Jump to content

Recommended Posts

Hi,

I just installed the new update for Kaspersky Internet Security (19.0.0.1088a) on my Windows 10 PC (latest build). My bash (using ubuntu 18.04) cannot connect to Internet anymore. When doing sudo apt-get update, just can't establish a link. However, when Kaspersky is uninstalled, it works fine.

Furthermore, last version that I had (I think it was Kaspersky 18), it worked fine, no issues.

Anyone having this issue? Anyone can supply me the V18 that works?

Thanks.

Share this post


Link to post

same issue

RS4 with KIS 2019 Patch a

after exiting KIS, WSL (bash) working properly

 

Capture.PNG

Edited by silverbios

Share this post


Link to post
1 hour ago, silverbios said:

same issue

RS4 with KIS 2019 Patch a

after exiting KIS, WSL (bash) working properly

I contacted the support and they told me the following:

1) Authorize the paquets (check if network is trusted in firewall + configure paquets in firewall for TCP and UDP to authorize)

2) Create exclusion for BASH folder in config/advanced/Exclusions

3) Change rules of the application in Firewall, find Bash and right click for details and rules, ass exclusion for the 4 first boxes

 

I didn't test it out yet, but kinda afraid of the 2nt option since BASH is present in system32, so any virus can go there without any issues... And I already tested the number 3 and didn't do anything...

Can you test out these actions on your side as well?

 

Share this post


Link to post

I had a similar issue, only for me just https connections under WSL were being blocked and blocked no matter how they were being established (NPM, APT, CURL, etc.) ...
Disabling or pausing protection didn't help, while exiting KIS completely did, same as reported by OP.

The "fix" for me was: Settings > Additional > Network > Monitored ports: Monitor selected ports only > Select > Disabling the HTTPS rule:

image.thumb.png.31b2aab3ac2208235e4d575eae6d6d52.png

Maybe there is a better way to disable this rule as an exception only for bash, or maybe there is some deeper cause why HTTPS is being blocked for bash processed, but not for WIndows ones - for now though this at least lets me work.

Hope this helps someone!

Share this post


Link to post
33 minutes ago, ofzza said:

I had a similar issue, only for me just https connections under WSL were being blocked and blocked no matter how they were being established (NPM, APT, CURL, etc.) ...
Disabling or pausing protection didn't help, while exiting KIS completely did, same as reported by OP.

The "fix" for me was: Settings > Additional > Network > Monitored ports: Monitor selected ports only > Select > Disabling the HTTPS rule:

 

Maybe there is a better way to disable this rule as an exception only for bash, or maybe there is some deeper cause why HTTPS is being blocked for bash processed, but not for WIndows ones - for now though this at least lets me work.

Hope this helps someone!

Yeah I tested everything before except the add system32 to exclusions for security reasons (and I can't seem to add the bash.exe file to exceptions...).

Nice find though for the HTTPS, however still don't think it's a good idea to disable that ^^

Share this post


Link to post

Ok so tested adding bash in the exclusions and still the same issue. Tested the https and didn't work, did you need to reboot?

Share this post


Link to post

What about to add bash/WSL services/executables to Exclusions -> Specify Trusted Applications -> Do not scan encrypted traffic...

Share this post


Link to post
à l’instant, harlan4096 a dit :

What about to add bash/WSL services/executables to Exclusions -> Specify Trusted Applications -> ticking -> Do not scan encrypted traffic...

i added bash.exe and did what you suggested but same issue ^^

Share this post


Link to post

I haven't enabled WSL/bash support in my W10, but is this that only executable/service implicated?

Share this post


Link to post

 

il y a 2 minutes, harlan4096 a dit :

I haven't enabled WSL/bash support in my W10, but is this that only executable/service implicated?

From my point of view yes, but can't be 100% sure though... Only way is to launch bash, so added that and recursive.

 

Strange this is that it works with KAS18... Without doing anything in particular.

Edited by lukadimur

Share this post


Link to post
46 minutes ago, lukadimur said:

Ok so tested adding bash in the exclusions and still the same issue. Tested the https and didn't work, did you need to reboot?

It worked instantly for me - no restart, or even reopening of bash required!

 

And of course, before doing this, I did try everything else I could think of: checking network is trusted, checking bash is trusted, adding exceptions not to scan traffic for bash (Firewall > App rules > bash > Exclusions > Do not scan all traffic), adding other exceptions for bash(Firewall > App rules > bash > Exclusions > *) , just disabling modules one-by-one ... and nothing helped.

The easiest way for me to check if the HTTPS worked or not under bash was to just try "curl https://google.com" or "wget https://google.com", both of which failed before and work for me again now. I guess if you're having problems with HTTP you can try disabling all the HTTP rules as well as the HTTPS one? Not saying it's a good idea for a definitive solution, but would at least narrow down the problem if it works or show that we had completely different issues if it didn't ...

