Jump to content
dp0mu8zgxl

"...from 0 Threats" Is A Little Underwhelming For A Boast?

Recommended Posts

The revolving banner line boasting about the 3million plus customers protected from x threats is now citing a threats counter of zero! Did you run out of displayable numbers (viz US debt bean counter)? Or is it for real? There's still 35 days left being cited on my 3 computer license. Update requests stilling running and rolling on both of the two (out of 3) machines so loaded. Puzzling.

[ Immunet Plus 3.1.8.9583 ]

 

post-29130-0-79188500-1398007264_thumb.png

Share this post


Link to post
Share on other sites

Phew, panic over.

It's back to the normal 71 million threats.

Did someone kick the tyres or something;~)

 

Oh dear, it's just gone back to zero again...

Metering problem?

Share this post


Link to post
Share on other sites

I've been monitoring the GUI for several hours now and haven't seen the numbers go to zero yet. This "glitch" seems to have rectified itself I guess. Never seen that happen before though.

Share this post


Link to post
Share on other sites

It returned to zero a little after my second post but I assumed somebody was working on it and left things at that. I also had checked on the tablet and it too back then was showing zero, so I felt the issue ought to be real appearing as it was on two devices. The timeslot is or was within 5-10mins or so of the report hitting your forum, ditto that for the image. Certainly glad I took a screenshot image for you...

 

In case of disbelief, if there is a repetition of this issue seen here, is there any other internal way pertinet to Immunet you could recommend that I use to record or otherwise validate the errant value seen here? Other than a straightforward screenshot?

 

Nearing 2.17am local here and, yes, your stuff is 'currently' showing 71,872,891 threats which is a slightly better boast than apparently 'protecting' against zero threats;~)

 

In my book, having seen it with my own eyes, this is NOT a glitch. If it's just cosmetic then it marks the software down in credibility levels. However if it is actually real then the value of the software is no better than trusting a/v protection to plain old luck. Trust is at issue, I'm surprised that you are apparently less concerned. If your software takes the trouble to highlight/advertise the numbers of threats protected against then, to be credible, it should be seen to be worthy of that trust and consequential belief.

 

As a matter of curiosity by what mechanism is that 'protected against' value calculated, authenticated or audited?

Share this post


Link to post
Share on other sites

I think that was the best way to go and it was a "good idea" to visually document this anomaly with your screen capture software. Glitch, what ever. Why mince words. I've used Immunet (Free & Plus versions) for years and have never seen this occur before! I do hope someone has looked or is looking into why this happened.

 

As far as how this data is calculated I have no info on that. That's something someone in Development would have to answer for you.

 

Cheers, Ritchie...

Share this post


Link to post
Share on other sites

Hi,

 

We are looking into this but like Ritchie said this is a very unique case. Usually when something is reporting 0 it means it is not connected properly, potentially a blocked network connection.

 

Can you open and run the command line as an administrator and run the command "net stop immunetprotect". wait a few seconds, then run "net start immunetprotect" It should give you a message like "Service is stopped" then "Service has started". If it gives you something else let me know. While you do this watch the Immunet interface. It should go grey when you stop it. Watch what happens when you start it again. It should colour everything up again and give you a popup of how many users there are and how many threats you are being protected against. Let me know what the message says

Share this post


Link to post
Share on other sites

[our posts crossed]

 

I've been using it for years as well - also back in beta days. Never seen this before now. I thought the screensave was the best way too.

 

If it were a glitch it still needs explaining... My workstation connects through a server to the router whereas the tablet is hooked up straight to the router. Yet BOTH showed the same zero presentations despite differing filtration arrangements. My server uses particularly severe filters (I wrote some of them) but even the router's settings could have an effect on Immunet's ability to utilise the various cloud connections that I have seen Immunet opting for and switching to... My point being whilst your use of various clouds unspecified is hardly tactile in the military sense it does make things difficult here trying to ensure your stuff stays hooked up/in whilst dropping virtually everything else ...if you get my drift.

 

Put another way more pointedly I have no way of knowing whether our filters REALLY ARE stopping Immunet seeing its database of threats and thereby your code factually pointing out an actual sum total of threats protected against as really being zero. Have I made this clear because in that scenario this really is not a 'glitch', it's a disaster.

 

The HOW of the calculated data might lend an angle on the WHY this occurred.

Edited by dp0mu8zgxl

Share this post


Link to post
Share on other sites

@rsmith: The service was stopped and started successfully. During the stop the SCAN NOW and the SETTINGS header bar background colour went from a normal default dark blue to a mid grey colour. The OS also complained about the sudden lack of antivirus protection in a tasktray popup. I think the protected/threats poll stopped but I cannot remember specifically. The protected/threats polling seemed to take its time restarting AFTER the properly coloured headers reappeared but I saw no other popup appear.

