ESET Smart Security 4.0 preventing proper wireless connectivity

[d3v]

Ok, my friend's laptop cannot connect to his wireless router due to smart security 4.0. The wireless router signal can be seen by the laptop and accepts the WEP key but hangs on "acquiring network address"

I know NOD32 is to blame because as soon as I UNticked the "eset personal firewall" item in the wireless adapter properties box the wireless adapter icon in the system tray suddenly became stable and internet access worked just fine.

I configured smart security tediously for hours to tweak it just right for my friends laptop but I obviously missed something here but have no idea what!?!?!

Please advise.

[DKT27]

Throw ESET SS away and use ESET Anti Virus only + Comodo firewall. ESET's firewall is the worst a person can get.

[myidisbb]

Ok, my friend's laptop cannot connect to his wireless router due to smart security 4.0. The wireless router signal can be seen by the laptop and accepts the WEP key but hangs on "acquiring network address"

I know NOD32 is to blame because as soon as I UNticked the "eset personal firewall" item in the wireless adapter properties box the wireless adapter icon in the system tray suddenly became stable and internet access worked just fine.

I configured smart security tediously for hours to tweak it just right for my friends laptop but I obviously missed something here but have no idea what!?!?!

Please advise.

2 things come to mine.

1st make sure there isnt a rule to not allow the connection in the este. rules and zone area. edit apply and okay it.

2nd make sure win/vista firewall is not stil enabled while running este firewall.

[d3v]

Throw ESET SS away and use ESET Anti Virus only + Comodo firewall. ESET's firewall is the worst a person can get.

Ok I will do that setup next time I format a new build, but this goes back to it's owner tomorrow and so I cannot be doing with the hassle this time, but I will use that combo you reccomend from now on!

2 things come to mine.

1st make sure there isnt a rule to not allow the connection in the este. rules and zone area. edit apply and okay it.

2nd make sure win/vista firewall is not stil enabled while running este firewall.

Ah I do remember coming across that area of Smart security's configuration settings and was scared away fairly quickly by how complicated it seemed.

Well I've made a few changes here and there and I think it has indeed solved the issue so thank you for that, but I would like to learn more about this "rule and zone" area is more depth. ESET's help file is not so helpful at explaining much. Do you know of any guides about how to properly setup this area of smart security?

In the zones box there is multiple entries for certain programs, why?

Thanks.

[HX1]

1. I would say that you need to properly configure the network for Strict or for Trusted.. each time you connect to a network, you initially have to pick one of two choices. one will allow the use of the compute on a network an will allow it to be seen by other machines and devices on the network...The other will not, in which case you must set up the system as DMZ in your router..( long list of other considerations as well here ).Mine is set for a Trusted Zone

2. Make sure that Interactive mode is chosen, in your Firewall settings, and take these other areas into consideration..'IDS and Advanced' this area can be too strict for your particular hardware or network and even your DNS server.. to properly allocate a connection.. some areas are trial and error through the list. Best way is turn them all off and turn one on at a time to make sure nothing is incompatible..in both Allowed Services and Intrusion Detection..

EDIT: The Rule Editor is for enabling or disabling the interaction of various programs with areas of your compute like interacting with Explorer, and is also used for traffic shaping and authorization of the programs and resources of your network..

The one above that should be the one you need to address.. this area should be left alone..They should left for the owner to discern what they want through and why..

[d3v]

1. I would say that you need to properly configure the network for Strict or for Trusted.. each time you connect to a network, you initially have to pick one of two choices. one will allow the use of the compute on a network an will allow it to be seen by other machines and devices on the network...The other will not, in which case you must set up the system as DMZ in your router..( long list of other considerations as well here ).Mine is set for a Trusted Zone

2. Make sure that Interactive mode is chosen, in your Firewall settings, and take these other areas into consideration..'IDS and Advanced' this area can be too strict for your particular hardware or network and even your DNS server.. to properly allocate a connection.. some areas are trial and error through the list. Best way is turn them all off and turn one on at a time to make sure nothing is incompatible..in both Allowed Services and Intrusion Detection..

EDIT: The Rule Editor is for enabling or disabling the interaction of various programs with areas of your compute like interacting with Explorer, and is also used for traffic shaping and authorization of the programs and resources of your network..

The one above that should be the one you need to address.. this area should be left alone..They should left for the owner to discern what they want through and why..

Hi m8.

I think that was the problem to begin with... i totally forgot about those two options and as a result, it had been left on "strict" mode rather than "sharing".

I've tweaked the "IDS and advanced" options to what I think is a little more lenient and flexible.

