Possible bug in IMON.

Discussion in 'NOD32 version 2 Forum' started by Jurko Gospodnetić, Mar 18, 2004.

Thread Status:
Not open for further replies.
  1. Jurko Gospodnetić

    Jurko Gospodnetić Guest

    Hi.

    We use NOD32 in our company which is causing our development
    department trouble when using the CVSNT server. As it is an open
    source product (see www.cvsnt.org) many people have analyzed
    this problem and they say that the problem is with Nod32's IMON
    module.

    I have managed to duplicate the problem, as well as cause it do
    go away by stopping the IMON module.

    I'm informed that the technical reason is that Nod32's IMOD
    module manages to break a windows system known as 'handle
    inheritance'. (See http://msdn.microsoft.com/library/default.asp?
    url=/library/en-us/sysinfo/base/handle_inheritance.asp).

    You can duplicate the problem by installing a CVSNT server on
    your Windows machine (simple Windows installation), set up a dummy
    repository named 'Dummy' (a few clicks in CVSNT's control applet),
    and try to connect to this repository from the same machine using
    the command 'cvs -d :sspi:localhost:/Dummy version'. Then you
    should get an error message stating 'cvs [version aborted]: Can't
    authenticate - server and client cannot agree on an authentication
    scheme (got '')'.

    If you stop the IMON module and reboot the machine then the
    same command successfully connects to the CVS server and prints
    out the used client and server version.

    One comment from the CVSNT newsgroup:
    'Handle inheritance' is a basic system function (documented to
    work in all versions of windows since windows 95), so there isn't
    any workaround that an application can do to avoid it (at least
    not one that doesn't involve such ugly hacks it's not worth
    considering).

    Please could anyone comment on this? Is this really a bug in
    Nod32? If it is, when can we expect a patch? And if you think it
    is, that could you please suggest any other possible explanation.

    Best regards,
    Jurko Gospodnetić

    Zagreb Stock Exchange
    Ksaver 200
    10000 Zagreb
    Croatia
     
    Jurko Gospodnetić, Mar 18, 2004
    #1
  2. DiGi

    DiGi Registered Member

    Joined:
    Jul 24, 2003
    Posts:
    114
    Location:
    in the middle of nowhere
    This is "old trouble". You can add cvsNT server to IMON's exclusions - it WILL help.

    http://www.wilderssecurity.com/showthread.php?t=14610;start=msg92130#msg92130
    http://www.wilderssecurity.com/showthread.php?t=17540;start=msg108508#msg108508
     
    DiGi, Mar 18, 2004
    #2
  3. triwac

    triwac Eset Staff Account

    Joined:
    Oct 25, 2002
    Posts:
    207
    Location:
    Croatia
    Hi Jurko,
    I just got your message which you sent today to our reseller from which you bought NOD32 and I wrote you a private message. In this message I recomended exclusion of related files in Imon setup. We will do our best to replicate this problem in Eset lab and fix it ASAP.

    regards,
    robert
     
    triwac, Mar 18, 2004
    #3
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...