Having problems with the latest firewall module 1047?

Discussion in 'ESET Smart Security' started by Marcos, Jun 23, 2009.

Thread Status:
Not open for further replies.
  1. Jarth

    Jarth Registered Member

    Joined:
    Jun 23, 2009
    Posts:
    3
    Where do you find that option? (Btw, using V3)

    Also, i cant find the "Test mode" - Button in the update-dialog as shown, gonna try and reinstall, might solve it all.
     
  2. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    163,038
    Location:
    Texas
    Version 4.
     
  3. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    163,038
    Location:
    Texas
    New firewall module available
     
  4. elapsed

    elapsed Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    7,076
    Why? Has 1048 been released?
     
  5. diffy

    diffy Registered Member

    Joined:
    Apr 9, 2008
    Posts:
    31
    Location:
    LI, NY, USA
    1048 did not fix the problems that surfaced under 1047. Still need to have the firewall off to use our main application.:(
     
  6. stratoc

    stratoc Guest

  7. elapsed

    elapsed Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    7,076
    The probably pulled the download, that's why.
     
  8. stratoc

    stratoc Guest

    yeah they pulled the lot earlier when it came back up modules not updating.
     
  9. diffy

    diffy Registered Member

    Joined:
    Apr 9, 2008
    Posts:
    31
    Location:
    LI, NY, USA
    Waiting for lull in system use so we can turn the FW back on to test version 1049 which updated overnight.

    We'll let you know...
     
  10. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,456
    The firewall module 1049 has been released to all users. It should eventually fix all the issues introduced in build 1047.
     
  11. elapsed

    elapsed Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    7,076
    Does this include the IPv6 fix?
     
  12. elapsed

    elapsed Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    7,076
    What a surprise I still get blocked IPv6 on Vista login.
     
  13. diffy

    diffy Registered Member

    Joined:
    Apr 9, 2008
    Posts:
    31
    Location:
    LI, NY, USA
    With 1049 we get:

    Occasional application crashes due to lost connectivety

    Log entries like this:
    6/24/2009 12:29:17 PM Detected TCP Flooding attack xx.xx.xx.15:1302 xx.xx.xx.20:2785 TCP
    (.15 is workstation, .20 is server)
    Sluggish response that matches the reported "flooding attacks" as we use our main application

    The above is actually an improvement. :cautious:
     
    Last edited: Jun 24, 2009
  14. The PIT

    The PIT Registered Member

    Joined:
    Sep 4, 2008
    Posts:
    185
    Interesting I've got packets being blocked going to this address 213.155.157.97:80

    Whois comes up with this. I believe they handle the dns requests

    inetnum: 213.155.157.0 - 213.155.157.255
    netname: AKAMAI
    descr: Akamai International B.V.
    org: ORG-AIB7-RIPE
    country: GB
    admin-c: NARA1-RIPE
    tech-c: NARA1-RIPE
    status: ASSIGNED PA
    mnt-by: TELIANET-LIR
    source: RIPE # Filtered

    organisation: ORG-AIB7-RIPE
    org-name: Akamai International B.V.
    org-type: OTHER
    descr: The Trusted Choice for Online Business
    address: 8 Cambridge Center
    address: MA 02142 Cambridge
    address: United States
    phone: +16144443007
    admin-c: NARA1-RIPE
    tech-c: NARA1-RIPE
    mnt-by: TELIANET-LIR
    mnt-ref: TELIANET-LIR
    source: RIPE # Filtered

    role: Network Architecture Role Account
    address: Akamai Technologies
    address: 8 Cambridge Center
    address: Cambridge, MA 02142
    phone: +1-617-938-3130
    abuse-mailbox:
    admin-c: NF1714-RIPE
    admin-c: JP1944-RIPE
    tech-c: NF1714-RIPE
    tech-c: JP1944-RIPE
    tech-c: APB15-RIPE
    tech-c: CKAK-RIPE
    tech-c: PWG8-RIPE
    nic-hdl: NARA1-RIPE
    mnt-by: AKAM1-RIPE-MNT
    source: RIPE # Filtered

    route: 213.155.128.0/19
    descr: TELIANET-BLK
    origin: AS1299
    mnt-by: TELIANET-RR
    source: RIPE # Filtered
     
  15. spaeter

    spaeter Registered Member

    Joined:
    Mar 14, 2006
    Posts:
    10
    Since a lot of days I have this problem (firewall module 1049) when connecting to my home pc (with ESS 3.0.684) through a webserver:
    Never had this problem before.

