-
Posts
38,002 -
Joined
-
Last visited
-
Days Won
1,507
Everything posted by Marcos
-
ESET Endpoint Web Control with mixed rules
Marcos replied to MAGIK José Rocha's topic in ESET Endpoint Products
Rules are evaluated in the order as they appear in the list; ie. if a URL matches the first rule, the second rule won't be evaluated. According to your screen shots, the problem is using of wildcards in Web Control rules which are not supported. Please remove "*." from each URL. Should you use URLs with paths and not just the hostname, make sure that SSL filtering is enabled on clients as well. -
I would correct you in that it's not a bug, it's rather an issue caused by design of scanning SSL. The issue occurred after improving protection by extending the list of scanned HTTPS ports to all. Until recently, SSL communication was scanned only on the default HTTPS port 443 which, with the increase of malware utilizing HTTPS communication on other ports, started to pose a risk to users. If Chrome performed MitM on port 8009, then the extension of scanned ports naturally introduced the issue since AVs also perform MitM if they scan SSL communication of any application. The issue has been reported to ESET, we now know about it and a solution (I wouldn't call it a bugfix because of the reasones above) should be available some time soon.
-
To my best knowledge, this is already on a wish list. Thank you for the suggestion.
-
Checked the logs but didn't find any obvious problem. A weird thing was that the system event log was basically empty, there were only a few events from yesterday. Then there was a couple of applications that might theoretically cause issues. If you can uninstall them, one at a time and then see if the issue goes away, try it: Winaero Tweaker RamCache III RAMDisk VirtualCloneDrive If nothing helps, try uninstalling ESET and installing v12.2.23 from scratch. Failing this, a support ticket will need to be created with your local customer care and the issue be investigated by ESET's engineers.
-
For instructions how to collect ELC logs, please see my signature or FAQ on the right-hand side of this forum. Is this the only screen that doesn't look ok? If you select Update -> List of all modules, does the window populate with information about installed modules? Did you perform a clean install of v12.2.23 or it was upgrade from v12.1 or older? Did you reboot the machine after the upgrade?
-
One thing is that ESMC can work without Internet access if you ensure that modules be updated occasionally and another thing is management of other license units than those covered by the imported offline license file. Moreover, when deploying ESET's products you will need to download installers elsewhere and copy them to a common share in order for software install tasks to work. Needless to say that some features / services, such as ESET Dynamic Threat Defense, cannot work without Internet access at all but that's an extra service that requires an EDTD license anyways.
-
Not sure if your license registration email address is different than the one you used for registration in this forum. I was able to find only a trial license for ESET Mobile Security registered to it but it's possible that you used a different email address to register your paid license. Please provide your public license ID.
-
Blocking news popup software with NOD32
Marcos replied to chingluen's topic in Malware Finding and Cleaning
Please provide: - a screen shot of a pop-up that you're getting - logs collected with ESET Log Collector. -
Blocking news popup software with NOD32
Marcos replied to chingluen's topic in Malware Finding and Cleaning
Do you have detection of potentially unwanted applications enabled and none was found during a scan? -
It happens that vendors don't provide an updated UEFI firmware without CompuTrace. In such case, the only solution is to exclude the pot. unsafe application from detection by the detection name as suggested in the KB.
-
For more information, please refer to: https://support.eset.com/kb6567/ https://www.welivesecurity.com/2018/09/27/lojax-first-uefi-rootkit-found-wild-courtesy-sednit-group/ https://www.welivesecurity.com/wp-content/uploads/2018/09/ESET-LoJax.pdf
-
esmc server not talking to itself
Marcos replied to roga's topic in ESET PROTECT On-prem (Remote Management)
Do you have ESMC Agent installed on the server? Are there any errors in C:\ProgramData\ESET\RemoteAdministrator\Agent\EraAgentApplicationData\Logs\status.html or trace.log? -
ESET File Security is intended for file servers; it does not include a personal firewall.