Extract unique risk name from different directories
This powershell script will read in a text file of full file paths, and output the unique risk name.Symantec looks at the following risks to be unique because they are in different directories even...
View ArticleQuerying SIC service on a large enviornment
Hi, Normally there is no option to check the SIC service status.Here i am attaching a script to query SIC service on remote Systems.It runs on Psexec ( Download it to system 32 of the local machine)...
View ArticleScript to download Intelligent Updater from ftp.symantec.com
Hello all,I want to share this script to download .exe from Symantec ftp:When we install a new machine, it is installed with the last setup.exe I have. That setup.exe usually is older than current...
View ArticleGet Group Name and Group ID
I wrote Powershell script that queries the database that Symantec Endpoint Protection Manager is installed on, and retrieves the Group Name, and Group ID, and stores in .csv.Documentation has...
View ArticleClik here to view.
Critical System Protection -- Command Match Tool
CmdmatchV2.exe, a command line driven tool, can be used to help troubleshoot the mismatch of command line arguments in policies. It is designed to mimic the IPS driver's behavior when parsing command...
View ArticleRevised Datscount script
We encountered a problem at one point where a problem in our configuration caused a number of updates to sit on the manager unable to be posted using the BCP utility to the SQL database. The result of...
View ArticleClear temp directories script
I created this scrpt to address systems that have run our of disk space for various reasons and are no longer updating AV definitions. The only external utility you need is Psexec to remotely execute...
View ArticleClik here to view.
MoveClient Script
I created a MoveClient Script using powershell.There are actually two scripts1 - get_group_IDs.ps1 generates a list of groups, along with their group ID to help you create an input file (based on your...
View ArticleDeepSight Vulnerability Datafeed Perl Script
Attached is a perl script written by Oliver Karow from Symantec. This script is designed to allow you to automate the download of the DeepSight Vulnerability Datafeed.deepsight.pl_.tar.gz
View ArticleSymantec Data Loss Prevention 11.5: Administration
Symantec Data Loss Prevention 11.5: AdministrationNOTES: This course is 5 days long.TK-DLP-0115 Symantec Data Loss Prevention 11.5: Administration [5-Day ILT]Click here for full course description...
View ArticleHow to adjust proxy settings for System Account
Hello guys,I want to share with you a problem I had having.I have Explicit proxy in my network. I have a GPO that update it for my clients.Here, in my subnet, I have a WPAD script, to set it by DHCP...
View ArticleThe Enhanced Mitigation Experience Toolkit
The Enhanced Mitigation Experience Toolkit (EMET) is a utility that helps prevent vulnerabilities in software from being successfully exploited. EMET achieves this goal by using security mitigation...
View ArticleQuerying SIC service on a large enviornment
Hi, Normally there is no option to check the SIC service status.Here i am attaching a script to query SIC service on remote Systems.It runs on Psexec ( Download it to system 32 of the local machine)...
View ArticleChicago User Group - Rich Bagurdes - Application and Device control and...
Here is my presentation from 1.15.2014 Chicago security and compliance user group meeting. Along with this powerpoint deck are some sample policies to try in your own environment. Symantec UG ADC...
View ArticleCome identificare un Server DHCP duplicato in una LAN
DHCP Find è un programma portatile per identificare se vi sono più server DHCP attivi sulla rete. Con una semplice scansione con questo tool, in pochi secondi verranno mostrate diverse informazioni...
View ArticleHow to reset SEPM password in 12.1.x
Hi, Administrators maintaining multiple SEPM's or security products have problem in resetting in SEPM 12.1.x is they have missed out to provide email address during installation. resetpass.bat was...
View ArticleApache logs disk size after GUP Monitor Tool
Hello guys,If you are noticing some problem with disk space after configuring GUP Monitor Tool, take a look below:"C:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\apache\logs" = It...
View ArticleCustom IPS Signatues to detect various filetype downloads
To build on my last IR article:How to utilize SEP 12.1 for Incident Response - PART 6I'm attaching a custom IPS policy which will detect the download of various filetypes via HTTP and HTTPS.The...
View ArticleCustom file detection script (DICOM) for use in Data Loss Prevention.
The script below is intended to detect data leakage in helthcare environments. Files detecting by this script is widely used in a variety of medical diagnostic systems and may include personal...
View ArticleDividing full file path into a separate subfolder names
This script is intended for use in Symantec Data Loss Prevention and provide an ability to sort incidents not only by file name but also by separate subfolders in it's path.You need to create following...
View Article