Jump to content

pokeefe0001

Members
  • Content Count

    107
  • Joined

  • Last visited

About pokeefe0001

  • Rank
    Cadet

Recent Profile Visitors

957 profile views
  1. Thank you. I received your note. I had read the Synology information you pointed to but need to read it again. I think it recommends action far beyond my understanding - something more appropriate for a corporate NAS. (I think.)
  2. Could someone explain the source of the URL mentioned in the KIS popup? I may be trying to address the wrong problem. The URL "synology.com" obviously has a relation to my synology NAS but I'm not trying to get a connection with synology.com. That URL seems to be from the "subject" field of the certificate, but I don't pretend to understand what that implies.
  3. I got in a bit of forum trouble for cross-posting in another thread. I'd at least like to point to some other threads here because I am, or may be, trying to follow advice in those other threads in trying to solve this problem. One is from someone getting this same error, but the OP's computer is behind an Active Directory Domain Controller. I am not so these may not be related problems. https://forum.kaspersky.com/index.php?/topic/406913-content-not-protected-prompt-for-https-sites/ Another thread is quite similar to mine: https://forum.kaspersky.com/index.php?/topic/379983-can-i-turn-off-certificate-warnings/ A recommendation there was to turn off scanning encrypted connections. That works for me, but I would rather not implement that solution. In that same thread Whizard said " Sometimes the warnings are legitimate. In my case the warning is legitimate: the security chain is incomplete. KIS (and/or Windows and/or FireFox) does not have a certificate for Synology's CA. But I don't know what to do about it. I am willing to whitelist the connection but I can't get that to work. The exclusion list requests a domain name. I've tried both the NAS DNS name and the URL mentioned in the message - synology.com (although I really don't want whitelist all of synology.com).
  4. This doesn't seem to work for me but maybe I've got a different problem than the one being discussed in this thread. If I scan encrypted messages Kaspersky complains when I start an HTTPS connection to the dashboard of a couple of NAS devices on my LAN. An example: For another NAS I get the error " Invalid name of certificate ". These errors go away if I disable scanning encrypted connections but I'd rather not do that since the only errors I'm getting are for these NAS devices. I'm not sure what to put in the exclusion but neither the URL mentioned in the popup or the DNS name of the NAS prevents the error.
  5. Ah! I thought you meant putting the URL of the NAS in the Web Anti-Virus > Advanced > URL Advisor > Configure trusted URLs. So the checking of certificates is part of KIS Firewall processing? Actually, neither seems like the ideal solution. It seems like I should be able to give KIS the CA certificate and tell KIS to trust it.
  6. I access the Admin dashboard of a Synology NAS from FireFox using HTTPS. KIS complains "Connection not protected" with the reason "The certificate chain is not complete". Displaying the certificate path I see the certificate status: "The issuer of this certificate could not be found". I think that means I have to import the CA certificate somewhere, but I don't know if that "somewhere" in KIS, Windows, or FireFox. (I assume I need to import it into KIS.) I have no idea what to do and the Synology documentation on the topic is not very clear. I hope someone on this forum provide assistance. Synology provides 4 files relating to certificates: cert.pem, privkey.pem, syno-ca-cert.pem, and syno-ca-privkey.pem. I have no idea if any of those are of use, but the last two related to Synology's CA. Is this helpful? In the past when I've run into this kind of issue I just told KIS (or maybe FireFox) to just treat the connection as trusted but now that seems to just be temporary. I repeatedly run into the error.
  7. I've read that the use of lots of resources - cycles ans memory, I assume - happens only during the disinfecting, not during detection. If that's the case then resource usage is not much of a reason to turn off the function; it won't hurt unless it's needed to fix things. But my question is: What does it fix that would go unfixed without it? If it fixes rootkit malware or ransomware then it might be worth the cost in resources, whatever that cost. But I thought KIS already did that. So what does this function give us?
  8. I recently read a posting that included an excerpt from a log of database update activity. I didn't know such a thing existed. Is that log available through the "Log non-critical events" option, or is it somewhere else? I've always assumed the "Log non-critical events" was something to be turned on at the request of Kaspersky support - part of debugging activity, not for every day use.
  9. Please forgive me if this is a duplicate post. I tried posting this several weeks ago but I think it never made it to the forum. I'm using KIS 2019 and have Advanced Disinfection Technology enabled, but I don't have any idea what this actually achieves. The description "a special procedure is applied for extensive disinfection against malicious programs" is pretty vague. I realize the technology is proprietary so I don't expect a detailed description, but is there anything a bit more informative? Is there any description of the types of malware targeted (such as rootkits, etc.)? Is there any description of the state of the computer before and after the technology does its work? I've read that a reboot is required after the work is performed so I assume significant changes are made but I have no idea what kind of changes. Registry changes? DLLs replaced? (Probably not.) DISM invoked to rebuild parts of the operating system? (I hope not.) If KIS determines it needs to invoke the technology are we giving an opportunity to create a system backup first ... just in case the technology isn't totally successful in its work?
  10. You might want to clarify this request when you submit your suggestion. "HTTP address" is a very peculiar phrase since HTTP is just a protocol, not a type of address. Do you perhaps want KIS to display the DNS name associated with the IP address? If so, you should make that clear. An if that is what you ask for, please request that it be optional. Determining the DNS names for the display would take extra time.
  11. I tried enabling encrypted scanning - first "upon request ..." and then fully - but the message stayed ... even after reboot. I had the Kaspersky browser extension disabled in the profile I use to access my router's GUI. Enabling it did not make the warning go away.
  12. Actually, I tried that yesterday but FireFox said the certificate was already installed. I didn't try uninstalling and reinstalling the certificate. I don't particularly want to go the master password route.
  13. KIS 19.0.0.1088(c) In the "Recommendations" section of the KIS Notification Center I am given the recommendation "Secure traffic scan in Firefox is limited" (which isn't a recommendation). Selecting "Learn more" takes me to page https://support.kaspersky.com/us/common/error/other/14396?cid=KIS_19.0&utm_source=interceptor&utm_medium=product&utm_campaign=KIS_19.0 which describes a message received when opening FireFox or Thunderbird. There is no mention of the message in the KIS Notification Center. I do not get any warning when opening FireFox or Thunderbird so I suspect this web page does not apply to my situation. Could this warning be related to my having selected "Do not scan encrypted connections"? (If so, it would be nice if the warning mentioned that.) Even though that "Learn more" page doesn't seem to apply, I read it and saw something disturbing: instructions to delete multiple FireFox profiles " except for the one you intend to use ". I use multiple FireFox profiles. Is this not supported in KIS?
  14. I'm quite sure nobody on this forum could do any more than make conjectures. If authoritative members from Kaspersky were to offer such reassurances, would you believe them, or would you need assurances that those assurances were free from interference? Any security software could be designed to turn a blind eye on it's own activities so any such software could contain malicious code. But what is the alternative? Write our own security package? (I certainly would not trust it.) I trust that Kaspersky, as one of the most respected creators of security packages, will continue to create software that does what it is intended to do - protect me from malware and malicious websites, etc.
×
×
  • Create New...

Important Information

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.