Support Center > Search Results > SecureKnowledge Details
Detection issue of malicious URLs in Anti-Bot / Anti-Virus after installing Take 143 of R77.30 Jumbo Hotfix Accumulator
Symptoms
  • There is an issue with Anti-Bot / Anti-Virus detection of malicious URLs after installing Take 143 of R77.30 Jumbo Hotfix Accumulator.

  • "Check Point Online Web Service failure" is the only relevant log from Anti-Bot / Anti-Virus blades in SmartView Tracker / SmartLog.
    No other logs and no connectivity issues could be found.

Cause

In Take 143 (and only in this specific Take), the synchronization between the schema file and the library of the Resource Advisor (RAD) daemon fails.


Solution

This problem was fixed. The fix is included in:

 

The following immediate workaround is available:

Note: In cluster environment, this procedure must be performed on all members of the cluster.

  1. Connect to command line on Security Gateway.

  2. Log in to Expert mode.

  3. Backup the current $FWDIR/conf/rad_scheme.C file:

    [Expert@HostName:0]# cp -v $FWDIR/conf/rad_scheme.C $FWDIR/conf/rad_scheme.C_ORIGINAL
  4. Edit the current $FWDIR/conf/rad_scheme.C file:

    [Expert@HostName:0]# vi $FWDIR/conf/rad_scheme.C
  5. Change:

    from:
    :const ("/Malware/malware/5.0?resource=")
    to:
    :const ("/Malware/malware/6.0?resource=")
  6. Save the changes and exit from Vi editor.

  7. Install policy on Security Gateway.

Give us Feedback
Please rate this document
[1=Worst,5=Best]
Comment