Jump to content
Kaspersky Support Forum

vladop

Members
 View Profile  See their activity

  • Posts

    2

  • Joined

  • Last visited

    Never

Reputation

0 Neutral
  1. vladop
    It still doesn't work after install KES 11.6 I was able to add only : windowsupdate.microsoft.com,update.microsoft.com,download.windowsupdate.com,download.microsoft.com,ntservicepack.microsoft.com,stats.microsoft.com but it`s not enough. I will open a case with Kaspersky technical support and write about the result. Thanks for the advice. BTW, in version 11.6 the process "c: \ Windows \ System32 \ services.exe" cannot be specified as an exception and I don't know why, KES says that such a file does not exist. Whether it's a bug or not I didn't understand.
  2. vladop
    Hello, I have the following question. I would like to blocks connections to any IP addresses on all ports outside the local network of Windows Server 2019 by installing kaspersky endpoint security -11.4.0.233, but to leave the option Windows Аutomatically update work. With workstations, this is not a problem - I have a solution for that. The problem is with the server version of Kaspersky. I do the following: I set as exclusion processes that I think are responsible for the update, so that the firewall settings do not apply to them, but without success. These are processes that they have put as an exclusion : c:\Windows\System32\services.exe C:\Windows\System32\wuauclt.exe C:\Windows​\ImmersiveControlPanel\SystemSettings.exe C:\windows\system32\svchost.exe C:\Windows\System32\dllhost.exe C:\Windows\System32\wbem\WmiPrvSE.exe The problem is that in Firewall Settings - => Network Packer Rules I can't add this list: http://windowsupdate.microsoft.com http: //*.windowsupdate.microsoft.com https: //*.windowsupdate.microsoft.com http: //*.update.microsoft.com https: //*.update.microsoft.com http: //*.windowsupdate.com http://download.windowsupdate.com http://download.microsoft.com http: //*.download.windowsupdate.com http://wustat.windows.com http://ntservicepack.microsoft.com http://stats.microsoft.com https://stats.microsoft.com , because KES adds each address by checking its current DNS record, and they change very dynamically and after a few days the IP address is different and the updates stop. This is what the log looks like: 15.6.2021 г. 16:49:10 Unknown TCP Blocked 20.83.81.160 443 192.168.0.80 54914 All networks ADSRV\Administrator BLOCK_ALL 15.6.2021 г. 16:49:10 Unknown TCP Blocked 52.249.36.200 443 192.168.0.80 54915 All networks ADSRV\Administrator BLOCK_ALL 15.6.2021 г. 16:49:10 Unknown TCP Blocked 52.238.248.1 443 192.168.0.80 54916 All networks ADSRV\Administrator BLOCK_ALL 15.6.2021 г. 16:49:10 Unknown TCP Blocked 20.83.81.160 443 192.168.0.80 54917 All networks ADSRV\Administrator BLOCK_ALL 15.6.2021 г. 16:49:10 Unknown TCP Blocked 52.249.36.200 443 192.168.0.80 54918 All networks ADSRV\Administrator BLOCK_ALL 15.6.2021 г. 16:49:10 Unknown TCP Blocked 52.238.248.1 443 192.168.0.80 54919 All networks ADSRV\Administrator BLOCK_ALL 15.6.2021 г. 16:49:12 Unknown TCP Blocked 20.83.81.160 443 192.168.0.80 54920 All networks ADSRV\Administrator BLOCK_ALL 15.6.2021 г. 16:49:12 Unknown TCP Blocked 52.249.36.200 443 192.168.0.80 54921 All networks ADSRV\Administrator BLOCK_ALL 15.6.2021 г. 16:49:12 Unknown TCP Blocked 52.238.248.1 443 192.168.0.80 54922 All networks ADSRV\Administrator BLOCK_ALL 15.6.2021 г. 16:49:13 Unknown TCP Blocked 81.19.104.212 443 192.168.0.80 54925 All networks ADSRV\Administrator BLOCK_ALL 15.6.2021 г. 16:49:13 Unknown TCP Blocked 130.117.190.213 443 192.168.0.80 54926 All networks ADSRV\Administrator BLOCK_ALL 15.6.2021 г. 16:49:13 Unknown TCP Blocked 195.122.177.184 443 192.168.0.80 54927 All networks ADSRV\Administrator BLOCK_ALL 15.6.2021 г. 16:49:13 Unknown TCP Blocked 81.19.104.214 443 192.168.0.80 54928 All networks ADSRV\Administrator BLOCK_ALL 15.6.2021 г. 16:49:14 Unknown TCP Blocked 130.117.190.148 443 192.168.0.80 54929 All networks ADSRV\Administrator BLOCK_ALL 15.6.2021 г. 16:49:14 Unknown TCP Blocked 52.12.8.165 443 192.168.0.80 54930 All networks ADSRV\Administrator BLOCK_ALL 15.6.2021 г. 16:49:14 Unknown TCP Blocked 130.117.190.156 443 192.168.0.80 54931 All networks ADSRV\Administrator BLOCK_ALL 15.6.2021 г. 16:49:14 Unknown TCP Blocked 130.117.190.158 443 192.168.0.80 54932 All networks ADSRV\Administrator BLOCK_ALL 15.6.2021 г. 16:49:14 Unknown TCP Blocked 62.67.238.138 443 192.168.0.80 54933 All networks ADSRV\Administrator BLOCK_ALL 15.6.2021 г. 16:49:14 Unknown TCP Blocked 62.67.238.148 443 192.168.0.80 54934 All networks ADSRV\Administrator BLOCK_ALL 15.6.2021 г. 16:49:14 Unknown TCP Blocked 130.117.190.217 443 192.168.0.80 54935 All networks ADSRV\Administrator BLOCK_ALL 15.6.2021 г. 16:49:14 Unknown TCP Blocked 81.19.104.18 443 192.168.0.80 54936 All networks ADSRV\Administrator BLOCK_ALL 15.6.2021 г. 16:49:14 Unknown TCP Blocked 130.117.190.225 443 192.168.0.80 54937 All networks ADSRV\Administrator BLOCK_ALL 15.6.2021 г. 16:49:14 Unknown TCP Blocked 81.19.104.212 443 192.168.0.80 54938 All networks ADSRV\Administrator BLOCK_ALL 15.6.2021 г. 16:49:14 Unknown TCP Blocked 130.117.190.213 443 192.168.0.80 54939 All networks ADSRV\Administrator BLOCK_ALL 15.6.2021 г. 16:49:14 Unknown TCP Blocked 20.83.81.160 443 192.168.0.80 54940 All networks ADSRV\Administrator BLOCK_ALL Can anyone help with an idea?
×
×
  • Create New...