Jump to content

Eset SSP 16.2.15.0 SSL/TLS rules "Duplicate item. The value is in conflict with another intem in the set."

Enrico
 Share

Recommended Posts

Enrico

Enrico 3

Posted
Posted

While trying to debug the firewall interactive rules issue I've encountered another problem: after creating a new ssl/tls application scan rule, when I edit the rule I recieve a "Duplicate item. The value is in conflict with another intem in the set." warning, even if there are no other rules.

If I edit the path of the executable the warning goes away, maybe Eset is treating "edit" a rule like "add" a rule and this cause the "duplicate item" warning? 

This problem also seems related to Eset updates, some weeks ago there were no warnings, but a month ago it was like today.

Anyone with the same problem? Is it a known bug?

Best regards.

 

eset_ssltls_duplicate-item3.jpg

Link to comment
Share on other sites
itman

itman 1,667

Posted
Posted

You're talking "apples vs. oranges" here.

SSL/TLS protocol Application scan rules relate to Eset Web Access protection and have nothing to do with the Eset firewall which is related to Eset Network protection.

Eset has posted previously in the forum that users are not to modify SSL/TLS protocol Application scan rules. These are maintained internally by Eset.

Link to comment
Share on other sites
  • Administrators
Marcos

Marcos 5,085

Posted
  • Administrators
Posted

While SSL/TLS application scan rules can be modified, the setting should be used as a last resort when tackling issues with specific applications that communicate over HTTPS.

Link to comment
Share on other sites
Enrico

Enrico 3

Posted
  • Author
Posted (edited)

@itman : while I was trying to debug the firewall I've checked all my settings, one by one, just to be sure that everything was OK, I know that the ssl/tls is not related to the firewall module. I use ssl/tls interactive, so add or edit rules is a must, some applications need scanning for better protection (browsers, downloaders), while other applications may have connection issues, so they must be ignored (often applications that use CEF for DRM or other needs, or browsers when websites require card reader device encrypted connection).

 

@Marcos: the screenshot was took with a clean installation and that was the only thing I've modified, now I've imported the previous Eset settings. Logs attached.

Best regards.

essp_logs.zip

Edited by Enrico
Link to comment
Share on other sites
  • Administrators
Marcos

Marcos 5,085

Posted
  • Administrators
Posted

You already have firefox.exe excluded so I received the same error when attempting to add it again:

image.png

 

I'd recommend keeping default settings. You have made several performance and process exclusions, automatic startup scan after update is disabled, scanning of removable media is disabled and most importantly, the essential LiveGrid reputation system is disabled as well. It's also important for Banking and payment protection to work:

image.png

Besides that, I'd recommend enabling also the ESET LiveGrid Feedback system for maximum protection.  Regular automatic update is set to a 3-hour interval instead of 1 hour.

Link to comment
Share on other sites
Enrico

Enrico 3

Posted
  • Author
Posted (edited)

As I previously said when I took the screenshot it was with a clean installation , only that rule was created, then the logs were built with my old settings, needed for a safe internet access. The problem is not a new rule creation, it's the warning when I open (edit) an existing rule. With the pre-azure signature version everything was OK.

Default settings don't offer the protection I need, for example if I do not add a performance exclusions for my professional CAD/CAM software, and relative file extensions, it slows down or crashes, since Eset is scannign the constant read/writes of temporary and backup files (1-10GB size), the same can be said for flight simulators or audio/video editors. Scanning of removable media is disabled because none has access to my computers and only my removable media is used. I'm not interested in Live Grids, Clouds or software that require costant network traffic, my pc's are offline most of the time. Every Banking protection I've tried only caused issues with my restrictive browser configuration.

2003-2023 whitout infections.

Edited by Enrico
Link to comment
Share on other sites
Enrico

Enrico 3

Posted
  • Author
Posted

V17.0.10.0 same issue: the only way to edit a rule is first delete the existing one, start the application requesting a ssl/tls connection and then saving a new auto/allow/ignore/ask rule.

 

btw: just for curiosity I'm also testing Grid and Browser protection, network traffic is less than I've expected and no browsing errors so far, so probably I'll leave them active.

Link to comment
Share on other sites
Enrico

Enrico 3

Posted
  • Author
Posted (edited)

From a clean ESSP installation:
01- set: Advanced setup - protections - SSL/TLS - SSL/TLS mode - Interactive.
02- start a browser and visit a website, in the Encrypted network traffic popup window select "Remember action for this application" and click on "Scan" button.

eset02.jpg
03- open: Advanced setup - protections - SSL/TLS - Application scan rules - Edit.
04- select the rule created for the browser and click "Edit"...

eset04.jpg

Edited by Enrico
Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...