Ok I've changed from automatic mode to interactive, but I remember doing this on many machines before and never had the frequent NOD32 system tray pop up balloons asking me if I should accept or deny this or that connection. Hardly interactive like they call it! Or am I getting confused with learning mode? I don't think so though, as learning mode never seemed to have the balloon pop up requests, either?!?!?!?!

Here's my rules and zones settings. can you guys see anything wrong?

[spootnack]

Throw ESET SS away and use ESET Anti Virus only + Comodo firewall. ESET's firewall is the worst a person can get.

+1

Personally I use Outpost Pro but is the same level as Comodo or OA. B)

++

[RadioActive]

Throw ESET SS away and use ESET Anti Virus only + Comodo firewall. ESET's firewall is the worst a person can get.

+1

Personally I use Outpost Pro but is the same level as Comodo or OA. B)

++

I agree, but I believe Outpost is the best, and they even offer a FREE version ;)

[DKT27]

*Cough* *Cough*. COMODO firewall is also free.

[LeetPirate]

Throw ESET SS away and use ESET Anti Virus only + Comodo firewall. ESET's firewall is the worst a person can get.

+1

Personally I use Outpost Pro but is the same level as Comodo or OA. B)

++

I agree, but I believe Outpost is the best, and they even offer a FREE version ;)

nah -2 I say. The laptop he is fixing is for someone else, first up Outpost is lame in my book. It takes them twice the resources to accomplish the same thing as other firewalls, rubbish if you ask me. Just look at the outpost setup alone, Outpost Free setup is almost 2x the size of Online Armour firewall.

Comodo firewall is great but you have to actually install the Internet Security package and tick firewall alone, I don't think they offer the firewall standalone anymore but that is not really the point I want to emphasize; in my view Comodo is a little harder to learn to operate especially if you are installing it for another person who has never used it before, they might have a hard time learning to use it.

My suggestion is Install ESET Anti-Virus, a task which you can easily accomplish, just install it over ESS, it should automatically remove ESS. For firewall use Online Armour Free especially since it isn't your laptop. Online Armour presents its data in the simplest of ways for anyone to understand, took me the shortest period of time to understand it as compared with others.

[DKT27]

Yes Comodo can be a little hard for the people who are not known to firewalls. But you can set some settings that will not screw their mind. Like keeping Defence + and Firewall to training mode. But I haven't used Online Armour yet so I will not say anythin about it.

[HX1]

1. I would say that you need to properly configure the network for Strict or for Trusted.. each time you connect to a network, you initially have to pick one of two choices. one will allow the use of the compute on a network an will allow it to be seen by other machines and devices on the network...The other will not, in which case you must set up the system as DMZ in your router..( long list of other considerations as well here ).Mine is set for a Trusted Zone

2. Make sure that Interactive mode is chosen, in your Firewall settings, and take these other areas into consideration..'IDS and Advanced' this area can be too strict for your particular hardware or network and even your DNS server.. to properly allocate a connection.. some areas are trial and error through the list. Best way is turn them all off and turn one on at a time to make sure nothing is incompatible..in both Allowed Services and Intrusion Detection..

EDIT: The Rule Editor is for enabling or disabling the interaction of various programs with areas of your compute like interacting with Explorer, and is also used for traffic shaping and authorization of the programs and resources of your network..

The one above that should be the one you need to address.. this area should be left alone..They should left for the owner to discern what they want through and why..

Hi m8.

I think that was the problem to begin with... i totally forgot about those two options and as a result, it had been left on "strict" mode rather than "sharing".

I've tweaked the "IDS and advanced" options to what I think is a little more lenient and flexible.

Ok I've changed from automatic mode to interactive, but I remember doing this on many machines before and never had the frequent NOD32 system tray pop up balloons asking me if I should accept or deny this or that connection. Hardly interactive like they call it! Or am I getting confused with learning mode? I don't think so though, as learning mode never seemed to have the balloon pop up requests, either?!?!?!?!

Here's my rules and zones settings. can you guys see anything wrong?

I am going to say that you have your network configured wrong, based on the last picture which shows your DNS Server address, and the HUGE lack of information in this area...Not to mention that they are incorrect.. Looking over your firewall settings.. nothing seems to be wrong...( compared to my own )

So I think while everyone here is always so eager to dis-credit ESS, and send you installing a hundred programs..based on their personal preferences.. I don't believe it is the cause of your issue.. Have you ever connected another system to your network in the past? .. and have you went over your network settings in Windows? There are settings for both your router and your system to be considered...You don't even have an address for an outside DNS server.. therefore no connection to the Internet or router.. You also only show a connection to your home network address allocation. At minimum you should have a DNS server address to be that of which address you use to directly connect to your router.. ( 192.168.1.1 in some cases ) ..

