3CX DLL-Sideloading attack: What you need to know
Hi folks,
v19.0.1 MR-1 IPS service has stopped and will not restart, the error message is the process is taking too long.
There are no entries in the Logviewer -> system log indicating any issues.
Next step please.
Update :- after two attempts the GUI shows the service as restarting. There are no entries in log viewer -> IPS.
Ian
Memory has dropped from 80+% to 66%, CPU has increased
10am yesterday I restarted a 8 port switch to see if that would fix an IPv6 issue which it did, but the memory use dropped significantly. I also changed the maximum network packet size on one LAN interface which took all interfaces off line for a short time another bug.
Could be still the known issue. The problem is: IPS will restart with a ATP update. This could potentially mean, it hung at this point. Thats the reason for the mem incease, as there are stalled IPS processes. Lets see, if this issue remains in the respin version.
__________________________________________________________________________________________________________________
Still dead. Version 18.19.54 11th August.
Memory use has dropped 60% and CPU 8%.
XG115W - v19.5.1 mr-1 - Home
If a post solves your question please use the 'Verify Answer' button.
Hi,
still broken this morning on the same version as initially reported. Last pattern check was the 12th of August before I forced a check this morning.
ian
does anyone from Sophos Support have an idea when the issue will be resolved?
When the new V19.0 MR1 will be released, lets try this version. Likely it will resolve your issue.
Thank you for the suggestion. There is also an issue with no AV updates.
Hello rfcat_vk,You can execute the following command in the advance shell: /bin/sh /scripts/u2d/u2d_refresh_patterns.shWhich will uninstall and re-install the patterns on the appliance, this might help too !!
Thanks & Regards,_______________________________________________________________
Vivek Jagad | Team Lead, Global Support & Services
Sophos Community | Product Documentation | Sophos Techvids | SMSIf a post solves your question please use the 'Verify Answer' button.
Hi Vivek,
thank you for the instructions. I ran the script which produced a series of errors about retry count: bad number.
The IPS update attempted to download an old file 18.17.96 and failed.
Hey rfcat_vk can you PM me the support access id ?
Done.