ESS causing network jams when copying files across network

Discussion in 'ESET Smart Security' started by probedb, Oct 12, 2010.

Thread Status:
Not open for further replies.
  1. probedb

    probedb Registered Member

    Joined:
    Sep 27, 2008
    Posts:
    32
    Location:
    Sheffield, UK
    Hi folks,

    I finally nailed a problem I've been having with my network. It's ESS Firewall causing it.

    Versions; 4.2.64.12 on both PCs. Both PCs are Win 7 Pro 64-bit, connected via a nethear gigabit hub and both cards are connected at 1Gbps.

    I was seeing network traffic as in the attached file when copying data across shared drives (not Homegroup as I don't use it):

    Once I turned off the Firewall on both machines I got no pauses and the network utilization remained at ~75%.

    Any thoughts as it's a very annoying issue as sometimes those pauses can last minutes.

    Cheers,
    Paul.
     

    Attached Files:

  2. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
    did you place your network in Trusted zone (assuming you are not scanning network drives in AV portion of it)?
     
  3. probedb

    probedb Registered Member

    Joined:
    Sep 27, 2008
    Posts:
    32
    Location:
    Sheffield, UK
    As far as I'm aware. I have 192.168.1.0 as a trusted zone with Sharing enabled. Do I need to add specific rules?

    Do I need to disable network drive scanning?

    Cheers for the reply!
     
  4. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
    Try with network drive scanning disabled
     
  5. probedb

    probedb Registered Member

    Joined:
    Sep 27, 2008
    Posts:
    32
    Location:
    Sheffield, UK
    Cheers will give that a go this evening and post results :)

    Since ESS is on all my machines, scanning network drives is kinda pointless.
     
  6. stackz

    stackz Registered Member

    Joined:
    Dec 27, 2007
    Posts:
    619
    Location:
    Sydney Australia
    Also in Zones setup, look under Names for 'Addresses excluded from active protection (IDS)' and add your subnet there.
     
  7. probedb

    probedb Registered Member

    Joined:
    Sep 27, 2008
    Posts:
    32
    Location:
    Sheffield, UK
    I thought you had it there :( Copied for about 1min before stopping again.

    Well my 3 licenses are up for renewal so maybe I should change.....well the Firewall at least because this is unusable.

    I also disabled network drive scanning on all machines.....no change.
     
  8. probedb

    probedb Registered Member

    Joined:
    Sep 27, 2008
    Posts:
    32
    Location:
    Sheffield, UK
    I found I'm getting these on both machines:

    13/10/2010 19:26:07 Incorrect TCP packet checksum 0

    and on one machines I get lots of:

    13/10/2010 19:48:00 No usable rule found 192.168.1.2:3483 255.255.255.255:3483 UDP

    I'm pretty sure it's the former, I've found various threads on here and none of them ever gets resolved.
     
  9. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    Try setting the following values in your NIC setup:
    IP Checksum Offload > Disabled
    TCP Checksum(ipv4/ipv6) Offload > Disabled
     
  10. probedb

    probedb Registered Member

    Joined:
    Sep 27, 2008
    Posts:
    32
    Location:
    Sheffield, UK
    Cheers, will give a go tonight. I've also just bought a proper managed switch so I'll see if that makes any difference first. Just wondering if the home gigabit switch i have is being rubbish and messing with stuff. It certainly causes speed sync issues.
     
  11. probedb

    probedb Registered Member

    Joined:
    Sep 27, 2008
    Posts:
    32
    Location:
    Sheffield, UK
    That worked so many thanks for that.

    What is the problem with them being enabled? I'm guessing it means the network card is doing the processing?

    But surely it means there's a bug in ESS if enabling it means the firewall screws up?
     
  12. probedb

    probedb Registered Member

    Joined:
    Sep 27, 2008
    Posts:
    32
    Location:
    Sheffield, UK
    Bring back to the top, this solution is no longer working. Turn off the Firewall and oo looky it works again.

    What is the point in a firewall that stops you copying files across a local network?
     
  13. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
Thread Status:
Not open for further replies.