Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Issues with curl when running on Windows with chrome or headless option #111

Closed
kensoh opened this issue Mar 31, 2018 · 4 comments
Closed

Issues with curl when running on Windows with chrome or headless option #111

kensoh opened this issue Mar 31, 2018 · 4 comments
Labels
query

Comments

@kensoh
Copy link
Member

kensoh commented Mar 31, 2018

Raising an issue on behalf of users so other users may benefit. Symantec Endpoint Protection security software may trigger a false positive on curl.exe.

curl.exe is a standard command line tool to fetch data from an URL. In TagUI, it is used if your automation flow to run is hosted online at some URL, or when you run with chrome or headless option. That option will need to use curl.exe to check whether Chrome's websocket connection URL is ready for connection by TagUI.
@kensoh kensoh added the query label Mar 31, 2018
@kensoh
Copy link
Member Author

kensoh commented Mar 31, 2018

This is an issue with Symantec tool which will trigger false positive for files which it does not know. I've raised a report 82472 with Symantec on the false positive through their form. The workaround in the meantime is to restore the file back from quarantine to the tagui\src\unx folder.

kensoh added a commit that referenced this issue Mar 31, 2018
@kensoh
#111 - false positive on curl.exe by Symantec software
49f17d6 
adding note of workaround while whitelist report is being processed
@kensoh
Copy link
Member Author

kensoh commented Mar 31, 2018

Updated note in project readme and tutorial so that users are aware of this, and the workaround while the report to Symantec is being processed.

@kensoh kensoh closed this as completed Mar 31, 2018
@kensoh
Copy link
Member Author

kensoh commented Apr 2, 2018

Cool! Received response from Symantec on whitelisting the curl.exe -

In relation to submission 82472.

Upon further analysis and investigation we have verified your submission and, as such, the detection(s) for the following file(s) will be removed from our products:

    File name: curl.exe
    MD5: CF464D1F8FF321A74FDDB4E00C20876A
    SHA256: 53A627191ADD72DD038899573F673E1C51C72A25F0F68608153008D7029F6D05
    Note: Whitelisting may take up to 24 hours to take effect via Live Update

If detection persists, please contact support:
* Norton: https://support.norton.com/sp/en/us/home/current/info
* SEP: https://support.symantec.com/en_US/endpoint-protection.54619.html

Decisions made by Symantec are subject to change if alterations to the Software are made over time or as classification criteria and/or the policy employed by Symantec changes over time to address the evolving landscape.

For more information on best practices to reduce false positives:
https://www.symantec.com/content/en/us/enterprise/white_papers/b-to_increase_downloads-instill_trust_first_WP.en-us.pdf


Sincerely,
Symantec Security Response
https://www.symantec.com/security-center

kensoh added a commit that referenced this issue Apr 2, 2018
@kensoh
#111 - removing false-positive note, curl.exe whitelisted
7a102ba
@kensoh
Copy link
Member Author

kensoh commented Apr 2, 2018

Above commit removes the note on false-positive, as this curl.exe for Windows has been whitelisted. Still keeping the note in RPA workshop in case the live-update is not automatically sync to users' PCs.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
query
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@kensoh