Jump to content

Recommended Posts

Posted

Hello Everyone!

 

I'm trying to create an  AIO installer to deploy it through GPO.

I did the creation of the package into ERA Web Console. however, when i try to download it (32 or 64bits) the popping screen stucks on 0%.

image.png.ac90ba185fe161875cb8538a758f25f4.png

My repository settings is setted to "AUTOSELECT" and no HTTP Proxy used. 

My firewall says that there's no blocking to ESET repository urls.

 

Do you have any tip ?

 

Thanks!

  • Administrators
Posted

Would it be possible at least temporarily to allow the ESMC server to connect to any IP address / host? If ESMC was connecting to a CDN and you have access restricted to the addresses listed in the appropriate KB, then it might not work.

Posted
38 minutes ago, Marcos said:

Would it be possible at least temporarily to allow the ESMC server to connect to any IP address / host? If ESMC was connecting to a CDN and you have access restricted to the addresses listed in the appropriate KB, then it might not work.

I just saw a IPS entry here, regarding this destination 91-228-167-25.ptr.eset.com

It's dropping because it says that has a MS.PowerPoint.Malformed.Records.Code.Execution Attack.

Don't know what do do in this case.

The ERA server has unlimited access to the internet but it has IPS rules.

 

 

 

  • Administrators
Posted

Looks like a false positive which should be investigated by Fortinet. Is it possible to define exception in the IPS? Fortinet fw is also known to corrupt bigger update files as demonstrated at https://forum.eset.com/topic/17535-eset-corrupted-file/. We reached out to the vendor and they suggested we ask affected users to contact their support and provide the serial number of the device.

Posted
12 minutes ago, Marcos said:

Looks like a false positive which should be investigated by Fortinet. Is it possible to define exception in the IPS? Fortinet fw is also known to corrupt bigger update files as demonstrated at https://forum.eset.com/topic/17535-eset-corrupted-file/. We reached out to the vendor and they suggested we ask affected users to contact their support and provide the serial number of the device.

Hello Marcos! I just removed the IPS and it worked!

Thanks for the quick answers! It helped me a lot! Additionally, I will contact Fortinet to see if they fix this for us too. (thanks for this too)

 

  • ESET Staff
Posted
3 hours ago, RafaelAraujo said:

Hello Marcos! I just removed the IPS and it worked!

Thanks for the quick answers! It helped me a lot! Additionally, I will contact Fortinet to see if they fix this for us too. (thanks for this too)

Could you please specify version of ERA/ESMC Server you are using? Just to verify that this is the same problem we have been reported recently, where only x64 installer of ERA Agent 6.5.522.0 was affected.

Regarding the issue as is, it is currently investigated, but what we know for sure is that no ppt/pptx file is included in our installer, so it seems to be false-positive, but not yet confirmed.

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...