Jump to content

Eset endpoint security blocking Spiceworks


Recommended Posts

Posted

Hey guys

I just deployed Eset endpoint security in my network, and since Spiceworks cannot connect to the terminals anymore.

I created a general rule to allow connections from my server, that is running spiceworks on, to port 135 (this is the port spiceworks connects to) but when the server tries to connect and scan client it get blocked by firewall with "detected port scanning attack" Firewall on clients is set to "Automatic with user created rules".

Can anyone help?

Posted (edited)

Are you sure its a direct connection from the Server ?

I would also be interested in knowning what protocols.

 

Have a look at this article Cornel !

 

hxxp://community.spiceworks.com/help/Is_My_Firewall_Software_Getting_In_The_Way%3F

 

Nice to meet you sir, and let me know if you need some assistance configuring firewall, AFTER you have read above article !

 

:)

 

Looks like you need all these exclusions set on host, or on your server :

  • C:\Program Files\Spiceworks\httpd\bin\spiceworks-httpd.exe
  • C:\Program Files\Spiceworks\bin\nmap.exe
  • C:\Program Files\Spiceworks\bin\spiceworks.exe
  • C:\Program Files\Spiceworks\bin\spicetray.exe
  • C:\Program Files\Spiceworks\bin\spiceworks-finder.exe
  • C:\Program Files\Spiceworks\pkg\gems\spiceworks_common-x.x.xxxxx\nbtscan\nbtscan.exe
  • and fill spiceworks directory.

 

Good information in that article i posted !! :)

Edited by Arakasi
  • ESET Moderators
Posted

Hello Cornel,

 

in case you are getting detected port scanning attack you need to exclude IP address(es), from which you are getting the attack from IDS as far as these rules are evaluated even before the firewall rules.

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...