).

Done!

Tags: , ,

Windows 7 RC1 and Trend Micro OfficeScan 10

May 18th, 2009 | 12 Comments | Posted in Security, Software

Don’t try it. It will install. But it slows the system down. Really, it took me 25 minuts to log in. 10 minuts to just write the password.

I will try to find a workaround and share it. If anyone finds a solution, feel free to leave a commen!

Tags: , , ,

Trend Micro Product Documentation

May 6th, 2009 | No Comments | Posted in Security, Software

A collection of links to Trend Micro Product documentation for the following products:

Trend Micro Control Manager 5.0 (TMCM 5.0)
Trend Micro OfficeScan 8.0 (OSCE 8.0)
InterScan Mail Security Suite 7.0 (IMSS 7.0)
InterScan Mail Security Virtual Appliance 7.0 (IMSVA 7.0)
InterScan Web Security Suite 3.1 (IWSS 3.1)
InterScan Web Security Virtual Appliance 3.1 (IWSVA 3.1)
ScanMail for Microsoft Exchange 8.0 (SMEX 8.0)

If you aren’t that familiar with the Trend Micro product pages, finding this information may be hard. More »

Tags: , , , , , , , , , , , , , , ,

Howto: Reset password Trend Micro Control Manager 5.0

April 16th, 2009 | No Comments | Posted in Security, Software

Forgot the password to you root/admin account to Trend Micro Control Manager 5.0 (TMCM)?

How to reset the password to one of your Trend Micro Control Manager 5.0 accounts:

1. Stop the TMCM services:
2. Launch the SQL Server manager of choice.
3. Open the “tb_Account” table of your Trend Micro Control Manager database.
4. Find the user you want to reset, and note down the GUID of the user.
5. Find and open the “tb_UserInfo” table.
6. Find the account you want to reset the password for (using the GUID you located earlier).
7. Modify the “password” field for the user, and set it to: “96e79218965eb72c92a549dd5a330112”
8. Start the TMCM services.

And log in with the account you modified using the password: “111111”

Find more information about this topic in the Trend Micro Knowledge base:
http://esupport.trendmicro.com/Pages/Resetting-the-password.aspx
http://esupport.trendmicro.com/Pages/Resetting-TMCM-password-with-OSQL-commands.aspx

Tags: , , , , , , ,

How to restart the management service in VMware ESX 3.5

April 2nd, 2009 | No Comments | Posted in Software

How to restart the management on a VMware ESX 3.5:
SSH to the vmware-esx box and do a:
sudo service mgmt-vmware stop
sudo service mgmt-vmware start
or a:
service mgmt-vmware restart

or as root just:
service mgmt-vmware stop
service mgmt-vmware start
or:
service mgmt-vmware restart

This would be the solution if you can’t connect to the box using VMware Infrastructure Client, like if you get an error saying:
Error Connecting
VMware Infrastructure Client could not establish the initial connection with the server ““.
Details: The server took too long to respond.

Tags: , , , , , ,
technoblog@trap.threatobs.com