Disabling HTTPS scanning programmatically

Discussion in 'ESET NOD32 Antivirus' started by ilcontepedro, Oct 10, 2010.

Thread Status:
Not open for further replies.
  1. ilcontepedro

    ilcontepedro Registered Member

    Joined:
    Oct 10, 2010
    Posts:
    1
    Hello,

    we are developing a parental control software.

    We are encountering a problem with NOD32's HTTPS scanning, since NOD32 redirects all connections, HTTP and HTTPS to port 30606.

    Since we need to redirect TCP connections too, to our local proxy, and we can't deal with HTTPS connections, we would like to be able to disable NOD32's HTTPS scanning programmatically.

    We found that this registry key SOFTWARE\\ESET\\ESET Security\\CurrentVersion\\Plugins\\01000200\\Profiles\\@My profile\\HttpsScanMode should be put to 0, to disable HTTPS scanning, but of course the registry key is locked by ekrn.exe

    Is there a way to disable NOD32's HTTPS scanning programmatically, since I guess that stopping ekrn.exe is not an option...?
    Of course, if there is a legit way to stop ekrn.exe programmatically (letting the user know that NOD32 has been stopped temporarily), then change the registry key, that would be an option.

    Regards
     
  2. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    It is not possible. Self-defense protects the ESET registry keys from being tampered with malware or basically any 3rd party application.
    Since SSL checking is disabled by default, are you positive that it's actually SSL scanning that causes the problem?
     
  3. kerykeion

    kerykeion Registered Member

    Joined:
    Jun 30, 2010
    Posts:
    267
    Location:
    Philippines
  4. vtol

    vtol Registered Member

    Joined:
    Apr 8, 2010
    Posts:
    774
    Location:
    just around the next corner
    would be curious to know whether your https scanner works with Firefox or not, as NOD does not. also, if you are developing something like NetNanny you might be interested in the development of the Chromium 7 browser branch http://codereview.chromium.org/3723001, which will render https scanning obsolete in the future, at least for the https scanners models of NOD and NetNanny - seems they must have a similar approach.

    that is going to be interesting for the kids to know how to circumvent just by using https proxies
     
Thread Status:
Not open for further replies.