RSX 0 Posted June 10, 2016 Share Posted June 10, 2016 Hello from Greece. I recently updated to the V9 version of your AV. My problem is that i cannot access many sites with HTTPS. I 've tried disabling SSL/TLS->restart->enable->restart but nothing. i've tried disabling the root certificate and nothing. I do not have this problem with V8 version. OS: Windows7 Home Premium 64bit On my other machine with windows 10 i do not have this problem. Thanks in advance. The sites i cannot access is for example(2 greek sites) https://www.cosmote.gr/ https://www.germanos.gr/ The first line :Το έγγραφο δεν περιέχει δεδομένα means that page does not contain data,as i can translate to english Link to comment Share on other sites More sharing options...
Administrators Marcos 5,242 Posted June 10, 2016 Administrators Share Posted June 10, 2016 Does the error occur with every https website? If you disable "Exclude communication with trusted domains" under Web and email -> SSL/TLS in the v9 setup, do you get the same error when you open www.google.com? If so, with all browsers and email clients closed disable SSL/TLS scanning and click OK. Then start logging with Process Monitor, re-enable SSL/TLS scanning, click OK and after approx. 10s stop logging. When done, save the log, compress it, upload it to a safe location and pm me the download link. Link to comment Share on other sites More sharing options...
RSX 0 Posted June 10, 2016 Author Share Posted June 10, 2016 i checked and i do not have any problems with internet explorer. Only chrome and firefox have this issue. i disabled what you mentioned and nothing changed. i'm starting to think its my browsers with the issue,some add-on maybe? i'm uploading the logfile, i hope i did the correct procedure. Link to comment Share on other sites More sharing options...
itman 1,743 Posted June 11, 2016 Share Posted June 11, 2016 (edited) For what it is worth, I cannot connect to either of those web sites in IE 11 running Win 7 x64, SP1 and I am using Eset ver. 8 w/SSL protocol scanning enabled. The error am getting from IE 11 relates to use of insecure cyphers. Both those web sites show a problem with the certificate pinning chain using the QUALS SSL server test. Two pinning paths are shown. One path pins correctly to the TRCA certificate. The other path does not. Edited June 11, 2016 by itman Link to comment Share on other sites More sharing options...
RSX 0 Posted June 11, 2016 Author Share Posted June 11, 2016 For what it is worth, I cannot connect to either of those web sites in IE 11 running Win 7 x64, SP1 and I am using Eset ver. 8 w/SSL protocol scanning enabled. The error am getting from IE 11 relates to use of insecure cyphers. Both those web sites show a problem with the certificate pinning chain using the QUALS SSL server test. Two pinning paths are shown. One path pins correctly to the TRCA certificate. The other path does not. the problem is that in my desktop running windows 10 and Nod32 V9,i do connect to those webpages with no problem. Also,i re-installed V8 and by default SSL/TLS scanning is off and thats why i did not knew about that issue. Anyway,i will be away from my computer for 3-4 days,as i informed marcos,i will proceed with his instructions after i return. Link to comment Share on other sites More sharing options...
itman 1,743 Posted June 11, 2016 Share Posted June 11, 2016 Appears the web sites in question only support TLS 1.0 protocol. I enabled that in IE 11 and could connect to the two web sites w/o issue with SSL protocol scanning enabled in ver. 8. Problem appears to be with Firefox. Don't know why since FF supports TLS protocol 1.0. I suggest you temporarily disable SSL protocol scanning on your Win 7 box with Eset ver. 9 and Firefox installed. If you still can't connect to the sites on that box with Eset's SSL protocol scanning disabled, then it is not the issue. The issue is with Firefox. Link to comment Share on other sites More sharing options...
RSX 0 Posted June 12, 2016 Author Share Posted June 12, 2016 Appears the web sites in question only support TLS 1.0 protocol. I enabled that in IE 11 and could connect to the two web sites w/o issue with SSL protocol scanning enabled in ver. 8. Problem appears to be with Firefox. Don't know why since FF supports TLS protocol 1.0. I suggest you temporarily disable SSL protocol scanning on your Win 7 box with Eset ver. 9 and Firefox installed. If you still can't connect to the sites on that box with Eset's SSL protocol scanning disabled, then it is not the issue. The issue is with Firefox. I have it disabled and i can connect to those pages without a problem. When i return,i will try a new profile as marcos suggested and see what happens. Without SSL/TLS protection i assume i have a lower protection with my AV,right? Link to comment Share on other sites More sharing options...
itman 1,743 Posted June 12, 2016 Share Posted June 12, 2016 (edited) Referring to the original message displayed by Firefox: The page you are trying to view cannot be shown because the authenticity of the received data could not be verified I believe this is the issue with Firefox: The website may try to fallback to TLS 1.0 in a way that is no longer allowed in current releases or may be using a deprecated cipher suite. You can open the about:config page via the location/address bar and use its search bar to locate this pref: •security.tls.insecure_fallback_hosts You can double-click the line to modify the pref and add the full domain (www.planet.snb.ca) to the value of this pref. If there are already websites (domains) in this list then add a comma and the new domain (no spaces).You should only see domains separated by a comma in the value column. Ref.: https://support.mozilla.org/en-US/questions/1058856 Possible that Eset SSL protocol scanning in ver. 9 is causing a fallback to TLS 1.0? The Quals SSL Server test indicates for the connection to the two web sites in question, the TLS protocol supported is 1.2 for all Firefox versions. Also of note is that one of those web sites, https://www.germanos.gr/ , is indeed using insecure RC 4 TLS cyphers. As a work around for Eset ver. 9, you could try to add those two web sites as exclusions in Firefox as noted above with SSL protocol scanning enabled and see if that resolves the connection issue. Edited June 12, 2016 by itman Link to comment Share on other sites More sharing options...
