Jump to content
peterecju

Application Startup Control - Console1.msc

Recommended Posts

Hello guys,

I'm not able to define exclude rule for console1.msc file (saved mmc management console).

Each time administrator makes changes it has new SHA-256 hash.

I tried to define it based on metadata File name: "Console1.msc"; but without success. 

How to solve it?

 

Thanks a lot.

Share this post


Link to post
7 minutes ago, Nikolay Arinchev said:

Hi,

You can use a path to console to make an exclusion instead of SHA256.

Thank you!

I would like to to, unfortunately each admin has it on its own place. Very strange.

Share this post


Link to post
On 1/24/2018 at 4:36 PM, Nikolay Arinchev said:

Is it possible to make a category based on metadata?

Thank you!

It looks like metadata are ignored, or I do it a wrong way.

 

Share this post


Link to post
On 1/24/2018 at 5:10 PM, peterecju said:

Hello guys,

I'm not able to define exclude rule for console1.msc file (saved mmc management console).

Each time administrator makes changes it has new SHA-256 hash.

I tried to define it based on metadata File name: "Console1.msc"; but without success. 

How to solve it?

 

Thanks a lot.

Hello,

please state exact versions of KSC server, consoles, KES, network agents and installed patches.

Please attach screenshots of error messages which dispaly the actual problem.

Thank you.

 

Share this post


Link to post
33 minutes ago, Dmitry Eremeev said:

Hello,

please state exact versions of KSC server, consoles, KES, network agents and installed patches.

Please attach screenshots of error messages which dispaly the actual problem.

Thank you.

 

KSC: 10.4.343

Network agent: 10.4.343 (SF1)

KES: 10.3.0.6294 AES256 (mr1, pf3027, pf3028)

You can see condition defined in Application category and also message from Startup control.

 

image.png.f231afa2a1f74fba7e428b2a2cebcbb1.png

image.png.c11214423e49253dd4ea1cbccd0cb28a.png

image.png.9bb43fa752349cbc1dc027419664287d.png

Share this post


Link to post

Hello,

please install patch A for KSC server, consoles and agents.

Please attach screenshots of list of rules and rule properties.

Thank you.

 

Share this post


Link to post
2 hours ago, Dmitry Eremeev said:

Hello,

please install patch A for KSC server, consoles and agents.

Please attach screenshots of list of rules and rule properties.

Thank you.

 

Patch A installed.

Screenshot from rule - related one highlited.

image.thumb.png.ba7c95ef86d5f52769f4ca8380b40cdf.png

 

Share this post


Link to post

Please attach KL software report with installed patches.

3 hours ago, Dmitry Eremeev said:

Please attach screenshots of rule properties.

Thank you.

 

Share this post


Link to post
14 hours ago, Ivan.Ponomarev said:

Could you please post the screenshot of the rules?

Thanks!

What do you mean with screenshot of the rules?

From Policies tab, or from Application categories...

Share this post


Link to post
14 hours ago, Konstantin Antonov said:

 From Application categories.

Thank you!

You already have it in the message from Monday.

But I can repeat it:

image.png.f231afa2a1f74fba7e428b2a2cebcbb1.png

Share this post


Link to post

Hello. 

You cold try to use " Category with content added automatically", specify catalog  with controlled acces and strict permissions, and for example only files with .msc extention allowed to be stored. KSC will access this folder periodicaly and add files checksumms to your category. Administrator will have to copy their .msc  to that folder. 

That is not really secure method. 

How many cosole variations do you have, would it be feasible to add console checksumms manually ?

Share this post


Link to post
3 hours ago, Evgeny_E said:

Hello. 

You cold try to use " Category with content added automatically", specify catalog  with controlled acces and strict permissions, and for example only files with .msc extention allowed to be stored. KSC will access this folder periodicaly and add files checksumms to your category. Administrator will have to copy their .msc  to that folder. 

That is not really secure method. 

How many cosole variations do you have, would it be feasible to add console checksumms manually ?

Hello,

This is not a good way. Each admin has its own console with own setup.

From my point of view, if KSC has an option to define rule based on metadata, it should use it.

Share this post


Link to post

Here si the official statement from support:

 

yes, this is by design behavior.

Metadata - file description provided by the manufacturer. This criterion is applicable ONLY to the files that have a correct digital signature because otherwise, the file description could be forged.

Thanks for understanding.

Share this post


Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×

Important Information

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.