ADNM & the Virus Chest

I have searched the forum and have found an answer (that could help or understand) for the question I am going to post.

In the adnm when I click on a computer within my computer catalog and try to connect to the pc’s virus chest I get the following error message:
Description: Virus chest server is not running. RPC communication failed. I have attached screenshots of the error.

Is this problem on the pc side? Do I need to add something to the windows firewall to allow this?

The “remote chest” feature is enabled and in the pc’s avast.ini file the following setting is there “RemoteAccess=1”.

The pc’s run Windows XP SP2.

Thank you for your help.

Is the Windows Firewall enabled on that machine? That would explain it…

Yes it is. On all of our computers.
Is there some setting I can add to the Windows Firewall?

Yes. You should enable ports tcp/135 (which is probably already enabled - this is the NetBIOS/RPC port), and tcp/16108 (that’s the virus listener port).

Thanks
Vlk

Just curious, but after installing the avast net client on all my computers at work, being “net clients”, why are the ports not opened upon installation? I have had to go back and manually open them on all 17 computers on my network. Just curious.

David Raynor

Awww…poor baby - all 17! :slight_smile:

I have to do it for about 80! :cry:

Your saying the installation of avast should automatically create these “holes” in the Windows Firewall…? I’m not sure that’s the best idea (at least not by default).

Why not set the firewall rules via Group Policy? AFAIK Windows Firewall is configurable via GP…

Cheers
Vlk

Just to make it more clear.

In GPO computer Configuration - Administrative Templates - Network - Network Connections - Windows Firewall - Domain Profile
add a Define port exceptions. I use the following line there

16108:TCP:192.168.0.0/24:enabled:Avast Virus Chest

port:protocol:network:enabled/disabled:Information

Hope it helps you

We have decided to create the firewall rules automatically. That is, the next update of avast will create the necessary rules by itself (i.e. no further action will be necessary).

Cheers
Vlk

Well, in my case, I have 100 PCs on a workgroup. This was not my idea! Trying to get car dealerships to spend money correctly (ie: XP Pro clients on a 2003 domain instead of 100 XP Home PCs in a workgroup) is a bit tough. Group policies don’t apply to XP Home PCs since there is no domain to work with.

Unbeliever, check this one out for some shortcuts on punching holes in the MS Firewall.
http://forum.avast.com/index.php?topic=24457.msg204169#msg204169

As I said - the upcoming avast update (due very soon) will create these holes (well, “exceptions”) on its own…

Cheers
Vlk