Jump to content
  • Announcements

    • Rodion Nagornov

      Недоступность форума // Forum maintenance   08/16/2017

      В связи с техническими работами форум будет недоступен с 20.00 (МСК) 18.08.2017. Максимальное время недоступности - до 20.00 (МСК) 20.08.2017. *** Due to maintenance forum will be unavailable since 8pm (+3 GMT) 18-Aug-2017. The longest possible time of maintenance - till 8.pm (+3 GMT) 20-Aug-2017.


  • Content count

  • Joined

  • Last visited

About dpeters11

  • Rank

Recent Profile Visitors

62 profile views
  1. Cannot install SP1 MR4

    It's solved. I doubt that any upgrades we do would have the same issue, my system isn't the most normal, if we even really put out MR4 at all. I'm hoping that by the time MR3 goes EOL, we'll be on SP2+.
  2. Cannot install SP1 MR4

    It worked this time, I also took an extra precaution of manually selecting SP2 and making sure nothing was left of it. I got the screenshot I needed of the process, so I'm good to go.
  3. Cannot install SP1 MR4

    I can do that. I'll decrypt it, run the remover, reinstall mr3, re-encrypt and retry mr4. It's just odd that MR3 updated to MR4 fine, until the issue with updating the encryption, then I got the recalled patch error.
  4. Cannot install SP1 MR4

    I don't see it listed under software updates in KSC. I'd been trying to install it as a package from KSC. I just tried a standalone exe, same failure but I do get setup logs. No private patches, this was a clean install of MR3 yesterday after removing SP2. kl-install-2017-07-21-12-54-12.log kl-setup-2017-07-21-12-53-54.log
  5. Cannot install SP1 MR4

    When it installed the first time, I got these errors. After the reboot, it had reverted itself to MR3. When I attempted a reinstall after that (including another reboot), it failed with the recalled patch message. What's strange, I don't see an install log. There's an MSIxxxx.log and a ucaevents, but those are from the mr3 install yesterday GSI report is here https://app.box.com/s/exqzy72hmi43gax5dnfu Event type: FDE upgrade failed Reason: Upgrade initiation failed Encryption type: Encryption of hard drives Event type: Error encrypting/decrypting device Action: Encryption Reason: Encryption paused for the duration of update installation Encryption type: Encryption of hard drives
  6. Testing this version for systems that we can't yet go through the decryption process for SP2. I installed SP1 MR3 yesterday and encrypted. Today I installed MR4. It installed OK the first time, but then failed the encryption update and reverted. I cleared up some more disk space etc in case that was the issue, but now MR4 won't install at all. Remote installation has been completed with an error on this device: Fatal error during installation. (Error 27357.Installation package has been found to contain recalled patches , {1E08552F-85AE-453C-A35E-EB1980F5C667}. Installation will be aborted.) This still happens after I updated the package databases.
  7. FDE upgradation

    I think you can upgrade to MR4 with no decryption, but you can't go to SP2 without decryption. The way Kaspersky has been doing it lately (at least starting with SP1 M2) is that you can go to MR releases within a version but can't go to a new SP level.
  8. KES 10 SP2 - Restart request

    Looks like it's a good thing my policy is set to not restart...
  9. NotPetya [In progress]

    One thing I've wondered about, if a system is full disk encrypted, would ransomware like this work?
  10. So the only port I need open from the DMZ to the Internet is 13000 for systems out on the Internet to get definitions from the gateway and keep their status updated?
  11. Ok, but in terms of ports open to the Internet, which ones are needed for client communication?
  12. I've got a system in our DMZ that I want to use as a connection gateway for systems that are not connected to the VPN for management. The server currently is able to communicate with the KSC for it's own, with TCP 13000, 14000 and 18000 plus udp 13000 open to the internal KSC (10 SP2 MR1). What ports are needed from the connection gateway to the internet for client communication? Is it just TCP 13000 and 14000 or do I need 13292 and 13293 (defaults in the gateway section of the update agent properties)?
  13. Ok, so since that recommends disabling SMBv1, then it seems safe to say that Kaspersky products don't use SMBv1.
  14. Not really, Wannacry is just bringing the issue to the forefront. Microsoft is trying to get v1 disabled, and the way I see it, there likely will be other vulnerabilities in it. If we don't need it, then why keep it enabled.
  15. Ok, I guess I'll disable and see if it breaks.