November 28, 2022, 09:30:38 AM

Author Topic: Symantec Tamper Alert (fixed as of v2.5)  (Read 8242 times)

TCSBud

  • Member
  • *
  • Posts: 10
Symantec Tamper Alert (fixed as of v2.5)
« on: February 02, 2007, 09:47:23 AM »
I was reading a post from back on Jul 2006 that said that tamper alerts with Symantec were resolved with ver2.0 build 2308. I am running 2.0 build 2309 and after scanning my domain got Symantec Tamper Alerts on all scanned clients!  The Actor Process was NEWTSvc.exe and the target was Common FilesSymantec SharedccSetMgr.exe.  Any way I can prevent this from happening ever again?

Running SAV CE 10.0.2 and SAV CE 10.1.5 on W2K & XP.

Thank you in advance.

Komodo Support

  • Administrator
  • Member
  • *****
  • Posts: 2701
  • Dayton, Ohio, USA
    • Komodo Laboratories LLC
Symantec Tamper Alert (fixed as of v2.5)
« Reply #1 on: February 02, 2007, 12:19:53 PM »
You\'re right, it should have been fixed with build 2308 and was confirmed with a user having the problem at the time.

It could be Symantec has made changes since then, affecting operation of our service.  We will look into this and work with you on getting it fixed.

TCSBud

  • Member
  • *
  • Posts: 10
Symantec Tamper Alert (fixed as of v2.5)
« Reply #2 on: February 02, 2007, 12:45:12 PM »
Thanks so much for your immediate response.  Based on what I\'ve read on some of the other threads, I know you\'ll do whatever you can to help.  I absolutely love this program...  I test drove many other network inventory tools and this is by far the best I\'ve seen for what I need.  However, I can\'t do any more testing until the pop  ups from Sym are resolved.
Again, thank you for a great product and your help.  Looking forward to hearing from you.

Bud

TCSBud

  • Member
  • *
  • Posts: 10
Symantec Tamper Alert (fixed as of v2.5)
« Reply #3 on: February 05, 2007, 11:43:15 AM »
I DLed the new exec, copied to my Newt dir and ran a new scan late on Friday...   wala... no Tamper Alerts!!  Great job.  I\'m still testing but I\'m stoked about this program.   I have 400+ clients in my domain and the discover only found 277.  Once I find out why the rest weren\'t discovered, I\'ll likely submit a request for purchase.  Thank you for responding so quickly!

Komodo Support

  • Administrator
  • Member
  • *****
  • Posts: 2701
  • Dayton, Ohio, USA
    • Komodo Laboratories LLC
Symantec Tamper Alert (fixed as of v2.5)
« Reply #4 on: February 05, 2007, 03:56:52 PM »
No problem!  Are you discovering these machines using IP Discovery or by just looking in the Network Browser (or discovering by domain)?

If you\'re doing it purely by domain (not IP), then the problem is likely due your local machine\'s Master Browser not matching up with the Active Directory.  You could try turning on \"Include Active Directory\" in Preferences and see if that helps.  It will take longer to discover, but it may be more complete.  With this option, machines are cross-referenced between the Master Browser and AD, so machines that are in the AD but not in the Master Browser will show up as \"Computer Offline?\".  Try scanning those and see if that works.

Also, this option can also help with domain cleanup of old computers/accounts by showing you this difference.

TCSBud

  • Member
  • *
  • Posts: 10
Symantec Tamper Alert (fixed as of v2.5)
« Reply #5 on: February 06, 2007, 02:05:45 PM »
I initially discovered by domain but since I am still on an NT domain, this may be a problem.  In my domain, there are only two subnets and since Newt will discover by multiple IP ranges, I\'m goin to try that.  Will let you know the results.  Thanks again for your help.

TCSBud

  • Member
  • *
  • Posts: 10
Symantec Tamper Alert (fixed as of v2.5)
« Reply #6 on: February 06, 2007, 02:37:56 PM »
After doing the subnet discovery by two IP ranges, I have 280 machines \"Near Me\" but on the status bar at the bottom it says \"400 objects\".  I wonder if this a function of the limits of the demo license I am running and with the full license it would continue discovering and the number of machines \"near me\" would more approach the number of clients I know I have in my domain.   I\'m not sure what the other 120 objects are.  Any thoughts would be most appreciated.

Komodo Support

  • Administrator
  • Member
  • *****
  • Posts: 2701
  • Dayton, Ohio, USA
    • Komodo Laboratories LLC
Symantec Tamper Alert (fixed as of v2.5)
« Reply #7 on: February 06, 2007, 05:49:58 PM »
Hi again.  There could be a few reasons why you see more machines using an IP discovery vs. group discovery.  Again, enabling \"Include Active Directory\" should make the list match up better with the IP discovery.

Are all the machines in but subnets in the same domain?

Also, the Network Browser on the left is unlimited.  The only limitation is how many computers/devices you can have in the Primary tab at one time.  This is determined by your license, and in your case this is 400.

If you see 400 objects, you are probably running out of licenses.  You should be getting a message box indicating this.

TCSBud

  • Member
  • *
  • Posts: 10
Symantec Tamper Alert (fixed as of v2.5)
« Reply #8 on: February 07, 2007, 02:39:22 PM »
Thank you.   I think it will be ok.  The clients that are not discovered, I will add manually and then resolve why ithey weren\'t discoverd.  Unfortunately, I support a domain where developers and engineers have pretty much full rights and my task is often \"clean up\".    I am most pleased with this product and your support.  I have another question I will post on another thread.

Thanks again!