Page 1 of 2 12 LastLast
Results 1 to 10 of 14

Thread: WebRoot Enterprise

  1. #1
    Senior Member
    Join Date
    Aug 2003
    Posts
    224

    WebRoot Enterprise

    Hello fellow Corporate Baby Sitters.....
    I have just installed Webroot Enterprise for a centralize point of scanning/cleaning spyware and adware. There are very few of enterprise versions of spyware solutions that I can find. Webroot is nice, but it lacks several common features that I would have included in the application. For example, if you run a report, you must either print the report or close it out. While the report window is open, you cannot go back the the application. Also, the application cannot scan your domain to see your PC's until the spyware client service is installed and running on the computers you wish to scan. There is also no tool or feature that will push the clients out from the main console. I really like the application, but not willing to pay 4 Grand for 150 users. Maybe the next version will strike my fancy a bit more and I'll take the plunge. But for now, I will continue the search for another solution. Please let me know if you have found a decent solution for your enterprise environment.
    There are many rewarding oppurtunities awaiting composure from like minds and great ideas. It in my objective to interconnect great things.

  2. #2
    Spysweeper is the best enterprise-scale product we've been able to find as well.

  3. #3
    Senior Member
    Join Date
    May 2002
    Posts
    256
    Nah, ya'll have to test drive CounterSpy Enterprise!!! CrystalReports kick some butt!

    http://www.sunbelt-software.com/product.cfm?id=400
    Sex is like \"Social Security\". You get a little each month, but it\'s not enough to live on.

  4. #4
    Senior Member
    Join Date
    Aug 2003
    Posts
    224
    Thanks for the info. I will download and eval.
    Thanks
    There are many rewarding oppurtunities awaiting composure from like minds and great ideas. It in my objective to interconnect great things.

  5. #5
    Senior Member
    Join Date
    Aug 2003
    Posts
    224
    Thanks for the info. I downoladed this application and installed it on a 2003 server. I could not get the status of the clients to change from pending. I sent some info to tech support on my issues and was told that I needed to install MDAC 2.8 and the .NET framework. These items were already installed then I told them after that incident that Everything was as it should be. The response that I got then was to ensure that file and print sharing was disabled. This really baffled me that I had to turn off file and print sharing>>>
    OK, so to humor them I turned off file and print sharing on one of my test clients stopped and reastarted the services on the client and server. Still no luck. I replied back that maybe I would try one of their later releases.
    However, I'm still searching for a spyware solution from an enterprise point of view
    Thanks. If a miracle allows an application of this caliber to slilp into the market. Please let me know.
    thanks
    There are many rewarding oppurtunities awaiting composure from like minds and great ideas. It in my objective to interconnect great things.

  6. #6
    Senior Member
    Join Date
    May 2002
    Posts
    256
    Let me clear things up for you fraggin. First, the file/print sharing....you need to turn off SIMPLE file and print sharing (typically disabled by default if you join a domain)....not just any old file/print sharing...
    Next, I would try to perform a manual deployment. Select the policy (typically default), then select policy from the drop down list. Next click on deploy manual agent (or something like that). Create an EXE file. Run that file on the workstation that you are wanting to monitor. Next, click on Agents (within the console) and press refresh. Does it show as installed?
    Sex is like \"Social Security\". You get a little each month, but it\'s not enough to live on.

  7. #7
    Senior Member
    Join Date
    Jan 2003
    Posts
    3,915
    Hey Hey,

    I know that they are experimenting with WebRoot here... or they had been at one point and they were speaking very highly of it...

    Those of you using WebRoot may want to check this out... It was posted to day to Secunia, VulnWatch and a few other mailing lists.

    ======================================================================

    Secunia Research 21/12/2004

    - Spy Sweeper Enterprise Client Privilege Escalation Vulnerability -

    ======================================================================
    Table of Contents

    Affected Software....................................................1
    Severity.............................................................2
    Vendor's Description of Software.....................................3
    Description of Vulnerability.........................................4
    Solution.............................................................5
    Time Table...........................................................6
    Credits..............................................................7
    References...........................................................8
    About Secunia........................................................9
    Verification........................................................10

    ======================================================================
    1) Affected Software

    Spy Sweeper Enterprise 1.5.1 (Build 3698)

    NOTE: Other versions may also be affected.

