About hyvokar

Vad

The last NPP patch visible from fsdaig i have is: https://notepad-plus-plus.org/repository/7.x/7.7/npp.7.7.Installer.x64.exe Best regards, Vad

hyvokar

Hi, and thank you for your reply. The setting was already set to "yes" as described in my first post. Locking the setting solved the problem. Thanks!

etomcat · ‎17-05-2019

Hello, Please upload falsely blocked Excel file samples here: https://www.f-secure.com/en/web/labs_global/submit-a-sample Tick the "give more details" checkbox and provide your e-mail address, so that the F-Secure Virus Analysis Lab will send their answer to you. Please also copy the "disallowed attachment" blocking warning in the textual message field and click Submit. You should receive an automatic e-mail with the lab ticket number in it almost immediately. I usually receive a definitive response from a human within 1 day, sometimes 2 days when using that method to report false alarms. Best Regards: Tamas Feher, Hungary.

etomcat · ‎30-04-2019

Hello, >> Web site blocked: Adult content >> https://en.wikipedia.org/wiki/Information_technology > > This is actually getting hilarious I looked at that Wikipedia article and I have a theory: around the middle of the page, there is a photo insert of an unfolded pink punch tape roll. I would guess the image analysis tool mistook that sight for pantsu, thus classifying the webpage as adult content. ( By the way, a long time ago, photos of fire service trucks were the favourite source of "pornography classification" false alarms in a high-end british gateway content filter. Nowadays, the AI computer in Tesla e-cars can correctly identify and follow fire trucks, so we can't deny that progress exists: https://old.reddit.com/r/teslamotors/comments/bi8j85/following_a_fire_engine_with_tesla_autopilot/ )

etomcat · ‎29-03-2019

Hello, I think the FSCS version 14 .MSI-based distribution method is less practical then FSCS12/13 used to be, as keycode cannot be inserted. I think F-Secure should work on a method which creates a properly structured MSI file, without the need for end-user tweaking. On the other hand, the Push-based method is difficult to authorize in the Windows 10 era: remote registry service must be running, admin$ network share must be available, classic sharing model must be enabled (these need a regedit), firewall ports must be open, user account password reqs must be met, etc. Best regards: Tamas Feher, Hungary.

MJ-perComp · ‎29-03-2019

Re-Installation of a Hotfix should not cause a problem, but it might create a "pending reboot". Check that on one system first.

MJ-perComp · ‎04-03-2019

Without knowing that software in detail, please check this: - Is it possible to assign the same IP aggain via DHCP, then you could use that address. - If the server part of that machine is runing locally, how does the client side learn about it? - In V13 we still have the concept of trusted NICs... If you were running a windows firewall, how would that learn about the needs? Why do you want to limit the outgoing traffic, if you could just allow incomming traffic on that ports only?

hyvokar · ‎01-03-2019

Thanks!

A-Grinkevitch · ‎18-01-2019

Great!

etomcat · ‎03-12-2018

Hello, xxxxxxxx Is it a good idea to give away the address of your F-Secure Policy Manager Server via screenshots? The host seems to be available from the public internet. Isn't it better to make it only available internally and/or via VPN? BR, Tamas Feher, Hungary. EDIT: PII

hyvokar · ‎13-11-2018

Also a feature request: cut/copy + paste firewall rules from one device to another device/profile. Meaning, if I need to do an additional rule for let's say 5 computers, I could just do one and then copy-paste it to the rest of the computers.

Vad · ‎12-09-2018

Hello hyvokar, "Client can check policies from PMS" means that your fssspr is installed in Centralized management mode, right? In this case the default server for fetching updates is PM (or PM proxy, if configured). Uncheck the "Allow falling back to F-Secure update server if PM Proxies are inaccessable" check box on Settings (Standard view) > Automatic updates page in PMC, to prevent usage of fbwserver.f-secure.com in case PM is unreachable. Note that for fetching updates the client uses http protocol. Https is used for delivering policies/statistics. Try to connect to PM from the client's browser using PM's IP or DNS name. You should see the PM welcome page. We have a KB article about connection to the cloud: https://community.f-secure.com/t5/Business/URL-addresses-for-F-Secure/ta-p/11407 Best regards, Vad

Gabri3l · ‎05-09-2018

We apologize for the late answer. The error is usually due to 1 or more of modules installations being corrupted. F.ex when upgrading version there might be something left in the registry and so on. It is hard to say what was the reason in this case without taking a look at the diagnostics. Please do contact our Support if in need of assistance on this issue: https://www.f-secure.com/en/web/business_global/support/support-request

Vad · ‎21-08-2018

Hello hyvokar, Please, contact support. We will need diagnostic information collected from your PM/PMC, preferably at the moment when the issue is reproduced. Best regards, Vad

hyvokar · ‎20-08-2018

Thanks Vad! This one was too obvious... Also, found using alert log very useful with test rules.

hyvokar · ‎08-08-2018

Thanks, now it makes sense :-) Where do you define [updateservers] or is it the servers configured in client security client? Would like to have a list of [] services and hosts (like [MyDNS]), could be usefull when configuring a new profile

hyvokar · ‎01-08-2018

Would love an option in PMC scheduled scan settings "force update virus definiotions before scan" or "do not launch the scan, if the virus definitions are over xx days old".

