Smart Security Firewall and FileZilla FTP Client fails

Discussion in 'ESET Smart Security' started by Diddeleedoo, Feb 12, 2010.

Thread Status:
Not open for further replies.
  1. Diddeleedoo

    Diddeleedoo Registered Member

    Joined:
    Feb 12, 2010
    Posts:
    4
    This may be in relation to the latest WinXP updates, as I now have partial and complete failure with FileZilla FTP Client (latest) and connect to FTP servers.

    Solution found for now. Disable Eset Smart Security Firewall :mad:

    Error log, says something like.. No rule for this & ftp address.

    Have tried Learning mode, but the Learning mode does not catch what happens. Tried Auto with the exception of all ports available to the FTP server address and local. This helped a bit.. but FTP performance is poor, meaning a lot of failures during transfers, zero byte uploads, timeouts etc.

    Without firewall activated, the FTP performance is excellent.

    Believe some of those default system configuration settings for things like Generic Host Process.. etc are involved, but I really don't know.

    Bummer is that I've paid for 2 or 3 years for this program and I find it weird that basic things like FTP fails.. in both Active and Passive mode.
     
  2. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,376
    Please continue as follows:
    - enable logging of all blocked connections in the IDS setup
    - reproduce the issue
    - disable logging of all blocked connections
    - post here the relevant entries with information about blocked connections from the firewall log
     
  3. Diddeleedoo

    Diddeleedoo Registered Member

    Joined:
    Feb 12, 2010
    Posts:
    4
    Thank you for your reply Marcos.

    I was trying various ways to produce some good data to put the a finger on. Ended up seeing the FTP server being blocked by self defense by IDS in the log. Carried on trying various things and ended up with a corrupt firewall.

    Solution for now, uninstall, and reinstall of Smart Security (in process)..

    Would like to mention that I have a WinXP netbook with the latest Smart Security and FileZilla. This netbook does not do automatic updates from MS and show no signs of trouble. This gives me hope that now with a clean reinstall of Smart Security, I should be back to trouble free operation. Will report back here if not.
     
  4. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,376
    Self-defense only protects ESET's files and registry keys, it neither affects other applications nor logs information to the firewall log.

    Please post here the relevant entries from the firewall log.
     
  5. Diddeleedoo

    Diddeleedoo Registered Member

    Joined:
    Feb 12, 2010
    Posts:
    4
    Now have reinstalled and view the log while doing FTP.

    Time: 15/02/2010 8:27:57 AM
    Msg: Packet blocked by active defense (IDS)
    MyInternetAddress, Port# 1119
    FTPServerAddress, no port given
    Protocol: TCP

    See alg.exe under %windir%\system32\alg.exe and \filezilla.exe have connection to the FTP server.
    I get contact with the FTP server, but unsure yet if I will have to deal with a unreliable connection.
     
    Last edited: Feb 15, 2010
  6. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,376
    It looks like a non-standard communication, packets are not blocked by IDS otherwise. As a workaround, try adding the remote IP address to the list of addresses excluded from active protection (IDS) in the zone setup.
     
  7. Diddeleedoo

    Diddeleedoo Registered Member

    Joined:
    Feb 12, 2010
    Posts:
    4
    Magic! No more errors in the log, and I see the FTP speed is excellent.

    See the FTP server is an Unix vsFTPd 2.0.6 who only accepts Active connections.

    Thank you so very much Marcos
     
Thread Status:
Not open for further replies.