cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Veritas.com
Support

Remote Agent Service Terminated Unexpectedly

Thomas_Mather
Not applicable

‎06-29-2005 11:50 AM

Starting a few days ago, most of my ~20 remote agents started terminating in the middle of backup jobs. I have only successfully completed about 3 out of about 30 jobs since then.

The remote servers are in different buildings and on different sub-nets. They are Windows 2000 server and 2003 server machines.

The jobs fails with the the standard "Network name is no longer available" messge on the media server. But at that same moment, the remote agent on both the remote client and media server fail unexpectedly (Error 7031) (causing future jobs to fail unless I restart them). But even though I restart them - they end up stopping agin after the next job starts.

They usually stop about 15-45 minutes into the job.

Please help as I am "dead in the water" right now.

The only changes that have occured on my servers have been related to VirusScan 8.0 (I installed the latest patch 10 version). But that was about 10 days ago (the bckups worked for about a week after the VirusScan upgrade)

thomas
0 Kudos
1 REPLY 1

Renuka_-
Level 6
Employee

‎07-01-2005 08:47 AM

Hello,

To determine if the RAWS service failure is in fact due to such an attack, check to see if the FAULT occurs in the function "DeasciifyAndDecrypt" within the Dr Watson log. The following iDEFENSE article gives a great deal of detail on the Vulnerability and gives a Windows Debugger (WinDbg) break down of a user.dmp from such a service failure:
Veritas Backup Exec Agent CONNECT_CLIENT_AUTH Buffer Overflow Vulnerability

http://www.idefense.com/application/poi/display?id=272&type=vulnerabilities&flashstatus=true


You can also get to this article by starting from our Security Advisory, click on the iDEFENSE link, and then click on the Vulnerability that mentions VERITAS Backup Exec and a Buffer Overflow (ADVISORY 06.23.05 : Veritas Backup Exec Agent CONNECT_CLIENT_AUTH Buffer Overflow Vulnerability). We may be modifying the VERITAS advisory to include a direct link to the iDEFENSE related advisory

NOTE : If we do not receive your reply within two business days, this post would be marked assumed answeredand would be moved toanswered questions pool.
0 Kudos