Hi Support-Forum,
I`m looking for the latest Suspicious Files.xml file and a manual to implement them.
Regards,
Oliver
-
OMW72
- Enthusiast
- Posts: 69
- Liked: 7 times
- Joined: Nov 16, 2022 2:18 pm
- Contact:
-
Mildur
- Product Manager
- Posts: 11697
- Liked: 3292 times
- Joined: May 13, 2017 4:51 pm
- Full Name: Fabian K.
- Location: Switzerland
- Contact:
Re: SuspiciousFiles.xml
Product Management Analyst @ Veeam Software
-
OMW72
- Enthusiast
- Posts: 69
- Liked: 7 times
- Joined: Nov 16, 2022 2:18 pm
- Contact:
Re: SuspiciousFiles.xml
Hi Fabian,
I downloaded the file already and implemented them as descripted in the KB.
Just wanted to make sure that the file is the latest one.
In my opinion the content of the xml should be displayed in the configure file mask part --> suspicion files , but this is not the case,
Regards,
Oliver
I downloaded the file already and implemented them as descripted in the KB.
Just wanted to make sure that the file is the latest one.
In my opinion the content of the xml should be displayed in the configure file mask part --> suspicion files , but this is not the case,
Regards,
Oliver
-
Mildur
- Product Manager
- Posts: 11697
- Liked: 3292 times
- Joined: May 13, 2017 4:51 pm
- Full Name: Fabian K.
- Location: Switzerland
- Contact:
Re: SuspiciousFiles.xml
Hi Oliver,
The file on our web server is always the latest version. You can compare its version number with the one on your backup server.
The current version is 142:
What would you do with the full list if it were visible in the console? How would that help with your regular backup server tasks?
Best,
Fabian
The file on our web server is always the latest version. You can compare its version number with the one on your backup server.
The current version is 142:
Code: Select all
<Version>142</Version>We currently have 4,478 entries in that file. Displaying all of them in the UI could overload it, and you would not be able to remove individual entries from that list anyway.In my opinion the content of the xml should be displayed in the configure file mask part
What would you do with the full list if it were visible in the console? How would that help with your regular backup server tasks?
Best,
Fabian
Product Management Analyst @ Veeam Software
-
OMW72
- Enthusiast
- Posts: 69
- Liked: 7 times
- Joined: Nov 16, 2022 2:18 pm
- Contact:
Re: SuspiciousFiles.xml
Hi Fabian,
of course you are right that makes no sense.
Due the fact that this files contains that amount of entries do have a recommendation which files are highly needs to add to the susspicion files section?
Maybe the next questions sounds weird but what is the procedure to switch on / activate the suspicion file xml on a backupserver?
regards
Oliver
of course you are right that makes no sense.
Due the fact that this files contains that amount of entries do have a recommendation which files are highly needs to add to the susspicion files section?
Maybe the next questions sounds weird but what is the procedure to switch on / activate the suspicion file xml on a backupserver?
regards
Oliver
-
Mildur
- Product Manager
- Posts: 11697
- Liked: 3292 times
- Joined: May 13, 2017 4:51 pm
- Full Name: Fabian K.
- Location: Switzerland
- Contact:
Re: SuspiciousFiles.xml
Hi Oliver
1.) Recommended files are added by us. A customer don't have to manage it themselves.
2.) What you do mean by switch on / activate? It's used by default and can't be disabled.
Best,
Fabian
1.) Recommended files are added by us. A customer don't have to manage it themselves.
2.) What you do mean by switch on / activate? It's used by default and can't be disabled.
Best,
Fabian
Product Management Analyst @ Veeam Software
-
OMW72
- Enthusiast
- Posts: 69
- Liked: 7 times
- Joined: Nov 16, 2022 2:18 pm
- Contact:
Re: SuspiciousFiles.xml
Hi Fabian,
ok I guess now I got it.This xml-file has nothing to do with the xml that can be imported / exported within the option configure file mask --> export these filters / import existing list.
Is there a recommendation available what kind of files a company has to add to the suspicious files section?
Regards,
Oliver
ok I guess now I got it.This xml-file has nothing to do with the xml that can be imported / exported within the option configure file mask --> export these filters / import existing list.
Is there a recommendation available what kind of files a company has to add to the suspicious files section?
Regards,
Oliver
-
Mildur
- Product Manager
- Posts: 11697
- Liked: 3292 times
- Joined: May 13, 2017 4:51 pm
- Full Name: Fabian K.
- Location: Switzerland
- Contact:
Re: SuspiciousFiles.xml
As I said before, you don’t have to add your own inclusions. You can use them if you want to add something that is currently not monitored. I won’t be able to provide a list of recommendations, as I have no idea what you may need to add in the future. Typical files and extensions of ransomware will be added by us as soon we are getting aware of it. Customer files/extensions can be added by you.
For exclusions, you may want to add them if you get false positives after a backup job with the guest index scan session. In rare cases, a customer may be using applications that have file types listed in our XML. If that happens; and you know those file types are expected; then you can use "Trusted objects".
Best,
Fabian
For exclusions, you may want to add them if you get false positives after a backup job with the guest index scan session. In rare cases, a customer may be using applications that have file types listed in our XML. If that happens; and you know those file types are expected; then you can use "Trusted objects".
Best,
Fabian
Product Management Analyst @ Veeam Software
Who is online
Users browsing this forum: Bing [Bot], Semrush [Bot] and 259 guests