ESET Smart Security lies about the client's IP address

Discussion in 'ESET Smart Security' started by mauricev, Aug 10, 2009.

Thread Status:
Not open for further replies.
  1. mauricev

    mauricev Registered Member

    Joined:
    Apr 15, 2008
    Posts:
    43
    I have Windows XP boxes running ESS 4.0.437 and a program called Patchlink Update, which is used to apply patches, such as those from windows update. When Patchlink communicates with its server, the server determines the client's IP address. However, with ESS running, Patchlink erroneously thinks it is 127.0.0.1.

    Other users of Patchlink have reported this same issue with ESS. Is there any chance anyone from ESET Q/A can check this out?

    Patchlink is described at http://www.lumension.com/vulnerabil...ent-software.jsp?rpLangCode=1&rpMenuId=150833
     
  2. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    Try the following:
    1, In the setup, navigate to Antivirus and antispyware -> Web access protection -> HTTP, HTTPS -> Web browsers
    2, look up the file that belongs to Patchlink and click the checkbox next to it (once or twice) so that a red cross appears in the checkbox
     
  3. mauricev

    mauricev Registered Member

    Joined:
    Apr 15, 2008
    Posts:
    43
    Yes, thank you, I know about that and it does workaround the problem, but I was posting to ask your QA to followup if this could be fixed in code. Tech support actually told me this is route to escalating an issue to QA.
     
  4. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    Perhaps we could consider excluding that application directly in the code. A fix should be made by the developer of Patchlink. Anyways, it should work fine with Vista SP2 or newer OS as they support WFP so the http traffic is no longer routed through a local proxy for scanning.
     
  5. mauricev

    mauricev Registered Member

    Joined:
    Apr 15, 2008
    Posts:
    43
    Aha, so you're saying it's by the intrinsic design of ESS. It proxies all http traffic, so that it can be scanned and by doing so that's necessarily going to confuse Patchlink into thinking the IP address is localhost. Anyway, what could Patchlink do to fix that? It seems they intend to report what the client end tells them since that IP may genuinely be different than the ones physically on the system.
     
Thread Status:
Not open for further replies.