    Any solution? :rolleyes:
    thanks
    bye
     
  16. spaeter

    spaeter Registered Member

    Joined:
    Mar 14, 2006
    Posts:
    10
    bump...
     
  17. Scoty

    Scoty Registered Member

    Joined:
    Mar 7, 2009
    Posts:
    16
    Where can see witch firewall version i have?
     
  18. proactivelover

    proactivelover Registered Member

    Joined:
    Apr 7, 2006
    Posts:
    840
    Location:
    Near Wilders Forums
    here it is
    i am using WINDOW 7 RTM BUILD 7600 with ess v4.0.437 with test mode enable
     

    Attached Files:

    • ggg.jpg
      ggg.jpg
      File size:
      101.6 KB
      Views:
      200
  19. Scoty

    Scoty Registered Member

    Joined:
    Mar 7, 2009
    Posts:
    16
    I have the same without Test Mode. The Firewall not correct working with 7 RTM.
     
  20. proactivelover

    proactivelover Registered Member

    Joined:
    Apr 7, 2006
    Posts:
    840
    Location:
    Near Wilders Forums
    I DONOT SEEN SINGLE PROBLEM IN FIREWALL ON WIN 7 RTM(7600) WORK FINE
     
  21. Scoty

    Scoty Registered Member

    Joined:
    Mar 7, 2009
    Posts:
    16
    Look in the Security Center, i can not see Eset. Eset have not turn off the 7 Firewall.
     
  22. proactivelover

    proactivelover Registered Member

    Joined:
    Apr 7, 2006
    Posts:
    840
    Location:
    Near Wilders Forums
    no more Security Center it's now Action Center
     

    Attached Files:

    • guu.jpg
      guu.jpg
      File size:
      38.9 KB
      Views:
      196
  23. Teds

    Teds Registered Member

    Joined:
    Oct 7, 2008
    Posts:
    3
    This might be the right place to ask! :D

    I have ESET Smart Security 4.0.437.0 installed on two computers. Both running Vista, and both having problems regarding firewall module 1051. The personal firewall refusing me to connect to several sites on the internet; for example Google, Youtube. Also having problems connect to MSN Messenger.

    No difference between automatic mode or interactive mode, and the only solution is to turn disable filtering.

    Might be an error in the last update, or is it local?

    Thanks! :)
     
  24. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,456
    If you actually have the latest firewall module 1051 installed and disabling firewall helps, could you enable logging all blocked connections, reproduce the problem, disable logging blocked connections and check the firewall log for details about blocked connections. If possible, please post the records created when reproducing the problem here.
     
  25. Teds

    Teds Registered Member

    Joined:
    Oct 7, 2008
    Posts:
    3
    Thank you for your reply!

    After enabled logging and reproduced the problem, I've found another thread with the same problem.

    Address temporarily blocked by active defense (IDS)

    When trying to connect to Google with firewall enabled on automatic mode, it seems that it's blocking the connection over and over.

    A few lines from the log, the most essensial part from this tryout.

    Edit: Checked with a direct connection instead of a wireless network. Thought maybe the router was the problem, but I had the same problem. If there is a software-problem it must have happened in update 4347 or 4348, because it worked well yesterday.

    Thanks!

