eEye Digital Security

Forgive me if there is an answer to this somewhere. I couldn't find it through the search engine.

I'm using Blink Personal 4.4.3 on six computers on my network. I have seven computers and a laptop, the seventh computer has Kaspersky Beta for Win 7 and is running Win 7 32 bit. My laptop is running F-Secure 2010 and is on Vista Ultimate 32 bit. Of the other six computers on all of which Blink Personal is installed, 2 are on Windows XP Media Center 2005, 2 are on Vista Home Premium 32 Bit, 1 is on Vista Ultimate 32 bit, and one on Vista Ultimate 64 bit.

On all my PCs, I have 8 hard drives. I share 7 of these drives with full network access with all the other PCs, and have a 'shared' or 'public' folder (depending on OS) on the system drive. I am climbing the wall trying to set rules that will allow all computers to access each other. I use a Netgear router with static IP addresses between 192.168.0.2 and 192.168.0.50, the gateway being obviously 192.168.0.1. I have tried allowing all local IP addresses and all ports on these in the firewall in both directions, but am not getting complete sharing. The two XP Pro(Media Center) PCs cannot see each other, but can see all the Vista and the Win 7 machines. The Vista machines can see each other, but not the XP machines.

Previously, all the machines had F-Secure 2009, but on the forced update to 2010 by F-Secure, I could not access some parts of the rules sets in F-Secure - user tweaking had become very limited. Nevertheless, I had no problems with network shares. However, being unable to do some things, I lost patience with F-Secure, and decided to give Blink a try out. I liked it after using on one machine with no problems, and bought six licences and installed it on six of my PCs, thereby ceasing a 10 year loyalty to F-Secure. Now I'm tearing my hair out because I can't get free access between all the PCs, and can't figure out what I'm doing wrong.

What I need is allowed network shares, with full permissions on non system drives allowing 'everyone' to view and edit all files, plus full permissions on the shared or public folder on the system drive, but no network access to any other files on the system drive.

Can anyone suggest a simple rule that I can incorporate in my configuration that will restore full network access like I had with F-Secure between all machines and all Windows NT based operating systems ?

 (I don't think the problem is a Windows one. It worked fine with F-Secure, and works fine if I turn off Blink Personal. The only change I made at the same time as installing Blink was to change one PC from Vista Ultimate 64 bit to XP Media Center 32 bit to give the setup described above. If someone thinks it may be a Windows problem I haven't thought of, I will gladly read the comment).

I will be forever grateful if someone can provide a solution !

With a very red face, I have to report that I have solved my own problem ! - Too used to Vista and Windows 7 ! - Even though I had shared the drives and folders on XP, I had not run the network sharing wizard..... It doesn't stare you in the face like the Network and Sharing Centres in Vista and Windows 7 !

As soon as I did this, all began to work again. I had installed BOTH XP PCs after removing the previous AV suite, and as I said, although I had installed Blink and created local network rules, I had NOT run the Network Setup Wizard ! Silly Me !

 However, perhaps this will help future queries if anyone else is as silly as me.....

Nope. That was premature. I've now got one of the XP PCs contactable by everyone on the network, but the other remains stubbornly unavailable. I've compared Blink rules on both and they are identical. Shares are set identically (even went into safe mode to make sure permissions were there). Yet it refuses to be available to either the other XP computer or the others.

Seems like it may be a Windows problem, if anyone has an idea. If you think it may be Blink, let me know where to look please .... !

     Alright, dumb question #1.  Do you have both the "Client for Microsoft Networks" and "File and Printer Sharing for Microsoft Networks" checked under the network adapter of the computer that the other computers can not see?

     Dumb question #2.  Are you using Simple File Sharing on all of your computers or are you using the advanced set of NTFS permissions for controlling file permissions?  Whatever your using, it needs to be uniform on all systems.  This setting is at the bottom of the list on the "View" tab under folder options.  Called "Use Sharing Wizard" in Vista and "Simple File Sharing" in XP I think.

Right Click Start >> Explore >> Tools >> Folder Options >> View Tab

     Try temporarily placing Blink's firewall (on the system that the other systems can not see) in Passive Mode or turn it off and try again too.  Another thing you can do is to save your current Blink configuration somewhere, delete all your firewall rules on that one machine, and let Blink start prompting you to create new ones as you attempt to connect to that machine from another one.

 Well, you could switch the Blink firewall to Passive mode on all systems reboot them and see if that works. If it works, then you could go into the logs . look for Firewall events generated by the Passive mode and right click on the events to create rules as needed.

Please post here what rules you needed to created if that's the case.

Thanks, Inicula.

Will try that, then post back here and edit this post with results. I presume I only need to put the offending machine into passive mode ? Anyway, we'll see and I'll post back.

Edit : still getting the dreaded error message :

Of the 8 drives on this machine, only the system drive is not shared. File and Printer sharing is turned on and 'everyone' has 'Full Control' of all shared drives. I even went into safe mode to make sure the permissions were as they should be. As I said, all other computers are OK now, just this one causing problems.

