Jump to content

Eset endpoint security blocking Spiceworks


Guest Cornel

Recommended Posts

Hey guys

I just deployed Eset endpoint security in my network, and since Spiceworks cannot connect to the terminals anymore.

I created a general rule to allow connections from my server, that is running spiceworks on, to port 135 (this is the port spiceworks connects to) but when the server tries to connect and scan client it get blocked by firewall with "detected port scanning attack" Firewall on clients is set to "Automatic with user created rules".

Can anyone help?

Link to comment
Share on other sites

Are you sure its a direct connection from the Server ?

I would also be interested in knowning what protocols.

 

Have a look at this article Cornel !

 

hxxp://community.spiceworks.com/help/Is_My_Firewall_Software_Getting_In_The_Way%3F

 

Nice to meet you sir, and let me know if you need some assistance configuring firewall, AFTER you have read above article !

 

:)

 

Looks like you need all these exclusions set on host, or on your server :

  • C:\Program Files\Spiceworks\httpd\bin\spiceworks-httpd.exe
  • C:\Program Files\Spiceworks\bin\nmap.exe
  • C:\Program Files\Spiceworks\bin\spiceworks.exe
  • C:\Program Files\Spiceworks\bin\spicetray.exe
  • C:\Program Files\Spiceworks\bin\spiceworks-finder.exe
  • C:\Program Files\Spiceworks\pkg\gems\spiceworks_common-x.x.xxxxx\nbtscan\nbtscan.exe
  • and fill spiceworks directory.

 

Good information in that article i posted !! :)

Edited by Arakasi
Link to comment
Share on other sites

  • ESET Moderators

Hello Cornel,

 

in case you are getting detected port scanning attack you need to exclude IP address(es), from which you are getting the attack from IDS as far as these rules are evaluated even before the firewall rules.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...