Page 2 of 2 FirstFirst 12
Results 11 to 14 of 14
  1. #11
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Location
    Sunnyvale, CA
    Posts
    8,384

    Default

    It only requires 3 pass rules to avoid the false positive for Microsoft.

    Virus-Blocker-Lite-Pass-List.jpg
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  2. #12
    Newbie
    Join Date
    Sep 2012
    Posts
    8

    Default

    Quote Originally Posted by jcoffin View Post
    It only requires 3 pass rules to avoid the false positive for Microsoft.

    Virus-Blocker-Lite-Pass-List.jpg
    Thanks, but exceptions are not my issue here...I'm still getting alerts today from mid-February; before I created the exceptions. I'm not getting any new alerts, the exceptions worked. I'm going to just wipe the box and reinstall.

    Although, I agree with YeOldeStonecat to an extent...I don't mind adding some exceptions and that wouldn't be an issue, but you have to do it manually on every single box....centralized management is definitely a must to be able to scale with Untangle.

  3. #13
    Untangle Ninja YeOldeStonecat's Avatar
    Join Date
    Aug 2007
    Posts
    1,535

    Default

    Quote Originally Posted by jcoffin View Post
    It only requires 3 pass rules to avoid the false positive for Microsoft.
    Oh there's much MUCH more...I don't care about Microsoft updates (we handle much of those through our RMM..N-Ables patch manager) as much as Office 365 functionality. Seriously..it's a full time job until clam fixes this. It's just easier to remove Clam.
    https://support.office.com/en-us/art...1-355ea5aa88a2

    Just look at that above list....in the link.
    Ah...here..I'll copy 'n paste. And this is just for some Microsoft stuff that has hit us hard. There are other 3rd party updates, Java, Adobe, ...list is going on and growing.

    ***************
    Required: Office 365 Portal

    Client Computer | Logged on user

    *.office365.com

    See row three

    No

    Portal and shared IP ranges.

    TCP 443

    2

    Required: Office 365 Portal

    Client Computer | Logged on user

    Home.Office.com

    Portal.Office.com

    agent.office.net

    www.office.com

    outlook.office365.com

    See row three

    Yes

    Portal and shared IP ranges & Exchange Online IP ranges.

    TCP 443

    3

    Required: CDNs used for portal and shared

    Client Computer | Logged on user

    Prod.msocdn.com

    appsforoffice.microsoft.com

    Microsoft and Akamai

    No

    N/A

    TCP 443

    4

    Required: Shared infrastructure

    Client Computer | Logged on user

    Clientlog.portal.office.com

    Nexus.officeapps.live.com

    Various

    No

    Portal and shared IP ranges.

    TCP 443

    5

    Required: Certificate revocation lists

    Client Computer | Logged on user

    See well known certificate root CRLs in the table below.

    No

    No

    N/A

    TCP 80 & 443

    6

    Required: Some Office 365 features require endpoints within these domains.

    Client Computer | Logged on user

    *.onmicrosoft.com

    *.microsoft.com

    *.office.com

    *.msedge.net

    *.office.net

    *.live.com

    *.msocdn.com

    No

    No

    N/A

    TCP 443

    7

    Optional: Shared help and support

    Client Computer | Logged on user

    support.office.com

    products.office.com

    technet.microsoft.com

    Various

    No

    N/A

    TCP 80 & 443

    8

    Optional: Deprecated FQDNs

    Client Computer | Logged on user

    *.glbdns.microsoft.com

    No

    No

    N/A

    TCP 80 & 443

    9

    Optional: Azure Rights Management

    Client Computer | Logged on user

    *.aadrm.com

    *.azurerms.com

    No

    No

    N/A

    TCP 443

    *.cloudapp.net2

    No

    No

    N/A

    TCP 443

    10

    Optional: Microsoft Azure Active Directory RemoteApp

    Client Computer | Logged on user

    dc.services.visualstudio.com

    liverdcxstorage.blob.core.windowsazure.com

    telemetry.remoteapp.windowsazure.com

    vortex.data.microsoft.com

    www.remoteapp.windowsazure.com

    No

    Varies3

    N/A

    TCP 443

    11

    Optional: Office 365 Management Pack for Operations Manager

    Customer Operations Manager environment | Machine1 Account

    office365servicehealthcommunications.cloudapp.net

    No
    Resident "Geek on a Harley" in Southeast Connecticut, USA.

  4. #14
    Banned
    Join Date
    Nov 2014
    Posts
    192

    Default

    Just add exclusions to all MS product updates. Problem solved.

    Virus Blocker Lite (CLAMAV) - Clam is good at recognizing bad packers, for that it's wise to keep it running. It can nail some unknown malware by the simple virtue of it's strong packer recognition. That's why I like it. Also our lab submits directly to ClamAV, so it is relevant for my home use to ensure ClamAV gets some really nasty stuff other products might miss. Otherwise, yes, it's mediocre at best and we all know that. But it serves a purpose IMO.

Page 2 of 2 FirstFirst 12

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2