Share this post


Link to post
Share on other sites

Earlier I took the trouble to run the squid log back to around the time of the anomaly (4pm-ish) and saved it out as plain text. Suggest I email the file to someone - who? Probably not something you (or I) want blathered all over the internet.

Share this post


Link to post
Share on other sites

If it's not too large you could archive the file as a zip or 7zip file and upload that zip file as an attachment to an email and send that to Support at this address: support@immunet.com. Also include all pertinent information including the screen shot in the email and mention this topic you started in the Immunet Support (Issues/Defects) section of the forum. You could also create and send in a support dump if you so desire. Info on how to create and send a Support Diagnostic Tool report can be found here. http://forum.immunet...ic-tool-report/

 

Since you mentioned you do have custom filter sets in place and no one else has, as yet, reported anything relating to this issue I'm wondering if that is indeed the cause of the intermittent loss of the cloud connections. This is just an extrapolation on my part of course.

Share this post


Link to post
Share on other sites

>>If it's not too large you could archive the file as a zip file and upload...

Done.

 

>>Since you mentioned you do have custom filter sets in place I'm wondering if that is indeed the cause of the intermittent loss of the cloud connections.

That's why I'm taking the trouble to post this thread:-)

Share this post


Link to post
Share on other sites

BTW the custom filter sets are based on the server/workstation, they do not affect the tablet, hence the confirmation that I tried using and seeing this issue on the bare tablet hooked up to the router. The router has filters, yes, but none are 'custom' they are just the ones routinely available to each and anyone using a business class router and your Immunet Plus 3. Whereas the filters in the server protecting the workstation are, yes, 'custom';~)

 

I've only 10 more posts 'available' to me on this forum... Is this level of forum limitation appropriate for me? Am I deemed to be SO unsafe?

 

And it's now 1am ...well past my bedtime.

Share this post


Link to post
Share on other sites

Sometimes the hardware based firewalls that are included in many newer routers need to be manually configured to allow certain ports for Immunet to function properly. Here is a FAQ topic you may find helpful. http://forum.immunet...-your-firewall/

 

The posting limitations are there for a reason. We've had serious trouble with spammers in the past and this rule was set up to help prevent a plethora of spam threads being posted in one particular topic by the same user. This rule applies to all forum members not just you. We now have a handle on the spamming issue and I'm happy to say that the forum is 99.9% better than what it use to be because of the rules we have in place and a good deal of IP address blocking as well!

Share this post


Link to post
Share on other sites

FAQ was useful - I had Immunet32137 port redirecting ONLY UDP but have now amended that to ONLY TCP.

Normally I do NOT specifically redirect 443, have now set up a (?temporary?) port redirect Immunet443 for ONLY TCP.

Once again these are relevant only to the server/workstation, the tablet would've been and still is unaffected.

 

Almost all clouds are 'filtered' source incoming.

This does not usually affect our own masquerading (going out from here returning similarly).

So, if your stuff attempts things the other way around then it will fail.

In conclusion: Ports you nominate are opened, everything else is likely closed.

 

The explanation of your posting limitations was also helpful and I fully understand.

You will likely understand the necessarily severe limitations we put on what clouds can see of us;-)

  • Like 1

Share this post


Link to post
Share on other sites

Happening again ("0" threats) RIGHT NOW on my tablet connected via cell phone.

Workstation connected by broadband is showing OK.

post-29130-0-25299700-1398706932_thumb.jpg

Edited by dp0mu8zgxl

Share this post


Link to post
Share on other sites

PostEdit: photo of the tablet's screen

:: @1836hrs local it's still downloading (slowly) but with "0" threats

:: @1842hrs local it's now at 92% downloaded but now showing the ~72million threats !?

(removed picture as everything is just too slow and the forum code has error reports

 

PostEdit:

errors from forum code

 

Warning: Illegal string offset 'edit_post' in /home/immunetc/public_html/admin/applications/forums/sources/classes/post/classPost.php on line 2437

 

Warning: Illegal string offset 'edit_post' in /home/immunetc/public_html/admin/applications/forums/sources/classes/post/classPost.php on line 2214

Share this post


Link to post
Share on other sites

Real time report:

Tablet running rootkit scan OK after downloading updates/definitions.

Rotating header banner now showing ~72million threats OK.

Well... I tried to help you isolate the issue... Now it's back to a none issue again.

Am on some travels shortly, there may be a delay if you need any more data.

