ess & rdp

Discussion in 'ESET Smart Security v3 Beta Forum' started by kC_, Apr 6, 2007.

Thread Status:
Not open for further replies.
  1. kC_

    kC_ Registered Member

    Joined:
    Apr 6, 2007
    Posts:
    452
    installed beta 1 today
    was previously using nod32 2.7 & outpost v3.51 (removed both & rebooted, then did a quick regcleanup..

    ess seems to be working nicely, very quick & smooth... except i cant get inbound remote RDP to work

    it doesnt prompt me that a connection is trying to be made.. i also tried manually making a rule for svchost.exe to allow TCP port 3389 (from my work IP address)

    if i disable ess it works ok.. (so port forwarding in the router is correct)

    but ess isnt logging the activity either.

    if i switch the firewall mode to automatic... i can see in the firewall log that my work ip:3389 has "no rulespecified" so its blocked
    why doesnt it prompt me ? instead its just blocking it.

    have used rdp for the last 3-4 years and never had such problems..

    p.s its a fresh instal of ess, the only other rules at the moment are for firefox & thunderbird (working fine)

    cheers
    kC
     
    Last edited: Apr 6, 2007
  2. kC_

    kC_ Registered Member

    Joined:
    Apr 6, 2007
    Posts:
    452
    oh and another problem..

    i use a program called tversity which streams music & images to my xbox360..

    ess again hasnt prompted for this application... its just blocking it..
    manual rules i try to set up dont work
     
  3. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    So you are not prompted to allow communication in interactive filtering mode even if there is no rule defined?
     
  4. wch_net

    wch_net Registered Member

    Joined:
    Apr 6, 2007
    Posts:
    3
    I got my RDP working:

    -Switch to Interactive Mode in Firewall module.
    -Initiate a RDP connection to the host with ESS
    -A ESS prompt would appears! Select create a rule.

    Or add a rule in the config screen.
     
  5. kC_

    kC_ Registered Member

    Joined:
    Apr 6, 2007
    Posts:
    452
    correct
     
  6. oldo

    oldo Registered Member

    Joined:
    Mar 22, 2007
    Posts:
    5
    Same thing here, even in interactive mode, with my subnet added to Trust Zone.

    What is needed is an entry in "IDS and Advanced Options", which allows RDP from trusted zones by default.

    ..and for those who's ever tried installing a firewall on a remote PC over RDP, it would be nice to include an option in setup which allows RDP from any host until a policy has been applied to it specifically, by an Administrator!
     
  7. kC_

    kC_ Registered Member

    Joined:
    Apr 6, 2007
    Posts:
    452
    was this a remote session or a session within your lan?

    lan is ok here.. remote not
     
  8. oldo

    oldo Registered Member

    Joined:
    Mar 22, 2007
    Posts:
    5
    For me it was over the LAN. I had to specifically allow port 3389 to the trusted networks zone for it to allow me in.
     
  9. kC_

    kC_ Registered Member

    Joined:
    Apr 6, 2007
    Posts:
    452
    ok i managed to fix it..

    i had acronised back to normal setup for a few days, but wanted to try again

    but this time during setup i chose "interactive mode" for the firewall...
    doing it this way i now saw that there is only 1 predefined rule
    "all tcp/udp activity = ask"

    whereas before during instal i had left it automatic, then changed to interactive mode after...
    (this meant there was lots of predefined rules that couldnt be edited)

    so rdp is working fine... but i still cant get my xbox360 working..
    in the firewall log
    "detected ARP cache poisoning attack"
    "incorrect ip packet checksum"
    "communication denied -
    source = 127.0.0.1 & 192.168.0.x
    target = 239.255.255.250

    in the firewall advanced options i had set "enable unpnp for trusted zone"

    can anyone explain why its blocking it and how i can create a rule to fix that?

    server ip - 192.168.0.1 (255.255.255.0)
    xbox ip - 192.168.0.9 (255.255.255.0)

    for some reason the upnp rule uses 127.0.0.1 (239.255.255.250)
    and the application/server needs UDP port 1900


    cheers
     
  10. oldo

    oldo Registered Member

    Joined:
    Mar 22, 2007
    Posts:
    5
    OK, well the problem still remains for me, as i chose the interactive option during install to start with.

    It works, after including those settings i assigned below, but i would be pretty screwed had i not physical access to the machine on which i installed it via RDP.
     
  11. Tomas

    Tomas Eset Staff Account

    Joined:
    May 2, 2003
    Posts:
    216
    Hi

    It should be there now

    Tomas
     
Thread Status:
Not open for further replies.