    Code:
    19.08.2009 18:30:00	No usable rule found	192.168.1.143:53413	224.0.0.252:5355	UDP		C:\Windows\System32\svchost.exe	NT-MYNDIGHET\NETTVERKSTJENESTE
    19.08.2009 18:30:00	No usable rule found	fe80::89c3:132c:3d5c:1a5f.:60151	ff02::1:3.:5355	UDP		C:\Windows\System32\svchost.exe	NT-MYNDIGHET\NETTVERKSTJENESTE
    19.08.2009 18:30:00	No usable rule found	192.168.1.143:53413	224.0.0.252:5355	UDP		C:\Windows\System32\svchost.exe	NT-MYNDIGHET\NETTVERKSTJENESTE
    19.08.2009 18:30:00	No usable rule found	fe80::89c3:132c:3d5c:1a5f.:60151	ff02::1:3.:5355	UDP		C:\Windows\System32\svchost.exe	NT-MYNDIGHET\NETTVERKSTJENESTE
    19.08.2009 18:29:32	Address temporarily blocked by active defense (IDS)	192.168.1.181:51704	74.125.77.103:80	TCP			
    19.08.2009 18:29:26	Address temporarily blocked by active defense (IDS)	192.168.1.181:51704	74.125.77.103:80	TCP			
    19.08.2009 18:29:23	Address temporarily blocked by active defense (IDS)	192.168.1.181:51704	74.125.77.103:80	TCP			
    19.08.2009 18:29:20	No usable rule found	192.168.1.143:52553	224.0.0.252:5355	UDP		C:\Windows\System32\svchost.exe	NT-MYNDIGHET\NETTVERKSTJENESTE
    19.08.2009 18:29:20	No usable rule found	fe80::89c3:132c:3d5c:1a5f.:56469	ff02::1:3.:5355	UDP		C:\Windows\System32\svchost.exe	NT-MYNDIGHET\NETTVERKSTJENESTE
    19.08.2009 18:29:20	No usable rule found	192.168.1.143:52553	224.0.0.252:5355	UDP		C:\Windows\System32\svchost.exe	NT-MYNDIGHET\NETTVERKSTJENESTE
    19.08.2009 18:29:20	No usable rule found	fe80::89c3:132c:3d5c:1a5f.:56469	ff02::1:3.:5355	UDP		C:\Windows\System32\svchost.exe	NT-MYNDIGHET\NETTVERKSTJENESTE
    19.08.2009 18:29:11	Address temporarily blocked by active defense (IDS)	192.168.1.181:51703	74.125.77.106:80	TCP			
    19.08.2009 18:29:05	Address temporarily blocked by active defense (IDS)	192.168.1.181:51703	74.125.77.106:80	TCP			
    19.08.2009 18:29:02	Address temporarily blocked by active defense (IDS)	192.168.1.181:51703	74.125.77.106:80	TCP			
    19.08.2009 18:28:50	Address temporarily blocked by active defense (IDS)	192.168.1.181:51701	74.125.77.104:80	TCP			
    19.08.2009 18:28:48	Address temporarily blocked by active defense (IDS)	192.168.1.181:51653	74.125.77.99:80	TCP			
    19.08.2009 18:28:44	Address temporarily blocked by active defense (IDS)	192.168.1.181:51701	74.125.77.104:80	TCP			
    19.08.2009 18:28:41	Address temporarily blocked by active defense (IDS)	192.168.1.181:51701	74.125.77.104:80	TCP			
    19.08.2009 18:28:38	Address temporarily blocked by active defense (IDS)	192.168.1.181:51653	74.125.77.99:80	TCP			
    19.08.2009 18:28:33	Address temporarily blocked by active defense (IDS)	192.168.1.181:51653	74.125.77.99:80	TCP			
    19.08.2009 18:28:31	Address temporarily blocked by active defense (IDS)	192.168.1.181:51653	74.125.77.99:80	TCP			
    19.08.2009 18:28:30	Address temporarily blocked by active defense (IDS)	192.168.1.181:51653	74.125.77.99:80	TCP			
    19.08.2009 18:28:29	Address temporarily blocked by active defense (IDS)	192.168.1.181:51700	74.125.77.99:80	TCP			
