Scan Engine: Internal LiveUpdate server's "Login" and "password" information in liveupdate.conf are not encrypted

book

Article ID: 157923

calendar_today

Updated On:

Products

Protection Engine for Cloud Services Scan Engine

Issue/Introduction

Up to Scan Engine (SSE) 5.2.8,  the login and password for the internal LiveUpdate FTP server are encrypted right after the initial Java LiveUpdate (JLU) execution; however, from SSE5.2.10 and onward, they are no longer encrypted.

Cause

This is by-design.

Resolution

Scan Engine 5.2.10 and onward uses its own liveupdate.conf separate from the JLU's. liveupdate.conf will be encrypted only if the file is JLU's.

SSE5.2.8 and earlier's liveupdate.conf

hosts/0/login:ENC=<encrypted strings>
hosts/0/password:ENC=<encrypted strings>

SSE5.2.10 and later's liveupdate.conf

hosts/0/login=<plain text strings>
hosts/0/password=<plain text strings>

Workaround:

liveupdate.conf can be encrypted if manually executed with "-r" option.

  1. Log in the SSE/SPE host as root / Administrator and stop the service.
  2. Copy the contents from the FROM to TO if FROM contains only cacheMode, downloadChacneSize, maxPackageContentSize and maxPackageSize:
    1. UNIX (Solaris and Linux):
      FROM    /etc/liveupdate.conf
      TO          /opt/SYMCScan/bin/liveupadate.conf
    2. Windows (32-bit)
      FROM    C:\Documents and Settings\All Users\Application Data\Symantec\Java LiveUpdate\liveupdate.conf
      TO          C:\Program Files\Symantec\Scan Engine\liveupdate.conf
    3. Windows (64-bit)
      FROM    C:\Documents and Settings\All Users\Application Data\Symantec\Java LiveUpdate\liveupdate.conf
      TO          C:\Program Files (x86)\Symantec\Scan Engine\liveupdate.conf

      Note      : If you are going to use Symantec's public LiveUpdate servers, the following steps are not necessary.
  3. Add the following hosts/<number>/ lines which refer to your internal LiveUpdate server. Here the <number> should be identical:
    hosts/<number>/url=ftp://<your internal FTP server's URL>
    hosts/<number>/login:<your FTP user login id in plain text>
    hosts/<number>/password:<your FTP server login password in plain text>
  4. As root / Administrator on the terminal / command prompt, execute the following command:
    1. UNIX (Solaris and Linux)
      # java -classpath /opt/Symantec/LiveUpdate/jlu.jar LiveUpdate -c /opt/SYMCScan/bin/liveupdate.conf -r
    2. Windows (both 32-bit)
      > java -classpath C:\Program Files\Common Files\Symantec Shared\Java LiveUpdate\jlu.jar LiveUpdate -c C:\Program Files\Symantec\Scan Engine\liveupdate.conf -r
    3. Windows (both 64-bit)
      > java -classpath C:\Program Files (x86)\Common Files\Symantec Shared\Java LiveUpdate\jlu.jar LiveUpdate -c C:\Program Files (x86)\Symantec\Scan Engine\liveupdate.conf -r
  5. Open the resulting liveupdate.conf under the SSE/SPE install root and see if the login and the password line are both encrypted such as follows:
    hosts/<number>/url=ftp://<your internal FTP server's URL>
    hosts/2/login:ENC=<encrypted strings>
    hosts/2/mode=passive
    hosts/2/password:ENC=<encrypted strings>
  6. Start SSE / SPE service.

 


Applies To

  • Symantec Scan Engine 5.2.10 and greater
  • Protection Engine 7.0.0 and greater
Powered by Wolken Software