Ayuda de vídeo de Screencast
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

Issues displaying HTML stored on a UNC path.

Created: 06 Febrero 2013 | 11 comments

Ok here goes..

Since rolling out SEP to  multiple sites for one of our clients, they are unable to display html pages which are part of a very crude intranet.

The "intranet" is simply HTML pages that are stored on a network share.

At 4 of the 5 sites belonging to this company the pages display fine, just the same as they did before. But at one of the sites the pages seemingly quite randomly do not display all the content on the pages. For example there are 5 images in a row accross the top of the home page, when you open IE, it may display the first 2 images, if you refresh the screen it may display the second and forth, and each subsequent time you refresh differant images will display and others will not. There is also a menu down the left hand side with some basic JS rollovers and links, this menu will never display, it just shows text links.

If I attempt to open the homepage in a differant browser, say chrome for example, it works fine.

I notice that in IE the path can be manually entered as file://servername/dir1/dir2/dir3/home.html and IE will change this to \\servername\.\.\home.html

I also noticed that some of the UNC paths in windows explorer were being displayed the same, rather than having the full path is display as \\blabla\.\. One user reported today that she is having trouble copying to a network share, I need to investigate but I think this is related.

So I disabled SEP, this has no effect. Next I uninstalled SEP, and low and behold the intranet starts working again immediately, UNC paths go back to working normally.

Any ideas?

Comentarios ComentariosIr al último comentario

el cuadro de los Ajit Jha

Is SEP Agent installed on your Intranet Server which is hosting your HTML Page? If yes disable NTP on both the clients and chack the web page.

Also is there any aprticular port on which your HTML pages is created, if yes then allow that page from Firewall.

Regard's

Ajit Jha

Technical Consultant

ASC & STS

el cuadro de los SebastianZ

Try to remove the Firewall from one of the installed clients and check if in this configuration it works fine?

el cuadro de los James-x

Helo PCob,

It sounds like this may be an issue with SEP's Browser IPS or IPS component, but some quick component isolation would allow you to confirm this.

Please install SEP without the Intrusion Prevention (IPS) component. Be sure to restart after the installation completes. Once this is done, test the issue. Does it still occur?

What web browser is your customer using?

Let me know and I'll provide next steps from there.

James

The Symantec Endpoint Protection Knowledgebase

Please remember to mark the post which resolved your issue as the solution!

el cuadro de los PCob

Thanks for all your feedback and suggestions.

We will give these things a try and see how we go.
I will post an update with the results.

el cuadro de los James-x

Sounds good.

If not installing the IPS component fixes the issue, reinstall SEP with that component and then go into the SEP client GUI and try disabling Network Intrusion Prevention and Browser Intrusion Prevention one at a time. This will help narrow the issue down further.

James

The Symantec Endpoint Protection Knowledgebase

Please remember to mark the post which resolved your issue as the solution!

el cuadro de los phantomgoose

Hi,

I work with Paul and have tried the suggestions posted above and so far no good.

SEP is installed on the server hosting the intranet however there are other sites in different states that all connect back to the same server and have the same version of SEP and they do not have any problems.

The html is not being fed through HTTP the html files are opened directly. I have loaded the intranet into IIS and the pages work fine however this problem affects ANY UNC path not just the intranet. So it can block document access and breaks all the UNC links on the intranet so using IIS is not a solution.

The firewall component has not been installed at any point.

Disabling and then uninstalling IPS and Network Intrusion Prevent has had no effect.

There is nothing in any of the logs files on the client to indicate why UNC paths are being truncated.

Cheers,

Robert.

el cuadro de los James-x

Hi Robert,

Thanks for the update.

Just to confirm, when you uninstall SEP (and the problem goes away) you're uninstalling SEP from the server and not the client computers, right?

James

The Symantec Endpoint Protection Knowledgebase

Please remember to mark the post which resolved your issue as the solution!

el cuadro de los PCob

If we uninstall from the client computers the problem is resolved for that client computer.

el cuadro de los PCob

We have tried all your valued suggestions and have had no luck. 

Google chrome installed and this works fine with the intranet.

Another thing noticed. This is an error message that users in one of the offices are getting.

Could this be pointing to there being an autorun.inf virus? 

el cuadro de los James-x

Hello,

Autorun.inf can be used legitimately or it can be used maliciously. Its presence does not, by itself, indicate a virus. If you open the file in Notepad, you can look it over to determine what file it wants to launch. You can use that as an indication of whether or not this is a malicious autorun.inf file.

James

The Symantec Endpoint Protection Knowledgebase

Please remember to mark the post which resolved your issue as the solution!

el cuadro de los James-x

Hello Pcob,

Back to the original issue...

I need to have you perform more component isolation on an affected machine so that we can trace this issue down to a particular protection technology in SEP. (There are many protection technologies, so without knowing which one is causing your issue, I'd just be shooting in the dark.)

It is important to work with the same machine each time so that we get consistent results.

Please modify the SEP installation (via Add or Remove Programs) and remove all the protection technologies except for Core Files. Once this has been done, reboot the computer and test to see if the issue occurs. If the issue does NOT occur, then we know one of the protection technologies is the cause and you need to add them back in one at a time (rebooting each time) until the issue occurs again. This will allow us to determine which technology is as fault.

If the issue continues to occur with only Core Files installed, then it is likely a SEP driver is causing the issue and I will provide different next steps.

Let me know how things go and we can proceed from there.

James

The Symantec Endpoint Protection Knowledgebase

Please remember to mark the post which resolved your issue as the solution!