LinkBack URL
About LinkBacks
Symmantec Liveupdate
Thanks for the great product you have here, I really enjoy it.
I am having one problem right now though, and thought it might be worthy for consideration to change for the upcoming 5.0.
We have several computers on our network that are running "Symmantec Client Security".
They are unable to run Liveupdate (update their virus definitions) when untangle's "Virus Blocker" is running. It starts downloading the updates, but errors out when nearly completed.
Looking over the logs, I get these messages
--------------
192.168.1.128 Exploit.JS.CVE-2005-1790.A 80.231.19.78
liveupdate.symantecliveupdate.com 80
192.168.1.145 Exploit.JS.CVE-2005-1790.A 80.231.19.81
liveupdate.symantecliveupdate.com 80
192.168.1.138 Exploit.JS.CVE-2005-1790.A 80.231.19.78
liveupdate.symantecliveupdate.com 80
192.168.1.145 Exploit.JS.CVE-2005-1790.A 124.40.41.176
liveupdate.symantecliveupdate.com 80
192.168.1.145 Exploit.JS.CVE-2005-1790.A 124.40.41.176
iveupdate.symantecliveupdate.com 80
192.168.1.145 Exploit.JS.CVE-2005-1790.A 124.40.41.80
liveupdate.symantecliveupdate.com 80
192.168.1.145 Exploit.JS.CVE-2005-1790.A 63.211.153.11
liveupdate.symantecliveupdate.com 80
192.168.1.145 Exploit.JS.CVE-2005-1790.A 62.41.80.99
liveupdate.symantecliveupdate.com 80
-------------------
Is there anyway that you could allow an exception list by IP in the Antivirus settings? I don't know if this is even possible, but offering the suggestion.
Liveupdate seems to use both http and ftp downloads.
A quick google search about the Exploit.JS.CVE-2005-1790.A, shows that others are having the same problem with the "clam antivirus".
Thank you,
Russ