 

--

For me, also, it seems only WSL bash is affected - exactly same HTTPS domains can be reached by any other application on the system: CMD, PowerShell, Browsers, etc.

--
Lastly, this started happening for me after updating from KIS18 to KIS19 GDRP version, which I was prompted to install.

Edited by ofzza
Additional note

Share this post


Link to post

 

8 hours ago, silverbios said:

same issue

RS4 with KIS 2019 Patch a

after exiting KIS, WSL (bash) working properly

 

 

My original issue was with NPM. so I didn't really even test for HTTP - now, when I did an "apt-get update" I got the exact same HTTP errors @silverbios had reported earlier.
Having previously fixed the HTTPS issue by disabling scanning of HTTPS port, I now tried the same thing for HTTP port 80 and it worked ...

 

... again, not saying this is a good idea, but if you have to have bash working and unless someone can give us something better, I guess I prefer it to just exiting KIS completely!

image.png

Share this post


Link to post

Ok so latest feedback from support is that one module must be broken. What they suggest is to add the websites in the Internet Antivirus module. However, this means to add EVERY website (which is, sorry for the language, bullshit since I won't add ALL the links in the world to make it work... same thing as deactivating the Internet Security...).

Gonna wait for a new version, meanwhile for those who want it, I have the KAS18 version. Other solution is to close and relaunch every time...

Share this post


Link to post

The same issue. For me helps closing or uninstalling KIS 2019...

Some time ago I contacted Kaspersky with this problem, but no feedback received yet :(

Share this post


Link to post
4 hours ago, yaya2017 said:

Same here. Please fix this.

 

7 hours ago, Whizard said:

Did you contact TechSupport as indicated above?

 

Share this post


Link to post
Le 22/06/2018 à 22:11, Ubu a dit :

Same here. Please fix this.

 

Il y a 11 heures, yaya2017 a dit :

Same here. Please fix this.

Guys contact tech support and send them the needed information instead of replying here... I sent them some logs, data, etc so that htey can fix it with the devs. If a lot more people send the info, it will be fixed faster.

 

Share this post


Link to post

That is correct. The more reports with GSI and product logs the faster the issue is fixed.

Share this post


Link to post

Hello guys, I had the same issue with Kaspersky Antivirus 19, I've tried following workaround which worked:

- use custom proxy server installed on Windows level just for the WSL Linux subsystem
- you can use for instance http://www.handcraftedsoftware.org/index.php?page=download   >  FreeProxy Internet Suite   (guide https://www.youtube.com/watch?v=APaOb7AfAzo&t=944s)
- configure proxy port in FreeProxy Control Center, default is port 8080
- allow the port in Kaspersky Antivirus in its Network Ports settings
- then start console (Firewall Notification should appear to allow it for public and private networks)
- and when you open WSL Ubuntu bash console you can try this:

1.) Negative test without proxy (denied by Kaspersky Antivirus)
$ wget google.com

--2018-07-18 12:19:00--  http://google.com/
Resolving google.com (google.com)... 172.217.23.206, 2a00:1450:4014:801::200e
Connecting to google.com (google.com)|172.217.23.206|:80... connected.
HTTP request sent, awaiting response... No data received.
Retrying.

2.) Positive test using new proxy
$ wget https://google.com -e use_proxy=yes -e http_proxy=127.0.0.1:8080 -e https_proxy=127.0.0.1:8080

--2018-07-18 12:24:33--  https://google.com/
Connecting to 127.0.0.1:8080... connected.
Proxy request sent, awaiting response... 301 Moved Permanently
Location: https://www.google.com/ [following]
--2018-07-18 12:24:33--  https://www.google.com/
Connecting to 127.0.0.1:8080... connected.
Proxy request sent, awaiting response... 200 OK
Length: unspecified [text/html]
Saving to: ‘index.html.1’

index.html.1                      [ <=>                                              ]  10.94K  --.-KB/s    in 0.008s

2018-07-18 12:24:34 (1.29 MB/s) - ‘index.html.1’ saved [11199]


Of course this is only basic description of the solution, it's needed to do more settings around:
- set global proxy settings on Linux, some applications like maven or git may need individual config files
- also it's good security manner to change proxy sever port to something not commonly used
- moreover you should also apply User and Password protection of the proxy access
- and if you're really enthusiast about security you can create ban list, turn on access log and so on
- finally FreeProxy Suite can be used as Windows Service, so you can configure it for automatic execution

Btw, I've also created ticket on tech support:
INC000009402259

Share this post


Link to post

The newest KIS version 19.0.0.1088(b) doesn't solve the problem.

My ticket is: INC000009258873

Share this post


Link to post

×
×
  • Create New...

Important Information

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.