    19.08.2009 18:28:29	Address temporarily blocked by active defense (IDS)	192.168.1.181:51653	74.125.77.99:80	TCP			
    19.08.2009 18:28:29	Address temporarily blocked by active defense (IDS)	192.168.1.181:51653	74.125.77.99:80	TCP			
    19.08.2009 18:28:23	Address temporarily blocked by active defense (IDS)	192.168.1.181:51700	74.125.77.99:80	TCP			
    19.08.2009 18:28:20	Address temporarily blocked by active defense (IDS)	192.168.1.181:51700	74.125.77.99:80	TCP			
    19.08.2009 18:28:08	Address temporarily blocked by active defense (IDS)	192.168.1.181:51697	74.125.77.147:80	TCP			
    19.08.2009 18:28:02	Address temporarily blocked by active defense (IDS)	192.168.1.181:51697	74.125.77.147:80	TCP			
    19.08.2009 18:27:59	Address temporarily blocked by active defense (IDS)	192.168.1.181:51697	74.125.77.147:80	TCP			
    19.08.2009 18:27:47	Address temporarily blocked by active defense (IDS)	192.168.1.181:51696	74.125.77.105:80	TCP			
    19.08.2009 18:27:41	Address temporarily blocked by active defense (IDS)	192.168.1.181:51696	74.125.77.105:80	TCP			
    19.08.2009 18:27:38	Address temporarily blocked by active defense (IDS)	192.168.1.181:51696	74.125.77.105:80	TCP			
    19.08.2009 18:27:30	Address temporarily blocked by active defense (IDS)	74.125.77.104:80	192.168.1.181:51562	TCP			
    19.08.2009 18:27:29	Address temporarily blocked by active defense (IDS)	74.125.77.104:80	192.168.1.181:51561	TCP			
    19.08.2009 18:27:29	Address temporarily blocked by active defense (IDS)	74.125.77.104:80	192.168.1.181:51562	TCP			
    19.08.2009 18:27:29	Address temporarily blocked by active defense (IDS)	74.125.77.104:80	192.168.1.181:51561	TCP			
    19.08.2009 18:27:29	Address temporarily blocked by active defense (IDS)	74.125.77.99:80	192.168.1.181:51653	TCP			
    19.08.2009 18:27:28	Address temporarily blocked by active defense (IDS)	74.125.77.99:80	192.168.1.181:51653	TCP			
    19.08.2009 18:27:28	Detected DNS cache poisoning attack	192.168.1.1:53	192.168.1.181:59377	UDP			
    19.08.2009 18:27:26	Address temporarily blocked by active defense (IDS)	192.168.1.181:51695	74.125.77.147:80	TCP			
    19.08.2009 18:27:20	Address temporarily blocked by active defense (IDS)	192.168.1.181:51695	74.125.77.147:80	TCP			
    19.08.2009 18:27:17	Address temporarily blocked by active defense (IDS)	192.168.1.181:51695	74.125.77.147:80	TCP			
    19.08.2009 18:27:05	Address temporarily blocked by active defense (IDS)	192.168.1.181:51694	74.125.77.104:80	TCP			
    19.08.2009 18:26:59	Address temporarily blocked by active defense (IDS)	192.168.1.181:51694	74.125.77.104:80	TCP			
    19.08.2009 18:26:56	Address temporarily blocked by active defense (IDS)	192.168.1.181:51694	74.125.77.104:80	TCP			
    19.08.2009 18:26:44	Address temporarily blocked by active defense (IDS)	192.168.1.181:51692	74.125.77.103:80	TCP			
    19.08.2009 18:26:38	Address temporarily blocked by active defense (IDS)	192.168.1.181:51692	74.125.77.103:80	TCP			
     
    Last edited: Aug 19, 2009
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.