Jump to content

Archived

This topic is now archived and is closed to further replies.

FadeMind

EIS SSL scanner blocking Amazon CDN servers Github

Recommended Posts

3 hours ago, FadeMind said:

But uploading still not. 

Makes sense.

The prior screen shots you posted showed proxy ports used by AdGuardSvc.exe. Appears this process, Adguard_7.1.2817.0.exe, is using different ports. You will have to find out what those ports are and exclude those as well from Eset's HTTPS ports specification. Likewise, this same process will have to be repeated for any additional conflicting Adguard process.

Also note that the more ports excluded from Eset's HTTPS ports specification, the higher the likelihood that that SSL/TLS MITM interception could occur.

Share this post


Link to post
Share on other sites

You can also try to set Adguard_7.1.2817.0.exe to "Ignore" status in Eset's list of SSL/TLS filtered applications.

I suspect why this didn't work for AdGuardSvc.exe is because it is actually running as a svchost.exe instance.

Share this post


Link to post
Share on other sites

Dear @itman but Adguard_7.1.2817.0.exe it is just sample download file (in this case INSTALLER) 

 

Share this post


Link to post
Share on other sites
6 minutes ago, FadeMind said:

Dear @itman but Adguard_7.1.2817.0.exe it is just sample download file (in this case INSTALLER) 

You have to start reasoning out things on your own.

It doesn't matter what the .exe is. It is obviously performing some Internet activity and doing so by proxy port means. As it stands right now, Eset's SSL/TLS protocol scanning will not allow that proxy activity to occur unless port exceptions are created.

Share this post


Link to post
Share on other sites

@FadeMind Do you have enabled this setting in AdGuard: Network - Use WFP network driver ?
If so, could you try to reproduce the issue with it disabled?

Share this post


Link to post
Share on other sites
2 hours ago, Posolsvetla said:

@FadeMind Do you have enabled this setting in AdGuard: Network - Use WFP network driver ?
If so, could you try to reproduce the issue with it disabled?

Tried, nothing change. 

Share this post


Link to post
Share on other sites
On 8/5/2019 at 10:07 AM, FadeMind said:

Dear @itman but Adguard_7.1.2817.0.exe it is just sample download file (in this case INSTALLER) 

Again, open Eset's network connection monitoring tool and determine what port connections are being used as you did previously for AdGuardSvc.exe and exclude those ports in Eset's HTTPS ports used section.
 

Share this post


Link to post
Share on other sites

There might be an easier way to resolve your Adguard issues without excluding any ports in Eset's HTTP ports list.

In Chrome or FireFox, export Adguard's certificate to your desktop. A .cer file should be created.

Open Eset's GUI and navigate to SSL/TLS section -> List of known certificates - Edit. Click on the Add tab. Click on the File tab. Locate the prior saved Adguard cert. on the desktop by clicking on shown dots. Click on the OK tab.

At this point, Eset should show the imported Adguard cert. details. Set Access action to Allow. Set Scan action to Ignore. Click on the OK tab and any OK displayed thereafter to save you changes.

Note/save your prior Eset's HTTPS ports list setting and reset to default setting; i.e. 443, 0-65535. Click OK to save your changes. Now test. Hopefully, there will be no further issues between Eset and Adguard. If there are, delete the Adguard cert. in Eset and reset Eset's HTTPS ports list to what they were previously.

Note: This Eset cert. exception is only valid as long as Adguard's cert. remains unchanged. If Adguard starts using a different cert., you will have to repeat the above procedure again for the new cert. and also at the same time delete the old cert..

Share this post


Link to post
Share on other sites
4 hours ago, itman said:

There might be an easier way to resolve your Adguard issues without excluding any ports in Eset's HTTP ports list.

I made this BEFORE creating this thread.

 

Share this post


Link to post
Share on other sites
8 hours ago, FadeMind said:

I made this BEFORE creating this thread.

Then something is not quite right here. This most certainly should have worked for AdguardSvc.exe communication. Did you delete all Adguard .exe's listed in Eset's SSL/TLS "List of SSL/TLS filtered applications" which I forgot to mention?

As far as running Adguard's installer on another network device, etc., there will be a problem. This is because and assumed Adguard's self-signed cert. is unique per installation. I assume part of the install process will update Firefox and Chrome root CA certificate store and the like at some stage in the installation. Also assumed is this output HTTPS proxy communication Adguard is performing occurs early in the installation process. As such, I really see no way how the needed Adguard cert. can be extracted from the browser since I assume the installer never progressed to this point. You might ask Adguard if there is a way to export its cert. prior to or during the early stages of the installation process.

Share this post


Link to post
Share on other sites

Adguard ROOT Cert is available always as FILE:
C:\ProgramData\Adguard\SSL\Adguard Personal CA.cer 

Share this post


Link to post
Share on other sites
On 8/8/2019 at 9:13 AM, FadeMind said:

Adguard ROOT Cert is available always as FILE:
C:\ProgramData\Adguard\SSL\Adguard Personal CA.cer 

I assume that file only exists after Adguard has been installed.

Also, you can't import that certificate into Eset on another device on which both Adguard and Eset is installed on. This is because the private keys won't match. The specific Adguard cert. created from device's Adguard installation must be imported to the same device's Eset installation.

What might work for the Adguard installer is to exclude that .exe from Eset SSL/TLS protocol scanning prior to running it. And again if it is prior listed in SSL/TLS "List of SSL/TLS filtered applications," delete it prior to running the .exe.

Share this post


Link to post
Share on other sites

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...