Jump to content

My ESET does not acces live grid

Danutak
 Share
Go to solution Solved by itman,

Recommended Posts

Danutak

Danutak 3

Posted
Posted

This is constant after last update all ports udp/TCP ,  80,443,53535 are open the vpn is off still not updating,  What is going on,  Do not tell me to do the log ,  tried it does nto work for me,   Windows10 64 b

 

ESET CAN NOT REACH SERVVERS. .JPG

Link to comment
Share on other sites
Danutak

Danutak 3

Posted
  • Author
Posted (edited)
3 hours ago, itman said:

Perform this cloud connectivity test: https://www.amtso.org/feature-settings-check-cloud-lookups/. Eset should detect as shown in the below screen shot:

Eset_Cloudcar.thumb.png.0f980de94cd2ec7f0986d58105f84cdf.png

Yes it dl the cloud.exe. the same screen except the Tread removed .  I have no idea what it means,  but it is not all the time tat it is not accessing live grid,  Just few times a day ,  It should not do it .  Never before I had any problem with eset,  thank you very much

If you are able to download this file successfully, your anti-malware product is NOT configured correctly to use cloud-based resources, or DOES NOT conform to industry best practice. So what should I do now?

 

 

 

Edited by Danutak
Link to comment
Share on other sites
New_Style_xd

New_Style_xd 69

Posted
Posted
13 minutes ago, Danutak said:

Yes it dl the cloud.exe. the same screen except the Tread removed .  I have no idea what it means,  but it is not all the time tat it is not accessing live grid,  Just few times a day ,  It should not do it .  Never before I had any problem with eset,  thank you very much

If you are able to download this file successfully, your anti-malware product is NOT configured correctly to use cloud-based resources, or DOES NOT conform to industry best practice. So what should I do now?

 

 

 

It could also be that you are not connected to the internet, so it looks like that.

Link to comment
Share on other sites
  • Marcos changed the title to My ESET does not acces live grid
itman

itman 1,659

Posted
Posted
14 hours ago, Danutak said:

Yes it dl the cloud.exe. the same screen except the Tread removed . 

Sometimes it takes a few secs. for Eset to connect to its cloud servers and the detection alert to appear.

Repeat the AMTSO test but wait at least 10 - 20 secs. for the Eset alert to appear.

Link to comment
Share on other sites
  • Solution
itman

itman 1,659

Posted
  • Solution
Posted
19 hours ago, Danutak said:

This is constant after last update all ports udp/TCP ,  80,443,53535 are open the vpn is off still not updating,

Also make sure you haven't created any Eset custom firewall rule that conflicts with the default ekrn rule that allows all inbound and outbound traffic for ekrn.exe. Of note is ekrn.exe needs constant TCP access to port 8883.

Link to comment
Share on other sites
Danutak

Danutak 3

Posted
  • Author
Posted (edited)
7 hours ago, itman said:

Follow instructions given here: https://support.eset.com/en/kb3466-how-do-i-use-eset-log-collector .

thank you so much ,  How long it takes to generate the logs,  so far is gray and can not change It shows the filtered binary can not change to original binary from disk, or save it.  I changed first and it showed in my folder , I have no idea if that is what Marcos need .  Thank you for your link to tutorial

essp_logs.zip

Edited by Danutak
Link to comment
Share on other sites
Danutak

Danutak 3

Posted
  • Author
Posted
6 hours ago, itman said:

Also make sure you haven't created any Eset custom firewall rule that conflicts with the default ekrn rule that allows all inbound and outbound traffic for ekrn.exe. Of note is ekrn.exe needs constant TCP access to port 8883.

TCP port 8883 is open :) thank you,  you are kind and helpful.  I do appreciate it :)

 

Link to comment
Share on other sites
  • Administrators
Marcos

Marcos 5,069

Posted
  • Administrators
Posted
9 hours ago, Danutak said:

thank you so much ,  How long it takes to generate the logs,  so far is gray and can not change It shows the filtered binary can not change to original binary from disk, or save it.  I changed first and it showed in my folder , I have no idea if that is what Marcos need .  Thank you for your link to tutorial.

Unfortunately the uploaded file is 0 bytes in size. Please try uploading it again.

Link to comment
Share on other sites
Danutak

Danutak 3

Posted
  • Author
Posted

Yes the log collector does not work at all, but I had seen advice about port 8883, opened it and from this moment my software updates correctly. Maybe this was a problem,  It is updating for 12 hours with no problem

itman I think you  were right! Thank you so much

Link to comment
Share on other sites
Danutak

Danutak 3

Posted
  • Author
Posted
1 hour ago, SlashRose said:

itman is almost always right, is here the best man on forum.

He is a jewel in this forum,  I do appreciate help I always get here Thank you everyone

Link to comment
Share on other sites
itman

itman 1,659

Posted
Posted (edited)

What I beleive the issue here is you have created a bunch of custom firewall rules and they were interfering with required ekrn.exe network communication.

Note that Eset firewall rules are parsed from the rule set in top to bottom order. It is always best to always add custom rules at the bottom of the existing default rule set, which is done by default, unless you fully understand what you are doing. The only exception to this are unblocking rules created by the Eset Network wizard and when deploying those, best to review the rules created. Of note is these wizard created rules are permissive ones in that a possible firewall vulnerability could be created. 

Edited by itman
Link to comment
Share on other sites
Danutak

Danutak 3

Posted
  • Author
Posted
3 hours ago, itman said:

What I beleive the issue here is you have created a bunch of custom firewall rules and they were interfering with required ekrn.exe network communication.

Note that Eset firewall rules are parsed from the rule set in top to bottom order. It is always best to always add custom rules at the bottom of the existing default rule set, which is done by default, unless you fully understand what you are doing. The only exception to this are unblocking rules created by the Eset Network wizard and when deploying those, best to review the rules created. Of note is these wizard created rules are permissive ones in that a possible firewall vulnerability could be created. 

I thought it is solved , finally i got the log uploading now Thank you Itman  Maybe Marcos will see it , No I am not that knowledgeable.  I trust in software , that all.  I do not understand how exactly it works. Sorry :(

 

essp_logs.zip

Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...