"It is posible, that ERA sarver is considered as web browser by ESS/EAV"

Discussion in 'ESET Server & Remote Administrator' started by dopaz, Jul 29, 2011.

Thread Status:
Not open for further replies.
  1. dopaz

    dopaz Registered Member

    Joined:
    Jul 29, 2011
    Posts:
    2
    ERA Server version: 4.0.138

    I'm getting this error on my ERA_SERVER box. Full paste:

    -------------------------------------------
    Event Type: Warning
    Event Source: ERA_SERVER
    Event Category: None
    Event ID: 501
    Date: 7/29/2011
    Time: 12:07:18 PM
    User: N/A
    Computer: DC1
    Description:
    Warning: "It is posible, that ERA sarver is considered as web browser by ESS/EAV, in case of problems, please check ESS/EAV settings and exclude it."

    ------------

    Please note that this is a direct quote with “possible” and “server” misspelled. This makes me nervous as many malware and virus/trojan/dropper authors tend to give themselves away with poor spelling. Is this a real error message or has my ERA server been haxx0red?

    If this is a real error... wow. Spellcheck is your friend. Also, I believe the error comes from the fact that the "Provide update files via internal HTTP server" was turned off after our ISO auditor flagged it for XSS vulnerabilities.
     
  2. ThomasC

    ThomasC Former ESET Support Rep

    Joined:
    Sep 8, 2008
    Posts:
    209
    I have seen this error before. Mind you not with the spelling errors. I am sure you may already know however, just to clarify, the area that the ESET Remote Administrator would need to be excluded in is the web browser section. This is demonstrated in the second half of this article.
     
  3. dopaz

    dopaz Registered Member

    Joined:
    Jul 29, 2011
    Posts:
    2
    Thanks! When I turned off HTTP, the clients could no longer update. Will follow the KB below.
     
  4. ThomasC

    ThomasC Former ESET Support Rep

    Joined:
    Sep 8, 2008
    Posts:
    209
    No problem at all, anytime! :)
     
Thread Status:
Not open for further replies.