RE: Symantec vulnerability update

Hi Michael,

I haven't heard form anyone yet. But I figured out a workable "fix," which
is to go into the Advanced Firewall Rules and change all of the Blocked
Rules to "Permit" the specific computers in my IP range. I've tried
isolating just the rule(s) that is creating the problem - which I believe is
the incoming and outgoing NetBIOS, but it only works for some computers and
not all. So I just adjusted all the rules to permitting my IP range. Be sure
you include the specific IP addresses you're permitting, otherwise you're
exposing yourself to the net.

Hope this helps.

Amy

-----Original Message-----
From: Michael Rimar [mailto:mrmr@berkeley.edu]
Sent: Friday, June 02, 2006 12:41 PM
To: Amy Gee; 'Micronet-UCB microcomputer support user group';
ucb-security@lists.berkeley.edu
Subject: RE: [Micronet] Symantec vulnerability update

Hi Amy:

Did you hear back on this? It sounds like it relates to my problem.

Michael

At 10:50 AM 5/31/2006, Amy Gee wrote:
>Hi folks,
>
>So far, I have upgated four computers at my department but they all
>began to have a same issue. They all are unable to access shared
>folders/drives until about 30 minutes after the system boots up or
>immediate after the symantec firewall is manually disabled and re-enabled.
>
>Windows files/folder sharing is permitted and the IP addresses of
>designated computers are added to the safe zone. Prior to the update,
>the computer can immediately access any shared folders and drives.
>
>Anyone else experience this problem?
>
>Thanks,
>Amy
>
>-----Original Message-----
>From: owner-micronet-list@lists.berkeley.edu
>[mailto:owner-micronet-list@lists.berkeley.edu] On Behalf Of Allison
>Henry
>Sent: Tuesday, May 30, 2006 1:35 PM
>To: Micronet-UCB microcomputer support user group;
>ucb-security@lists.berkeley.edu
>Subject: [Micronet] Symantec vulnerability update
>
>Symantec has released patches for the security vulnerability in
>Symantec Anti-Virus announced on Friday. These patches must be
>installed on each workstation running Symantec Anti-virus v10.x
>(including Symantec Client Security 3.x) to protect against this
>vulnerability. To make sure the updates are applied and to get the
>benefits of the latest version of Symantec, we are recommending the
following actions:
>
> 1) Go to http://software.berkeley.edu/windows/scs3/current/
> 2) Download and install the SCS 3.1 desktop client
> 3) Download and install MP1 for 3.1
> 4) Download and install PP1 for SCS 3.1 MP1
>
>For system administrators:
>We recommend that you upgrade all Symantec clients to 3.1 and apply the
>appropriate patches. However, if you wish to stay at your current
>version of Symantec, you can find the appropriate patches for your
>version number at
>http://www.symantec.com/techsupp/enterprise/products/sym_client_securit
>y/scs
>_3/files.html.
>
>Please make sure you apply the appropriate patches in the correct order
>for your version of Symantec. We are working on developing tools to aid
>in the distribution of patches to large numbers of workstations, so
>watch for further updates.
>
>Please help us get the word out to the campus community. There are
>still no exploits out based on this vulnerability and with your help we
>want to get campus users protected before the exploits are released.
>
>Thank you,
>
>--
>Allison Henry
>System and Network Security
>University of California, Berkeley
>http://security.berkeley.edu
>
>-----------------------------------------------------------------------
>- The following was automatically added to this message by the list
>server:
>
>For information about Micronet, including subscribing to or
>unsubscribing from its mailing list and finding out about upcoming
>meetings, please visit the Micronet Web site:
><http://micronet.berkeley.edu/>.
>
>
>-----------------------------------------------------------------------
>- The following was automatically added to this message by the list
>server:
>
>For information about Micronet, including subscribing to or
>unsubscribing from its mailing list and finding out about upcoming
>meetings, please visit the Micronet Web site:
><http://micronet.berkeley.edu/>.

------------------------------
Michael Rimar
Administrative Assistant
UC Botanical Garden
200 Centennial Drive #5045
Berkeley, CA 94720-5045
510-642-0849
fax 510-642-3012
http://botanicalgarden.berkeley.edu

------------------------------------------------------------------------
The following was automatically added to this message by the list server:

For information about Micronet, including subscribing to
or unsubscribing from its mailing list and finding out
about upcoming meetings, please visit the Micronet Web site:
<http://micronet.berkeley.edu/>.
Received on Fri Jun 2 13:06:39 2006