Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 8 replies
  • Subscribers 1 subscriber
  • Views 4407 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Strange behaviour (could not find a source/ updated)

Paulsav

Hi All

I am running SEC 4.5.1.0 with three update managers and clients are V.9.5

The problem i am having which started approx three days ago is endpoints have a red cross through them, saying update failed, When i go to SEC and look at the logs for a machine it reads 

                                           Computer name                           ALLISONPXP10TO
   Computer description                   
   Operating system                        Windows XP
   Service pack                            Service Pack 3
   Domain/workgroup                        xxxxxxxx
   IP address                              172.29.6.164
   Sophos Anti-Virus version               9.5.5 VDL4.64G
   HIPS rules                              4.1.2
   HIPS configuration                      1.0.4
   Detection data                          4.64G
   On-access scanning                      Active
   Anti-virus and HIPS policy              Same as policy
   Last scheduled scan completed          
   Last message received from computer     4/4/2011 1:02:07 PM
   Up to date                              Not since 4/4/2011 2:33:31 PM
   Updating policy                         Same as policy
   Time installed package became available 4/4/2011 7:07:03 AM
   Time next package became available      4/4/2011 1:33:31 PM
   Primary update server                   \\xxxxxx\SophosUpdate\CIDs\S000\SAVSCFXP\
   Secondary update server                 Sophos
   Client firewall enabled                
   Client firewall policy                 
   Client firewall version                
   Client firewall mode                   
   Sophos NAC policy                      
   Compliance Agent (NAC) version         
   Sophos NAC compliance assessment       
   Application control policy              Same as policy
   Application control on-access scanning  Inactive
   Data control scanning status            Inactive
   Device control scanning status          Inactive
   Data control policy compliance          Same as policy
   Device control policy compliance        Same as policy
   Tamper protection status                Inactive
   Tamper protection policy compliance     Same as policy
   Group                                   \Global Group\Toorak\Computers\Staff Desktops

   Outstanding alerts and errors          

   Sophos AutoUpdate status                                                             Date/time            Code      Description                            
                                             4/4/2011 11:01:40 AM 00000071  ERROR: Could not find a source for updated packages

   History                                

   Sophos AutoUpdate status                                                             Date/time            Code      Description                            
                                             4/4/2011 11:01:40 AM 00000071  ERROR: Could not find a source for updated packages
                                             4/4/2011 10:51:03 AM 00000000  Updated successfully                   
                                             4/4/2011 10:01:42 AM 00000071  ERROR: Could not find a source for updated packages
                                             4/4/2011 9:51:03 AM  00000000  Updated successfully                   
                                             4/4/2011 8:51:45 AM  00000071  ERROR: Could not find a source for updated packages
                                             4/4/2011 8:41:48 AM  00000000  Updated successfully                   
                                             4/1/2011 3:32:00 PM  00000071  ERROR: Could not find a source for updated packages
                                             4/1/2011 3:21:22 PM  00000000  Updated successfully                   
                                             4/1/2011 2:52:00 PM  00000071  ERROR: Could not find a source for updated packages
                                             4/1/2011 2:41:22 PM  00000000  Updated successfully                   
                                             4/1/2011 2:12:03 PM  00000071  ERROR: Could not find a source for updated packages
                                             4/1/2011 2:01:22 PM  00000000  Updated successfully                   
                                             4/1/2011 1:32:01 PM  00000071  ERROR: Could not find a source for updated packages


  I realise you will need a lot more info ,so pleasea ask questions and i will provide all that i can.......

:11547


This thread was automatically locked due to age.
Parents
  • 0

    Hello Paulsav,

    if all your policies are using the correct credentials and all clients comply then creating a new account is probably your best bet. It will solve the problem for the correctly working clients and it will be much easier to spot the "offending" client(s). Two minutes is quite short and I don't think you policy will lock out the account after the first failed attempt. Anyway the first failure events in the security log after an unlock should help in identifying the source.

    Christian   

    :11833
Reply
  • 0

    Hello Paulsav,

    if all your policies are using the correct credentials and all clients comply then creating a new account is probably your best bet. It will solve the problem for the correctly working clients and it will be much easier to spot the "offending" client(s). Two minutes is quite short and I don't think you policy will lock out the account after the first failed attempt. Anyway the first failure events in the security log after an unlock should help in identifying the source.

    Christian   

    :11833
Children
No Data
Unfiltered HTML