Jump to content

Marcos

Administrators
  • Posts

    25,151
  • Joined

  • Last visited

  • Days Won

    1,047

Posts posted by Marcos

  1. Please raise a support ticket with your local ESET distributor. For antispam to work the server must be able to communicate with ESET's servers on UDP port 53535. Couldn't this be the reason that the communication is blocked?

    Please carry on as follows:

    - enable diagnostic logging
    - receive a spam email that is not recognized
    - disable diagnostic logging
    - collect logs with ESET Log Collector and supply the generated archive to technical support along with the unrecogized spam in the eml or msg format.

  2. I'm not angry about you reporting it. Quite the contrary, we are happy if you report us possible malicious samples or urls.

    I just wanted you to point in the right direction, ie. to report stuff directly to samples[at]eset.com according to the KB if you want the submission to receive better attention.

    Also I wanted to point out that even if a particular website is not blocked (ie. it may be a completely legitimate one with just somebody posting links to cracks), the point is to detect possible threat in the end no matter how it is achieved, ie. by blocking access to the malicious website or by detecting the malware upon download or execution at latest.

  3. 1, A correct way how to report samples or urls to ESET is via samples[at]eset.com as stated in https://support.eset.com/en/kb141. While submissions from the program are checked, more than 99% of them is just benign stuff which is not subject to detection (images, binary data files, encrypted files, music, etc.).

    2, ESET reserves the right to decide if and how samples will be detected and urls blocked.

    3, When testing, it's important to have detection of pot. unwanted and unsafe applications enabled; a lot of such websites are detected as scam.

    4, It's not possible to download malicious files from the above websites; the download url was always blocked.

  4. So you were not connected via RDP or another remote administration tool and didn't install / upgrade Endpoint manually?

    Could you post a screenshot of the Protection status window from such Endpoint?

    Also please do the following:
    - on endpoint where the issue exhibits open the advanced setup and navigate to tools -> diagnostics
    - click Create to generate a dump of ekrn
    - collect logs with ESET Log Collector
    - upload the generated archive to a safe location and drop me a private message with a download link.

  5. On 9/14/2021 at 6:14 PM, jmcnab said:

    So how do you disable web protection and phishing protection and not have it alert within a policy?

    You can disable the warning in the application statuses setup:

    image.png

    Again, you do it on your own responsibility and risk and you cannot blame ESET for possible infection after disabling crucial protection features.

×
×
  • Create New...