Jump to content

jbwisemo

Members
  • Content Count

    12
  • Joined

  • Last visited

About jbwisemo

  • Rank
    Candidate
  1. Yes, I found the English KB, but the visual layout (same in Russian) made me think the only KSWS10 content was the few KB articles listed on the right, not the other pages on the left-hand menu. Having now browsed those pages, it seems KSWS10 still contains a lot of the desktop stuff that can get in the way on a server. Also I note from article 12784 that two server-oriented protection features (file integrity and log inspection) are not licensed in most of the multi-platform license bundles, only in standalone licenses, which seems a bit weird.
  2. Thanks for the link to the Russian knowledge base page for KSWS10. I can't find the page with product details though (general web search finds only resellers etc.). Thus I wonder about system requirements, system overhead, if it can be easily configured to not interfere with operations, etc.
  3. We already use KES on most workstations and some servers, I wonder if there is now a KES 11 variant appropriate for installation on busy web servers, where millisecond response times matter (so can't have the on-access scanner suddenly running a 5 second scan on a legitimate file someone is downloading, or on some server essential database/log) but still a desire to quickly detect if the server is compromised either as a system compromise (remote code execution) or by planting malicious content for attacking visitors? Similarly, we can't have scheduled scans slowing the server to a crawl at any time by consuming most disk, CPU or other capacity (everything is 24x7x365). I'm about to do the annual license renewal, and this affects the number of licenses to buy.
  4. As I said, there are other reports if you search for it. They usually complain that IPv6 ping doesn't work. Steps to test/reproduce: 1. Set up a test machine running Windows 8.1 (not 10, not 7) on an IPv6 network with actual routers to elsewhere. 2. Set up the ability to capture outgoing traffic from the test machine at the lowest possible level (e.g. with WireShark) 3. Without Kaspersky software installed, use the Windows ping command to ping an IPv6 address that needs to go via a router (i.e. not on the same network segment). 4. The outgoing ICMPv6 echo request packet should not contain a "hop-by-hop" element (shown inside the IPv6 header in WireShark 2.x) (or at least it should contain one with harmless content). 5. Install Kaspersky software and reboot. 6. Do the same ping again. 7. The outgoing ICMPv6 now contains a new (or changed) hop-by-hop header. The added hop-by-hop header is the problem as it confuses 3rd party routers.
  5. The behavior described in that thread, in particular in Egor Kurnev's comment, also happen in KES 10 SP2 mr1 (and in KES 10 SP1 mr4), exactly as described there. Specifically, when a Windows 8.1 machine with KES 10 sends out an ICMPv6 Echo Request (ping), an unfortunate interaction between Kaspersky and Microsoft firewall code causes that ping packet to be incorrectly prefixed with an extra "hop-by-hop" router options IPv6 header, which in turn causes some 3rd party public Internet routers to not route the packet to its destination. There are multiple threads all over the forum about this issue, most of them derailed by irrelevant details. That particular thread seems to be the one that most clearly describes the root cause of how that extra header is added to the ICMPv6 packet. In particular the thread points to klwfp.sys, which is also included in KES 10. File version of klwfp.sys (x64) is 12.0.0.11 on one machine and 13.0.0.20 on another.
  6. The bugfix described for home users in is still not included in KES 10.3.0.6294 (SP2 mr1), and is not mentioned in the release notes for KES11 RC. When will this IPv6 compatibility bugfix (awaited by multiple customers for years) be available for KES users? Note, that according to the thread this only affects Windows 8.1 and maybe Windows 8.0 machines Please refer to the referenced thread for acknowledgement of the root cause by Egor Kurnev, way back in 2015! (comment 2450523). Note that the routers he suggested upgrading are the routers on the public Internet provider networks, nothing that Kaspersky customers can change.
  7. Due to other issues, I sometimes pause protection on an XP VM running KES 10.2.5.3201 (mr3). (Those issues are a different topic). I have recently observed some cases where KES unpauses itself (or gets unpaused by something unknown) long before the specified time. This doesn't happen every time (with the same timeout), so it seems not to be some hidden limit on the maximum pause time. KSC licensed, but not deployed. Wonder what is going on...
