IPB

Welcome Guest ( Log In | Register )

 
Reply to this topicStart new topic
> Exclusions
Florida Devs
post 1.06.2012 16:53
Post #1


Member
**

Group: Members
Posts: 14
Joined: 11.10.2011




So I went through the exclusions KB Microsoft and added the folders the rules and checked "include subfolders". It did specify certain files and file types but I can't figure out how to add these into the policy. HELP!
Go to the top of the page
 
+Quote Post
Karolis Surkus
post 1.06.2012 17:11
Post #2


Advanced Member I
***

Group: Members
Posts: 53
Joined: 16.05.2012
From: Surrey, United Kingdom




QUOTE(Florida Devs @ 1.06.2012 12:53) *
So I went through the exclusions KB Microsoft and added the folders the rules and checked "include subfolders". It did specify certain files and file types but I can't figure out how to add these into the policy. HELP!


Heya,

You need to be on Kaspersky Security Center 9 console, then open up a policy, go to General Protection Settings and in the right side click Settings... under Exclusions and trusted zones part. And there you go, you can add exclusions there.

Hope this helps.
Go to the top of the page
 
+Quote Post
Florida Devs
post 1.06.2012 18:06
Post #3


Member
**

Group: Members
Posts: 14
Joined: 11.10.2011




QUOTE(Karolis Surkus @ 1.06.2012 09:11) *
Heya,

You need to be on Kaspersky Security Center 9 console, then open up a policy, go to General Protection Settings and in the right side click Settings... under Exclusions and trusted zones part. And there you go, you can add exclusions there.

Hope this helps.


Correct and that's what I did ('%winDir%\SoftwareDistribution\Datastore\Logs' for example) but can't figure out how to specify the file types/specific files (Res*.log, Edb*.jrs, Edb.chk,Tmp.edb for the previous rule specifiec). I only see the option to exclude the entire folder and the option to exclude subfolders.
Go to the top of the page
 
+Quote Post
Jun1or
post 1.06.2012 18:48
Post #4


Member
**

Group: Members
Posts: 38
Joined: 27.03.2012
From: Leeds




You just type the file type instead of browsing (*.mdf or *.ldf) and that should do the trick.
Go to the top of the page
 
+Quote Post
Florida Devs
post 1.06.2012 19:58
Post #5


Member
**

Group: Members
Posts: 14
Joined: 11.10.2011




QUOTE(Jun1or @ 1.06.2012 10:48) *
You just type the file type instead of browsing (*.mdf or *.ldf) and that should do the trick.


1) Can the files or file type be added after the folder address?
2) Can multiple files or types be added after the folder address or must there be a rule for each?
Go to the top of the page
 
+Quote Post
Karolis Surkus
post 1.06.2012 20:12
Post #6


Advanced Member I
***

Group: Members
Posts: 53
Joined: 16.05.2012
From: Surrey, United Kingdom




QUOTE(Florida Devs @ 1.06.2012 15:58) *
1) Can the files or file type be added after the folder address?
2) Can multiple files or types be added after the folder address or must there be a rule for each?


1) Yes it can be. for example (%systemroot%\System32\CatRoot2\tmp.edb).
2) Hmm, you can exclude multipe files of the same type or of the same name. for example (%ProgramFiles%\Microsoft SQL Server\MSSQL\data\*.ndf) this will exclude all the .ndf files in that folder.

I hope any of this help....
Go to the top of the page
 
+Quote Post
lurker100
post 2.06.2012 02:08
Post #7


Member
**

Group: Members
Posts: 12
Joined: 2.06.2012




QUOTE(Florida Devs @ 1.06.2012 13:53) *
So I went through the exclusions KB Microsoft and added the folders the rules and checked "include subfolders". It did specify certain files and file types but I can't figure out how to add these into the policy. HELP!

You can choose to accept MS recommendations and Kaspersky recommendations to be automatically set up in the trsuted zone - Exclusion list, but a Word of Warning...

some of those inclusions are not correct! I've been going over and compiling a list of our Exchange and SQL servers (several versions in use, which will later be upgraded t the latest version, but unitl then I have to make sure I cover all the versions), and besides our customizations whihc placed the db files, log files, and trace files, etc. on different (but standard) drives/disks, the executables and other files are installed at the default locations, and the pahs differ slightly from version to version of each product. While a lot of the exlusions compiled by Kaspersky for automatic selection are correct, it is by no means 100% correct. For example, Exchange Server uses version no in the path, such as Program Files\ Exchange Server\v14\..... and usually you can use %ExchangeInstallPath% as the environment variable in place of "%ProgramFiles%\Exchange Server\v14\" whereas Kaspersky lists the some of the exclusions with only "%ProgramFiles%Exchange Server\"

So be careful if you have different versions of a product in use on different machines!
Go to the top of the page
 
+Quote Post
Testeur09
post 2.06.2012 17:59
Post #8


Advanced Member IV
******

Group: Members
Posts: 713
Joined: 14.10.2009




Kaspersky exclusions include pretty much all MS products and their default installation path, so they aren't very useful if you apply them directly. Better use them as a draft and add them manually to corresponding server policies.
Go to the top of the page
 
+Quote Post
Mikhail Kolobash...
post 6.06.2012 12:25
Post #9


Web services support engineer
*******

Group: KL Russia
Posts: 1010
Joined: 21.12.2009
From: Москва




Trusted zone file exclusion masks – examples
Go to the top of the page
 
+Quote Post

Reply to this topicStart new topic

 



Lo-Fi Version Time is now: 22.07.2014 22:42