PDA

View Full Version : Solo Anti Virus will not update. Rule(s) needed.

cdysthe
March 11th, 2004, 12:40 PM
Hi,

I am using Solo Anti Virus (from www.srnmicro.com). However, even if I allow the application it won't update without me disabling LnS. It looks like it connects on port 80 to determine if updates is available and the downloads them by FTP on port 20. I have tried to make some rules, but they do not work. The connnection on port 80 works, but the download doesn't.

Here's the log entries I can find regarding this:

03-11-04,08:08:11 D-619 'TCP : Block incoming con' 65.77.209.226 TCP Ports Dest:1407 Src:ftp-data=20

03-11-04,08:12:28 D-638 'TCP : Block incoming con' 65.77.209.226 TCP Ports Dest:1450 Src:ftp-data=20

03-11-04,09:50:25 D-729 'TCP : Block incoming con' 65.77.209.226 TCP Ports Dest:1536 Src:ftp-data=20

03-11-04,10:28:10 U-1023 'TCP : Any other packet ' 146.72.235.10 TCP Ports Dest:www-http=80 Src:1944
03-11-04,10:28:11 U-1024 'TCP : Any other packet ' 146.72.235.10 TCP Ports Dest:www-http=80 Src:1945

Have anyone used Solo Anti Virus with LnS and have update work successfully?

TIA for help and/or pointers.
killjoy
March 11th, 2004, 01:51 PM
Have u only made an allow rule for this app in app filtering ?? Because for some programs you also have to make a rule within internet filtering allowing this app. That should fix it
Frederic
March 11th, 2004, 02:21 PM
Hi,

It seems the download uses the FTP protocol. Is there a way to configure the updater to use passive FTP mode ?

Frederic
cdysthe
March 11th, 2004, 05:27 PM
-{ Quote: " quoting: Frederic link=board=13;threadid=24274;start=0#msg142733 date=1079032865]
Hi,

It seems the download uses the FTP protocol. Is there a way to configure the updater to use passive FTP mode ?

Frederic


" }-

Nope, there's no options for the update mechanism, so I guess I will have to play around with a rule allowing ftp port 20 for this application only. Would that be the right approach? It's kind of hard to do testing since they only have updates one every couple of days. And without an update available I can't test since no ftp transfer is needed.
Frederic
March 12th, 2004, 11:44 AM
Hi,

Yes, you need to create a rule that will open the port 20 for incoming connections. When editing the Internet Filtering rule, click on the Application button and select the Updater application, this will cause the port to be open only when the updater is running.

Frederic