    ======================================================================
    2) Severity

    Rating: Less Critical
    Impact: Privilege Escalation
    Where: Local System

    ======================================================================
    3) Vendor's Description of Software

    Spy Sweeper Enterprise:
    "Webroot Spy Sweeper Enterprise provides comprehensive spyware protection for corporations. Using a client / server architecture, Spy Sweeper Enterprise proactively detects and removes all forms of spyware and malware within the organization".

    Product link:
    http://www.webroot.com/products/spysweeper/enterprise/

    ======================================================================
    4) Description of Vulnerability

    Secunia Research has discovered a vulnerability in Spy Sweeper Enterprise, which can be exploited by malicious, local users to gain escalated privileges.

    The vulnerability is caused due to the Spy Sweeper Enterprise Client "SpySweeperTray.exe" process invoking the help functionality with SYSTEM privileges.

    This can be exploited to execute arbitrary commands on a system with escalated privileges.

    ======================================================================
    5) Solution

    The vendor has issued version 2.0, which fixes the vulnerability.

    ======================================================================
    6) Time Table

    15/11/2004 - Vulnerability discovered.
    15/11/2004 - Vendor notified.
    15/11/2004 - Vendor response.
    19/12/2004 - Vendor issues version 2.0.
    21/12/2004 - Public disclosure.

    ======================================================================
    7) Credits

    Discovered by Carsten Eiram, Secunia Research.

    ======================================================================
    8) References

    The Common Vulnerabilities and Exposures (CVE) project has not currently assigned the vulnerability a candidate number.

    ======================================================================
    9) About Secunia

    Secunia collects, validates, assesses, and writes advisories regarding all the latest software vulnerabilities disclosed to the public. These advisories are gathered in a publicly available database at the Secunia website:

    http://secunia.com/

    Secunia offers services to our customers enabling them to receive all relevant vulnerability information to their specific system configuration.

    Secunia offers a FREE mailing list called Secunia Security Advisories:

    http://secunia.com/secunia_security_advisories/

    ======================================================================
    10) Verification

    Please verify this advisory by visiting the Secunia website:
    http://secunia.com/secunia_research/2004-14/

    Complete list of vulnerability reports published by Secunia Research:
    http://secunia.com/secunia_research/

    ======================================================================
    Peace,
    HT

  8. #8
    Senior Member
    Join Date
    Aug 2003
    Posts
    224
    Originally posted here by wildred
    Let me clear things up for you fraggin. First, the file/print sharing....you need to turn off SIMPLE file and print sharing (typically disabled by default if you join a domain)....not just any old file/print sharing...
    Next, I would try to perform a manual deployment. Select the policy (typically default), then select policy from the drop down list. Next click on deploy manual agent (or something like that). Create an EXE file. Run that file on the workstation that you are wanting to monitor. Next, click on Agents (within the console) and press refresh. Does it show as installed?
    Let me clear things up for you wildred. This was in regards to counterspy. Webroot is fine with the exception of a few overlooked features in development. Not worth the price for current functionality.
    There are many rewarding oppurtunities awaiting composure from like minds and great ideas. It in my objective to interconnect great things.

  9. #9
    Senior Member
    Join Date
    May 2002
    Posts
    256
    Correct - that is what I am referring to. When you installed CSE, you need to have simple file and print sharing...in addition the manual deployment should work for you if the push command from the console fails...
    You faulted lack of support (or inadequate support) for CSE, which is why I jumped in to provide "proper" support for this.
    Sex is like \"Social Security\". You get a little each month, but it\'s not enough to live on.

  10. #10
    Senior Member
    Join Date
    Aug 2003
    Posts
    224
    CSE is too unreliable to pay for. I guess that is just my opinion, but, I will not be purchasing it.
    There are many rewarding oppurtunities awaiting composure from like minds and great ideas. It in my objective to interconnect great things.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •