Jump to content

Malwarebytes blocking fileshare connections


Recommended Posts

I have an interesting one for discussion.

 

We put MBAM enterprise on a file server on 4/1. Yesterday around 11am we learned no one on an OS older than Vista could connect to shares pre-reboot/Malwarebytes uninstall (this also affected Linux/samba)

 

My sys admins blamed MBAM and removed it during a reboot.

 

The console shows logs show MBAM running fine with nothing being blocked or captured. I can't see how MBAM might have been the root cause.

 

Are there any logs that might reside on the file server that might give me further insight?

 

 

Link to post
Share on other sites

  • 2 years later...

The answer above states "If it is running any server OS, then unfortunately Malwarebytes is not supported "....

But the System Requirements in MBAM for Enterprise states that Windows Server 2008 and 2012 are supported. We have also had the problems described above since installing Malwarebytes.

https://support.malwarebytes.com/customer/portal/articles/1835541-what-are-the-system-requirements-for-the-malwarebytes-management-server-console-and-client-?b_id=6520

Link to post
Share on other sites

In 2014 when this post was started, no server OS was supported by the client software. However that has changed with newer recent releases. Certain Server OS's are now supported by the agent software:

  • Windows Server 2012/2012 R2
  • Windows Small Business Server 2011
  • Windows Server 2008/2008 R2
  • Windows Server 2003 (32-bit only)

However, there are some environment roles which are unsupported. Do not install Anti-Malware to a server which runs:

  • Terminal Services (TS) / Remote Desktop Services (RDS)
  • Virtual Desktop Infrastructure (VDI)
  • Windows Storage Server
  • Server Core
  • Citrix XenDesktop
  • Citrix XenApp
  • VMware View
  • VMware VShield

 

Now as far as the file share connections, it is a known issue that the web blocker real time can interfere with connections to shared drives and applications running from shared drives depending upon the permissions set on those shares. Unfortunately this is not easy to solve as UNC paths are not supported in the ignore list on Anti-Malwares architecture. We instead have two workarounds; disabling the ABE (Access Base Enumeration) settings on the server hosting the share (must be a Windows server, Unix/Linux servers do not have this settings), and the other is creating an AD computer group with the machines having the issue assigned to that group, then giving that group rights over the shares. To troubleshoot your issue more fully, please email our business support team at corporate-support@malwarebytes.com

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.