My final assessment is that you either have to address settings that are in the computer for the wireless connection properties.. or you need to re-configure your settings in your router to work for a network configuration of this kind.

[RadioActive]

*Cough* *Cough*. COMODO firewall is also free.

Yes Comodo can be a little hard for the people who are not known to firewalls. But you can set some settings that will not screw their mind. Like keeping Defence + and Firewall to training mode. But I haven't used Online Armour yet so I will not say anythin about it.

It's true, but COMODO can be a pain in the a** even for someone like me, while Outpost is very flexible with a huge database with preconfigured rules for A LOT of applications which makes it better imo :P

When I used to use COMODO I had to manually set like 4 or 5 different rules just to for port forwarding (uTorrent) while in Oupost I had to set NONE, it automatically configured it properly :D

My point is if both are excellent products why not choose the easier to use ;)

[DKT27]

Well I haven't felt any trouble in Comodo. I didn't felt any problem even for port forwarding. And as I said, it will not ask any questions when set to training mode. Training mode would be for blocking only known bad connections.

[d3v]

Hi guys here's the update.

Heath2m yes you're suspicions were correct - there was some underlying network configuration issues which I am now pretty certain is down to the remnants of "virut" infection the laptop contracted a few weeks ago and which a reformat cleary had not gotten rid of fully.

Well I've wiped the disk 3 times and did a full (not quick) reformat so fingers crossed this infection is completely gone.

What I am worried about is the virus is present in a piece of standard software I always install on fresh systems because I have had multiple "virut" outbreaks on various freshly formatted systems yet every virus//malware scan on my external drives returns clean results. And yes "scanning inside archives" is checked where the option is given.

I tried comodo and it is a little too complicated for me nevermind the owner of this laptop. I'm going to install Outpost now.

Thanks guys!

[DKT27]

I would say if Leet recommends Online Armour Free, you should go for it.

[HX1]

If you shred the drive and it is still there then it most definitely is in something your putting in to it..Or rather something that has targeted something that has come into contact with.. Looking at its definition.. looks like a nasty little !@#$%^.. I think I just put on my computer's face mask...

Thats the hard part of some of these infections these days.. what they are doing is harmless..yet ends in destructive ends.. and the only way to stop it is with HIPS, LUA, and/or SRP.. unfortunately when you are setting one up its just easier to leave it all open.. Maybe you should go ahead and install everything get it like you want it.. and then cleanse the system .. the way I discussed over in the other thread..and you should be able to keep a close eye on things and be able to trace down the source of the problem which may be even on install discs..ESS has detected several discs and USB's for this..that I have seen.. So you may want to be careful of anything you don't get or didn't get directly from the source company/producer.. Or you didn't create yourself..Would narrow it down a bit..

[shought]

@DKT27

Calling ESET's firewall the worst one can get is rubbish ;)

[spootnack]

Even if this is not a reference: http://www.matousec.com/projects/proactive-security-challenge/results.php

++

[DKT27]

@Shought: My personal experience. It used to block my connections for no reason. I made many rules. Like to allow FF no matter what ever happens. But it used to block FF :huh: . FF is just an example. It used to block many programs that are not really unsafe to use.

[HX1]

Uhh.. I dunno .. but I get really tired of every thread turning into a discussion about who's firewall drags the floor.. no matter what it concerns in truth..

[shought]

Was just pointing out that you can't just call a firewall 'the worst you can get' ;)

Anyhow, using COMODO with NOD32 is better :)

@d3v

There's not many viruses that survive a reformat... which program(s) do you suspect of causing this infection? Maybe list some here.

[DKT27]

I know you were jokin. The reason for the last post was that I had never specified why I wasn't happy with ESET's firewall.

[HX1]

Yeah I actually never see anyone do that..

[LeetPirate]

Uhh.. I dunno .. but I get really tired of every thread turning into a discussion about who's firewall drags the floor.. no matter what it concerns in truth..

It usually ends that way because it always begins with the same problem, ESS. Why beat around the bush going through ESS firewall settings with a fine tooth comb trying to help another person's setup when it is much easier to recommend a firewall that is actually user friendly and works out of the box. In my experience with ESS, it sometimes lies about things. The firewall says things are open but in the advanced rule settings they are missing, when I tested it the first time UPnP was supposedly open according to the firewall status, in reality it never was, the rule was missing yet ESS insisted it was unblocked.

I always recommend Online Armour for people who just want a simpler way to get a good enough firewall solution without the needing to have expert knowledge.

ESS does not come anywhere close to what user friendly is supposed to be.