RSX 0 Posted June 18, 2016 Author Share Posted June 18, 2016 So,even with a clean profile, i have the same issues. My desktop with windows 10 and V9 can gain access to those webpages with no problem. Internet explorer with SSL/TSL scanning on can access those websites also in my win7 laptop. Link to comment Share on other sites More sharing options...
itman 1,743 Posted June 18, 2016 Share Posted June 18, 2016 So,even with a clean profile, i have the same issues. My desktop with windows 10 and V9 can gain access to those webpages with no problem. Internet explorer with SSL/TSL scanning on can access those websites also in my win7 laptop. Did you add those two web sites as TLS fallback exceptions exceptions in FireFox as I previously posted? Link to comment Share on other sites More sharing options...
RSX 0 Posted June 18, 2016 Author Share Posted June 18, 2016 So,even with a clean profile, i have the same issues. My desktop with windows 10 and V9 can gain access to those webpages with no problem. Internet explorer with SSL/TSL scanning on can access those websites also in my win7 laptop. Did you add those two web sites as TLS fallback exceptions exceptions in FireFox as I previously posted? No,not yet,i will do it asap. i am still wondering why my desktop can access those websites with firefox/chrome without problems and my computer cannot. Only Internet explorer in my system has access to those with scanning enabled. THANKS for the replies and the help,forgot to mention it Link to comment Share on other sites More sharing options...
itman 1,743 Posted June 19, 2016 Share Posted June 19, 2016 i am still wondering why my desktop can access those websites with firefox/chrome without problems and my computer cannot. Only Internet explorer in my system has access to those with scanning enabled. Your desktop OS is Win 10 and the other computer OS is Win 7. It is a given that there will be differences in how Firefox operates on different OSes. Also, there will be differences in how cryptography is performed on different OSes. Finally, there is the possibility of an issue with Eset's SSL protocol scanning when using Firefox running under Win 7. However, I don't recall seeing anything to that effect posted in this forum. Most of the issues with Eset's SSL protocol scanning have been with Chrome. Is your version of Firefox running on Win 7 the most current version? I do know that when I connect in IE 11 in Win 7 to the two web sites in question, the connection is made using TLS 1.0. Since the web sites in question support TLS 1.2, this indicates to me a significant protocol downgrade is occurring; most likely from the cyphers the web sites are using. What I believe is occurring in your situation is that when you connect to the web sites using Win 10, the Firefox connection is being made at TLS 1.2 or 1.1. When you connect to the same web sites using Win 7, the Firefox connection is being made at TLS 1.0. Link to comment Share on other sites More sharing options...
RSX 0 Posted June 19, 2016 Author Share Posted June 19, 2016 Is your version of Firefox running on Win 7 the most current version? Yes. Firefox Version 37 32bit. So should i return to V8 or stay to V9? i installed V8,in the previous days and saw that the ssl/tls scanning is off by default. Should i test the behaviour of V8 ? or should i leave scanning off and keep surfing like nothing happened? Link to comment Share on other sites More sharing options...
itman 1,743 Posted June 19, 2016 Share Posted June 19, 2016 Is your version of Firefox running on Win 7 the most current version? So should i return to V8 or stay to V9? i installed V8,in the previous days and saw that the ssl/tls scanning is off by default. Should i test the behaviour of V8 ? I use ver. 8 because I had issues with my custom HIPS rules in ver. 9. I did have ver. 9 installed a couple of times. What I did notice in ver. 9 was what I would call "inconsistent behavior" from SSL protocol scanning. For example, some web sites would be auto excluded from scanning only to scanned at other times upon access. These inconsistencies do not exist with ver. 8. Do note that you have to manual exclude web sites from SSL protocol scanning in ver. 8 such as your banking web sites. Also, there is no keyloggging or banking mode protection in ver. 8. The above said, you can install ver. 8 on your Win 7 PC. Then enable SSL protocol scanning. Then access the two web sites in question using Firefox. If you can connect w/o issue, then it is safe to state that there is an issue with ver. 9 SSL protocol scanning when using Firefox on Win 7. Link to comment Share on other sites More sharing options...
RSX 0 Posted June 19, 2016 Author Share Posted June 19, 2016 Is your version of Firefox running on Win 7 the most current version? So should i return to V8 or stay to V9? i installed V8,in the previous days and saw that the ssl/tls scanning is off by default. Should i test the behaviour of V8 ? Do note that you have to manual exclude web sites from SSL protocol scanning in ver. 8 such as your banking web sites. Also, there is no keyloggging or banking mode protection in ver. 8. why should i exclude? there are problems? my connection is 100% secure over wifi on my laptop,password protected with 12 characters and wpa2 lock. i will try and see what Ver.8 does with ssl/tls scanning enabled. Link to comment Share on other sites More sharing options...
RSX 0 Posted June 19, 2016 Author Share Posted June 19, 2016 So,i tested with Ver.8 and ssl scan on(settings->advanced settings->internet and email->protocol filtering->SSL ->always scan) i can access those 2 websites w/o any problem. i'm staying once more with Ver.8 i think. Link to comment Share on other sites More sharing options...
Recommended Posts