  8. Thanks for the hint, it was not clear if the App was the same for corporate and home licenses. :dash1: I downloaded the "KES 8" apk you pointed me to and copied both it and the .key file to the phone, but when I tried to install it, it insisted that it could only be activated by downloading a profile from the admin server. :ireful3: As I wrote, I do not use the admin server for many reasons, one being that it requires an insecure firewall and server setup to work with out-of-lan computers, another that it is just horribly hard to install (like the docs saying it supports Server 2008 Core and not mentioning anywhere near that claim that it doesn't support Server 2008 R2 Core). At one point I almost got it working, but found that many things just didn't work with our network security (for instance, not all machines allow remote access via SMB, not all users are untrusted, etc.). So is there a way to install a corporate licensed KMS/KES for Android without that admin server? Or do we have to purchase an extra "home" license for each device?
  9. :bt: Hello, :bz: We have a license for Kaspersky Open Space Security, which includes licenses for Kaspersky Mobile Security. We do not use the "Admin Server" because it proved to difficult to install and use. :bravo: For all the other products covered by the license, we can simply use key files and activation code that came with the license. :dash1: But activating KMS (On Android in this case) seems not to work: [*]Activation by key file is a missing feature in KMS. [*]Activation with the activation code from the Open Space license purchase is rejected with a message that the code can not be used to activate KMS. So how do we activate/reactivate KMS on Android using our already paid license. P.S. :russian: Purchase was direct from kaspersky.com using their Digital River powered web store, because our national distributor only knows about home products. P.P.S. :offtopic: The list bbcode tag doesn't seem to work, thus the strange stars where there should have been bullet points.
  10. I read that list several times over, and it is not clear if 2008 R2 is supported or not in server core mode. It mentions 2008 server core. It also mentions 2008 R2, but it doesn't state either way about 2008 R2 server core. During install, I received an explicit message that the admin console will not be installed on server core, and then setup continues. So KAK setup recognized that it was on 2008 R2 Server Core and allowed me to proceed. Anyway, I am not sure if this is purely a sever core problem, or if it is some other problem with the setup of SQL Express by the KAK installer.
  11. So, I got around to working on Kaspersky, now that its sunday Setup a single task for my servers only (8), huge spike in traffic. (anyone know how big the updates are each?) According to the documentation, the network agents on the clients default to checking for updates on the admin server and not directly on the Kaspersky ftp servers. If you have set up additional "update agent" servers, the admin servers will refer some of that traffic there. The admin kit new updates task is for telling the admin kit to put get the updates from Kaspersky, not for sending them out to the clients (which is automatic, see above. As for your 2 hour repeat cycle, I have noticed on regular clients that Kaspersky seems to release new updates on their public servers every 2 hours, so that could be the trigger. I have no idea why the network behavior you see is so abysmal (I am still struggling to install the admin server at all), but one thing you might check is name resolution for the DNS or NETBIOS name of the admin server. Name resolution problems in Windows networks can lead to broadcast storms. One thing I would try in you situation is this: Install WireShark or another packet dumper on a computer not running Kaspersky, plugged into one of the 290 ports that seem to receive unwanted traffic. Tell it to display all the traffic on that computer, wait for the storm and then see what kind of noise it is getting flooded with. To reduce update traffic to branches with more than 2 clients on them, the use of "update agent" servers in each branch seems to be designed to make each branch download only one copy of the updates.
  12. I am trying to install KAK 8.0.2134 on a Server Core 2008 R2 server which is also a DC. Unfortunately, I am having problems getting the SQLExpress part of the setup working: The first time I tried, KAK setup just didn't allow me to select the option to install SQL Express. I then tried installing SQL Express manually only to get an error that .net was "corrupted" (actually, .NET was fine, but .NET 32 bit is not installed by default on server core). So I installed .NET 32 bit and .NET 3 (64 and 32 bit) additional server roles. I then installed SQL Express manually (from the unpacked KAK installer files), ignoring warnings about IE and DCOM not being available, because this is server core. Now I tried installing KAK again, but it still does not offer to install SQL Express, and connecting to an "existing instance" just times out. So what is the proper way to install KAK 2134 on Server Core 2008 R2?
×
×
  • Create New...

Important Information

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.