Share this post


Link to post
Share on other sites

My tablet (on a separate cellular data connection) is now showing "0 threats" and is currently about 60% of its way through downloading the files necessary to protect against ..."0 threats". Has it gone mad, is my eyesight up the pole or possibly... do you have a bug? The workstation is on a broadband connection but is on the same 3 machine license. Currently neither machine is showing the "same" threat count.

(2014-05-19 1704hrs local)

Share this post


Link to post
Share on other sites

The # of threats isn't a built in number into the Immunet code. It is a request taken from our data centres and returning the number of items we have flagged as threats. Obviously this is unrelated to the license key. I'm having difficulties reproducing this back here but to me it seems that it is related to the fact you have been updating. Immunet has a single threaded update process and it could be that it is busy updating your definitions that a http request didn't make it through. It could be a number of things, however.

 

As stated before it is best to email us at support@immunet.com as you will have a easier time uploading and sharing those important screen shots. It would also be helpful if you run the Support Diagnostic Tool as then we could check your log files at 1704 and see what exactly is happening.

Share this post


Link to post
Share on other sites

The # of threats isn't a built in number into the Immunet code. It is a request taken from our data centres and returning the number of items we have flagged as threats.

My thinking EXACTLY. Nothing to do with my license key, either machine or their different mechanisms used to get on-line. So you have an internal comms or updating issue within your own (cloudy?) mechanisms - again nothing to do with me or my stuff here.

 

Obviously this is unrelated to the license key.

Agreed. As above.

 

I'm having difficulties reproducing this back here...

Yes, that's obvious too;-) That doesn't stop it being a bug (in your internal mechanisms).

 

...but to me it seems that it is related to the fact you have been updating. Immunet has a single threaded update process and it could be that it is busy updating your definitions that a http request didn't make it through. It could be a number of things, however.

Flawed logic (about the relationship with my updating). I only look at the Immunet panel (and therefore observe the '0' threat scenario) when I manually update. That does not mean it only happens when I'm updating Immunet. Anyway I'm watching the squid log tail (which shows your stuff phoning home for the gzip files) and after all that is done and finished I've still seen the questionably erroneous "0 threats)... So, nothing to do with me, my stuff or anything here. I just happen to be the only one who has observed the issue AND taken the trouble to report it to you (eg for resolution). I'm assuming that everyone sees the same threat counter... So just put in a tiny programme loop that flags when the threat counter shows as being zero and then tally that with the logs of your errant internal inter-communications that precipitates the comms outage?

 

As stated before it is best to email us at support@immunet.com as you will have a easier time uploading and sharing those important screen shots.

The screenshots just show "0 threats" and they're not important unless you just don't believe me... Bluntly, my very basic problem is getting Immunet's prompt attention the second I see the issue in front of me. So that, presumably, you can then see the common indication that I presume is shown to everybody. Slightly amazed that I'm the ONLY one out of your apparent three million plus sites protected that has ever observed this issue. I repeat my earlier recommendation that you write that tiny programme loop and so get to spot it yourselves;-)

 

It would also be helpful if you run the Support Diagnostic Tool as then we could check your log files at 1704 and see what exactly is happening.

The issue is not ON my stuff or even happening HERE, it's on your stuff and happening over there. IOW my logs are irrelevant. You need to check YOUR cloudy logs!?

 

Meanwhile my license needed renewing. This has already been done and, this time, it's on a two year period for 3 machines.

 

My tablet's licensed Immunet Plus uses a different hookup to the internet - as earlier emphasized - and this mechanism is TOTALLY different to that of the workstation's access via its very protective server and router. The tablet still sees the "0 threats" issue though the timings seem slightly different - probably due to the ISP's network and/or proxy etc etc. The main point: it's on your stuff and in your area...

 

My uncle died a few days ago. I have been unexpectedly roped in as the only surviving Executor named on the Will. I am on the road shortly and expect to be otherwise engaged away from site for some time. I'd like to think, by the time I return, that you might've isolated your stuff's comms issue, fixed its repercussions (the "0 threats" irregularity) and had it all wrapped up invisibly to all of us users/customers...

Share this post


Link to post
Share on other sites

The SDT is our tool that comes with Immunet so when we have an issue a user can send us all the appropriate files related to Immunet giving us better access to help sort it out. The issue may not be related to you specifically, however, it is definitely related to your instance of Immunet specifically. The screenshots would be to help me see what you are looking at and when you are getting this message. My reasoning behind the update is not about your actions but whether that because Immunet is busy updating the request for number of threats has been sidelined. I wanted to know if you just left the main GUI open without running the manual updates if you get the same 0 threats message. If you have squid logs of this than that would also be helpful if you shared that.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

×
×
  • Create New...