Jump to content
  • Announcements

    • Rodion Nagornov

      Долгое сохранение сообщений || Delays while posting   09/20/2017

      По техническим причинам возможно визуально долгое отправление сообщений на форуме. Фактически ваше сообщение публикуется мгновенно - долго отрабатывает графика. В случае подобной ситуации, пожалуйста, сначала обновите страницу (F5) и проверьте, появилось ли ваше сообщение. Не пытайтесь сразу отправить его заново.  || Due to some technical reasons visual delays are possible while message sending. Actually your message is published immediately - just interface works long. In such case, please, do not re-send your message immediately! Press F5 to reload the page and check if your message/topic is published.
Sign in to follow this  
c3k

Traffic Monitor Untrusted Certificate Warnings

Recommended Posts

c3k   

I'm using KIS v11.0.1.400 (no other English version is available on the update page). I have several computers wired in a LAN behind a router. I also have a network printer. I get REPEATED warnings about traffic which involves my network printer, due to unauthenticated website certificates. I have NO idea why I get these warnings or what they mean.

 

Here's an example:

**************************************************

KIS 2011, Traffic Monitor

 

Cannot guarantee the security of the encrypted connection between Checkbook-V1-728x90[1].swf and 192.168.1.124 because it is impossible to check the website authentication certificate.

 

View the website certificate

 

Website address: 192.168.1.124 (192.168.1.124)

 

Do you truste the specified website?

**************************************************

Now, the bold Checkbook...swf item changes. Sometimes it is something in Chinese (I think) characters. Sometimes it's some other verbiage. I never know what they are, where they're coming from, or what they are trying to do.

 

The 192.168.1.124 is my network printer's fixed IP address on my LAN. Do I trust my printer/fax/scanner? Why wouldn't I?

 

Is it asking if the printer is trusted, or if the other place (Checkbook...swf) is trusted?

 

KIS works very well, but this has been going on for a few months. How do I stop these nuisances? Is there a danger to saying "Yes, accept the untrusted certificate"? If I "Deny certificate (recommended)" will I lose some sort of functionality?

 

If these are nuisance messages, how do I configure KIS to stop them?

 

Thanks,

Ken

Share this post


Link to post
Share on other sites
c3k   
Disable SSL scanning.

 

Whizard,

 

Thank you for pointing me in this direction. Using what you wrote, I looked up SSL in the KIS Help file and found this:

 

*******************************************************************************

Scan encrypted connections

 

Connections using the Secure Sockets Layer (SSL) protocol protect data exchange channel on the Internet. The SSL protocol allows identifying the parties exchanging data using electronic certificates, encoding the data being transferred, and ensuring their integrity during the transfer.

 

The box enables / disables scanning of secure connections through installation of Kaspersky Lab certificate.

 

If the box is checked, Kaspersky Internet Security always uses the installed certificate of Kaspersky Lab to ensure that the connection is secure indeed. If Kaspersky Internet Security detects during connection to server an invalid certificate (e.g., when it is replaced with malicious intentions), the product will display a prompt suggesting to accept or reject the certificate or just view the information about the certificate. If Kaspersky Internet Security functions in automatic mode, it terminates the connection using an invalid certificate automatically without notification.

 

When you check the box for the first time, the Certificate Installation Wizard launches automatically.

 

If the box is unchecked, Kaspersky Internet Security does not scan SSL traffic.

 

This box is unchecked by default.

 

*******************************************************************************

 

 

If I disable SSL Scanning, does that open up some sort of vulnerability? If not, why am I getting these warnings? Who, or what, is trying to communicate to (or is it FROM) my network printer? Is my network printer somehow being used as a toehold to gain access to my LAN?

 

Thank you so much for your help!

Ken

Share this post


Link to post
Share on other sites
c3k   
If I disable SSL Scanning, does that open up some sort of vulnerability? If not, why am I getting these warnings? Who, or what, is trying to communicate to (or is it FROM) my network printer? Is my network printer somehow being used as a toehold to gain access to my LAN?

 

Thank you so much for your help!

Ken

 

Any help for the questions I posted above? If I disable SSL scanning, the warnings go away. Okay, if I disable KIS, ALL the warnings would go away, yet it's obvious that disabling KIS would open up vulnerabilities. That's why it's there. Why is SSL Scanning there? Why, when I'm not trying to print anything, am I getting so many certificate requests to/from my network printer?

 

Thanks.

Share this post


Link to post
Share on other sites
Whizard   

You are in no harm in switching it off. I am guessing its a "chatty" printer. Which model is that? Ensure you are running the latest Kaspersky 2011 build 400.

Edited by Whizard

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×