Endpoint Protection

 View Only

  • 1.  SEP Firewall block Windows Novell Client

    Posted Jul 02, 2009 01:26 PM
    I have a problem running scripts on PC's with windows novell client, the following message appears:

    "Login - LGNWINT32.DLL - 890. "

    The network map do not appear.

    Only when allow the firewall rule "Block all other traffic", it's work.

    I tried setting up a new rule for novell protocols (IPX) in Firewall, but does not work.


    Thanks!


  • 2.  RE: SEP Firewall block Windows Novell Client
    Best Answer

    Posted Jul 02, 2009 02:11 PM
    Change a client in Client Mode.
    Allow the the Rule "Block all other Traffic" but put it on LOG the traffic.
    run your scripts.all the traffic will get logged.
    Monitor the logs
    Then Block the Above rule ..again run the script for novel and monitor the logs...

    You will get exactly what you need to allow.
    then create a specific rule for that traffic/Application/port 


  • 3.  RE: SEP Firewall block Windows Novell Client

    Posted Jul 07, 2009 11:55 AM
    Hi,

    I will try it, then I give you feedback.

    Thanks...


  • 4.  RE: SEP Firewall block Windows Novell Client

    Posted Jul 10, 2009 07:24 AM
    Hi,

    in log traffic details show the block traffic:

    Ethernet II (Packet Length: 98)
    Protocol: IEEE 802.3 Frame

    I have many blocked log with different Ethernet protocol type:

    0x023
    0x054
    0x063
    0x02B
    0x029

    I can not add this protocols in a new Firewall rule, because, when I type 0x023, show me 0x23. It's different?

    Only works when I add new rule with the Ethernet protocol, but does not define the type.

    I think that is not secure.

    Thanks for your help.



  • 5.  RE: SEP Firewall block Windows Novell Client

    Posted Jul 10, 2009 10:07 AM
    I tried adding this and this got added as - Ethernet 0x23 
    So I would recommend that you can test it by adding all these 5 Ethernet Protocal in your Firewall Rule.
    It should work.