Problem with ESS Firewall Configuration

Discussion in 'ESET Smart Security' started by Elray, Feb 2, 2008.

Thread Status:
Not open for further replies.
  1. Elray

    Elray Registered Member

    Joined:
    Oct 10, 2004
    Posts:
    95
    Location:
    Rural Queensland, Australia
    Hi all,

    Hope someone can help me with this as I am not at all sure where to go or what to do.

    I prefer to use the firewall in Interactive mode but I have noticed that I cannot access the Microsoft update website unless I revert to Automatic.

    The error code I receive gives advice to reconfigure the firewall by adding the following urls to the exception list within the firewall:

    http://*.update.microsoft.com
    https://*.update.microsoft.com
    http://download.windowsupdate.com

    I cannot work out how to do this from the documentation. I must be missing the point somewhere. Any help would be appreciated.

    Elray o_O
     
  2. ASpace

    ASpace Guest

    The above means that in Interactive mode you have blocked svchost.exe or your browser . In order to update Windows' svchost.exe (a legitimate Microsoft process) must be allowed for outgoing communication .

    In Automatic mode , all your rules in Interactive mode are ignored and ESS automatically allows svchost.exe , so you can access Microsoft update sites.
    Your browser is allowed ,too .

    In Interactive mode , your rules are applied and thus the site is blocked.



    Open the user interface (GUI) . Enter the Advanced Setup Tree (F5)

    1. Navigate to Personal Firewall. Choose Interactive Mode

    2. In Personal firewall -> IDS and advanced options , enabled logging . Press OK.

    3. Open Personal firewall > Rules and zones > Zone and rule setup
    Choose "Toggle detailed view of all riles" (if already not set to this)
    Press Apply button now.

    Check all the default rules of ESS (make sure they have checkmark - tick next to them)

    Delete all your rules (right click them -> Remove) about browser communication or about svchost.exe

    Start creating new rule (use the button called "New")

    Name : your choice
    Direction : Out
    Action : Ask
    Protocol : TCP & UDP

    Additional action:
    check Log


    In Local tab - just add the application using the Browse button. You must find where svchost.exe is located . It is located in C:\WINDOWS\system32\

    In Remote tab - don't touch.

    Confirm with OK . Press Apply button.


    Now try to update or access Windows Update from Start -> Windows Update . ESS will pop-up asking you to allow comunication , allow it and press Remember (create rule).
     
  3. Elray

    Elray Registered Member

    Joined:
    Oct 10, 2004
    Posts:
    95
    Location:
    Rural Queensland, Australia
    Thanks Hi Tech,

    I was hoping somebody with your knowledge would notice my post.

    You were right (of course). I thought I had enabled all svchost.exe in the appropriate manner but I must have denied one instance.

    All seems to be well now after applying your fix.

    Once again, many thanks for taking the time.

    Elray:thumb:
     
  4. ASpace

    ASpace Guest

    You are welcome
     
Thread Status:
Not open for further replies.