Hardware on this PC : -Twin PSU (1.2Kw), 6 fans, 8 x Seagate 500 GB drives, four PATA interface, + 4 SATA II interface, OS is on a SATA II drive, 2 x PATA DVDRW drives (HL-DT-ST_DVDRAM_GSA-H62N), 4GB DDR2 PC5300 (667MHZ), Motherboard Gigabyte MA790FX-DS5, processor AMD Phenom 9950 four core, 2 x Nvidia 8500 GT Graphics cards in SLI, Dual DVB-T TV Tuner (Pinnacle) in PCIe. Network connection is on board Nvidia nForce Gigabit network adapter, with CAT 6 cable to Netgear 8-Port Gigabit Switch to which all other PCs are connected before going to Netgear RangeMax ADSL modem Router, DG834PN.

Software - XP Media Center 2005 with SP3 and all MS updates to date, Office XP 2002 Professional with all updates. Full VSO suite, and Full AVS Suite, Peer Guardian 2, Win Patrol 16, TuneUp Utilities 2009, Winamp, dBpowerAMP, both full pro with all extra codecs, K-Lite Mega Codecs Pack, Azureus/Vuze 4.2.0.8, and not much else.

Will leave for a while then check logs......

Looking through the services and security options on the offending PC, I could not find anything wrong with the Windows settings.

However, I CAN access particular drives on the PC by using \\ITCNVRT3\L in the 'Run' command. So, to simplifiy this, I made shortcuts to all shared drives in the Shared Documents folder, then run \\ITCNVRT3\Documents, and from there have access to all drives and shared folders that have shortcuts in the Documents folder. This works fine from the other XP computer, but from Vista machines there are a few problems. Some of the drives are accessed no problem, others are not accessible or think they are DVD drives, although if I try to access them with their actual share names (e.g. \\itcnvrt3\Storage2 (P) ) this works.

A pain in that it is not simply a double click, but at least it IS allowing access.

I can only think there is some corruption in the security policies.

I am quite satisfied that it has nothing to do with Blink Personal.

Before anyone suggests it could be to do with previous AV suites imperfectly uninstalled, I ran a force uninstall programme and DID get some F-Secure and Netgate registry files deleted, but this had no effect on my problem, however it could be that the uninstallation of these programmes played some part in corrupting some files and/or registry entries

So, my conclusion must be that due to some corruption in the security policies, I will just have to suffer this until I can do a full destructive recovery.

The other XP computer was a fresh install and Blink was installed immediately after finishing the Windows install (It had been on Vista 64 bit, but I was getting fed up with problems on this version. I still have one on 64 bit for testing, but prefer Vista 32 bit and XP 32 bit for ease of use. - Nothing wrong with Vista 32 bit, it just needs a powerful computer, - 64 bit would be better if more software and hardware companies would supply 64 bit versions of software and drivers.

Thanks also to Blue, but I used to be a network administrator (albeit it with NT4 then 2K) and am at present working part time as a repair tech,  and have experience in XP, Vista, and Windows 7, (not to mention fond memories of 2K, and not so fond memories of NT4 and 3.1 !) so these suggestions were already covered ! Blink is installed on all the machines that could not access the offending computer. I bought 6 licences, and will probably buy one for my laptop. I will wait for the final release of Blink for Windows 7, but am quite happy with the Kaspersky beta for the moment - may consider the Win 7 beta, though..... - we'll see.

The simplest answer of all for easy and secure networking would be to upgrade all to Windows 7, but that would require a large financial outlay !

I did install and run SubInACL and run a .bat file to clean up some permissions, but this hasn't had any effect on the problem.

When I can face the  job of backing up application data, etc. (Thank the lord for File and Settings Transfer Wizard and mozbackup ! - AZ/Vuze is simply a matter of copying programme folder and applicaion data folders and pasting and overwriting) and doing a re-install, I will post back here if it has been successful, and with any comments that may be helpful to others coming up against this problem.

christk01:

When I can face the  job of backing up application data, etc. (Thank the lord for File and Settings Transfer Wizard and mozbackup ! - AZ/Vuze is simply a matter of copying programme folder and applicaion data folders and pasting and overwriting) and doing a re-install, I will post back here if it has been successful, and with any comments that may be helpful to others coming up against this problem.

Acronis True Image!  I love that program for backing up things.  It allows you to make an .iso file that you can use to make all the fully funtional bootdisks that you want to from.  Good for hopping from computer to computer with an external HD to save and transfer data.

http://www.acronis.com/homecomputing/

Yeah, thanks, but I don't think i want a 'true image' of the drive.

Need a format and fresh install to get rid of any file corruption !

For that same reason will probably not use FAST wizard either, just mozbackup and copy of AZ/Vuze. OK, I've got all the progs to re-install, but that can sometimes be an enjoyable way of passing the time.......... :)

Acronis does wiping, individual file(s) backup, etc...all-in-one product.