Vad · ‎24-07-2018

Hello hyvokar, Sorry for the delay. There’s a ID in registry. Go to LOCAL_MACHINE “SOFTWARE\\Mozilla\\Firefox\\Extensions”. There will be a value ols@f-secure.com if the extension is installed. Best regards, Vad

hyvokar · ‎11-07-2018

My advice would be, that only allow the traffic you need. tcp80/443 to everywhere, dns to your nameservers, ftp/ssh/stmp where needed, smb to your local network etc. It takes some time to plan and setup, but will be much more secure than just allowing all outgoing traffic. Here's an example of an exploit: https://thehackernews.com/2018/04/outlook-smb-vulnerability.html

Vad · ‎27-04-2018

Hello hyvokar, We now have a fix for this issue. Please, contact support, if you want to try it now. The fix will be included in CS 13.11 release. Best regards, Vad

hyvokar · ‎23-04-2018

Creating a new admin user fixed the issue.

Ukko · ‎13-04-2018

@hyvokar wrote: Can't really download windows updates, while FS is blocking all the connections.... Sounds as strange situation. Maybe it is possible to create fsdiag and transfer it to their Support. I think that there should not be such situation when F-Secure installation is blocking all the connections. But I'm not sure how it is designed with Business solutions (while some core-parts are with one view). My Home installation with 'restricted' bandwidth use for network (for example) and I did not feel network impact (but drive/CPU usage maybe). But there are potential impact with update/install databases after a delay with such process. For example, there was discussion about Home solution and somewhat related background: https://community.f-secure.com/t5/F-Secure-SAFE/Why-ULAV-is-killing-my-IS/m-p/104666 Thanks!

Vad · ‎11-04-2018

Hello HQJaTu, Did you try to contact support regarding the problem, that the product is not following the policy? I've just re-checked CS 13.10 and can't get CC activated if it is disabled, either from local client UI or from Policy Manager Console. Absence of Connection Control window also requires diagnostic information from affected machine for investigation. Regarding false appearances. Connection Control can be triggered, for example, by some bank advertisement/banner on a website not directly related to banking. Best regards, Vad

Laksh · ‎28-03-2018

Hi hyvokar, Sorry for not getting back to the post with an update. The reason why it was blocked was because the URL had 'warez' category. Our labs have removed the category for the URL since it is a legitimate download for Ubuntu.

GuerraTiago · ‎14-03-2018

KB3033929 e KB2685811 https://www.catalog.update.microsoft.com/Search.aspx?q=KB3033929 https://www.catalog.update.microsoft.com/Search.aspx?q=KB2685811

MJ-perComp · ‎08-03-2018

Sure, I only tried to explain the cause not justify it.

hyvokar · ‎23-02-2018

Thanks. Update has been planned and scheduled

MJ-perComp · ‎15-02-2018

+1000!

hyvokar · ‎09-02-2018

2018-02-09T12:30:51+02:00,info,appl control,C:\Program Files\dBpoweramp\CDGrab.exe,deny,connect out,6,144.198.82.156,80 2018-02-09T12:30:51+02:00,info,appl control,C:\Program Files\dBpoweramp\CDGrab.exe,deny,connect out,6,89.238.133.249,3000 2018-02-09T12:30:51+02:00,info,appl control,C:\Program Files\dBpoweramp\CDGrab.exe,deny,connect out,6,138.201.227.205,80 2018-02-09T12:30:51+02:00,info,appl control,C:\Program Files\dBpoweramp\CDGrab.exe,deny,connect out,6,89.238.133.249,3000 again... software blocked without first asking me. Let's see, if I can spend some time by opening tickets....

Vad · ‎01-02-2018

Hello hyvokar, 1) Please, contact support. We have a hotfix, which clears this table on clients, and this will lead to cleaning on PM as well. 2) and 3) are not supported in current versions. Best regards, Vad

About hyvokar

Re: Software updater "Could not install update"

Re: FSCSPr 13.11 How to turn on "notify me when installing updates" for multiple computers

Re: F-Secure Email and Server security strips random xls files

Re: False positive, after false positive...

Re: Ports used by PMC push installation?

Re: How to install hotfixes in PMC13.12

Betreff: Firewall alias question

Re: V14 firewall questions

Re: How to let new user to connect F-Secure policy manager console?

Re: Is Win10 v1809 supported ?

Re: PMC how to copy a firewall profile

Re: How to change update server?

Re: How to completely remove FSSS ?

Re: Cant add Firewall service

Re: How to read packet log?

Re: What is the purpose of [updateservices] firewall service?

Re: Feature request: Uniform client security status messages, no automatic scan with obsolete virus definitions

Re: Web content control - Secure Connection Failed

Re: How bad is this client-side firewall rule?

Betreff: Client Security 13.00 went broken?

Betreff: Policy manager 13.10 policy distribution status

Re: How long should updateing fscspr take?

Re: How to remove Connection Control from FSCS 13

Re: Illegal download false positive

Re: Error installing FSCSPr 13.10

Betreff: PM advertising old upgrades

Re: Web console not working

Betreff: Feature request: Allow resizing settings window in FSCS(Pr)

Re: FSCSPR13 blocking programs without notifying user

Re: PM: How to clear "unknown applications reported by hosts"