Joe-ESET2016
Members-
Posts
39 -
Joined
-
Last visited
Everything posted by Joe-ESET2016
-
Hello, Customer with Exchange 2013 CU23 was in email-discussion with a supplier. "Supplier-mail-adress" send an faked pdf-invoice with different bank-details. (scam-mail) From: Field was right. Reply-to: was the scammer with a strange-mail-domain. SMTP Sender IP was strange and not the Supplier In ESET Mail Security I could create Mail-Rules in case "SPF failed" or "rDNS is missing" , but as far as I know I don´t have much other opportunities to avoid such scam. Thx for you oppinion!
-
Hello, Customer asked: ESET Qurantine Function not optimal because no body is available to check "local qurantine" Web Qurantine is also not so optimal. ( I know report emails are possible) Simple make a ESET Mail Security Rule about increasing SCL "if SPAM"....EFFECT-=>: Email will land in the local Outlook Junkmail Folder right? (Exchange 2019) RISK: ENDCUSTOMER have more risky Mails on his endpoint Best Regards
-
Hello, on which server should I start the ESET Mailbox Count tool? On the Exchange 2013 (win2012) or on the domaincontroller (win2012) ? I am asking because they Domaincontroller has arround 20 more results I am asking because I need to calculate the demand for "ESET SECURE BUSINESS" I know that I have to divide the RESULT / 1,2
-
Increasing Botnet.CnC.Generic detections
Joe-ESET2016 replied to CraigF's topic in General Discussion
Hello, I noticed, that a Exchange 2013 Server (I think with CU 22) has approx. 500-1000 Attacks in Dezember with ref to Botnet.CnC.Generic on Port 443 -
Hello, with ref to eset mail security incoming rules understanding better which file extensions are dangerous based on the eset LOG (e.g. I also saw many *.img and *.iso with virus content) a) Question: Some ESET Mail Security for Exchange Version 6 and 7 has this Problem: if I go unter Log and Details the text is snipped / not full line, I need drive the mouse cursor over it to see the full style. Do you know how to solve? I didn´t updated to the latest version yet. b) I would like to find out which file extension´s were blocked. (I am using the incoming rules) Do you think I can do better / more "statistic, research" if I add more Actions into the RULE ? I only know that this can be inserted, but I think the information is always in the log, I don´t need this actions: Regel "%RuleName%" angewendet. Betreff: %Subject% Absender: %Sender% Empfänger:%Recipients%
-
Hello, my collegue from sales doesn´t understand the "small differences" between the different licences. I mean he is selling 20 x Endpoint Antivirus and 3x Filesecurity. (has this combination the right for eset ESMC?) There is no advantage about this right? Purchasing Endpoint Protection Standard or Home-Office Pack has no disadvantage in my view and is more flexible and is also cheaper. Thx + best regards
-
Hello, sorry - I didn understand it right. Customer have 20 x "Secure Business" but no ESMC Customer have 20 x Win10 Tower PCs in his office and a vShphere Server. If I don´t want the local "apache/centOS" ESMC - what else should "read/do"? Switch to ESET Secure Cloud Business? Goal: ESMC in the Cloud, Antivirus-Settings-via ESMC-Cloud I have a local Domaincontroller and a local Exchange. The Agent inst´t installed. The PCs don´t have the latest ESET NOD Antivirus Version. thx in advance!
-
Hello, we are running older server. (but lattest updates are installed) 1 x SBS 2011 , Exchange is in Use 1 x Win 2008 R2 Terminalserver Based on system-requirements it should work. Both are running version 4.5 atm. I just want to doublecheck, if you say it could make huge problems. thx in advance! best regards
-
hello, did you ever heard about Problems in connection with ESET File Security 6.4 and .NET Framwork? (on Terminalserver Windows 2012 R2) We are looking for ERP-Programm crash issues and have some .NET Errors in the Windows Event Log. A Connection to ESET is not visible, but perhaps you say based on my question: e.g. add framework to the exklusion or something like that We just added some ERP-Programm Paths to the exlusions and will review. Thx for your opinion!
-
Hello, we have Eset Mailsecurity 7.1 and a MS Exchange Server 2013 (Windows 2012 r2) (30 Person Company) Email-Receiving: the DNS MX Entry is pointing directly to the Exchange Server. Problem: I see in the Exchangelog that everyday 1000-5000 Spamails are incoming and well blocked by ESET Mail Security. I see that this Spams have TO Field to Emailadresses that doesn´t exist. Solution Idea: Enable a "valid Receiver adress-list in the Watchguard SMTP Proxy Do you have a Idea about this situation? Eset Mail Security has the default settings - I don´t if there is a Email-Reply to every single spam, I think not.
-
Hello, our Eset Mail Security 7.1.10009.0 with MS Exchange 2013 CU23 on Windows 2012 says: Spam Module not properly connected to Cloud If I click the help link, it says: https://support.eset.com/kb332/ Question: do you need to allow outgoing UDP 53535 or incoming? thx in advance! To use the Antispam module: View list of IP addresses in a text file Version 5 and higher: You need to allow requests to your local DNS server (TCP/UDP port 53). Base domain for DNS queries: e5.sk NOTE: Make sure to open UDP port 53535 for the addresses in the table below.
-
Hello, do you know something about "DNS Secure Services? Like DNS Watch from Watchguard or https://en.wikipedia.org/wiki/Norton_ConnectSafe ? The idea of it is: Port 53 outgoing of whole organisation / local office of the customer goes completly over designated DNS Servers. These DNS Servers have more Security... Do you think that is something "new" and has ESET a Similar approach? I am just loking for some information and the right technical name of it Best Regards
-
Hello, I searched in the knowledge base about "Eset Filesecurity + Terminialserver. Do you think there is a KB Article about best practise Terminalserver Settings? Goal: Customer with one Terminalserver and 20 Happy Clicker Users needs more protection and awareness. At the Moment the Users didn "learn" that they went to far, because there is no notification as far as I know. Is is possible that the user gets a ESET Warning right below if he opens the ransomware Word document? I only need to insert the Usernames in the ESET Options "show notification to following users: ......" The users have no ESET Icon right below, because my admin-collegue put ESET into "Terminalserver Mode" I know, that here are some nice ideas: https://support.eset.com/kb3433/ ESET Config Passwort is activated, ERA 7 is available, File Sec 7 is installed Thx for your opinion! Best Regrards
-
Hello, I would like to activate the Eset Mail Security 7 "Rules "against incoming dangerrous attachments" I remember, that in older Verisons e.g. "Blocking Office Makro Files" can cause some trouble, because Users need their "Word XML FORMs etc..." Perhaps that was only one individual case that doesn´t matter, I don´t kno it is impossible to restore "deleted Attachments based on delete rule" right? Using Quarantine Action instead is recommend right? do you think there an other important things to know about rules? Thx, best regards
-
Hello, we need NOD32 Antivirius Windows for mobile industry plants without static flatrate WAN/Internet line They have only expensive Satelite Internet. We need a Cloud Remote Adminconsole and traffic regulation is very important The mobile industry plant aren´t in the same local network, there are only small peer2peer networks with 3-4 PCs as far as I know Do you have a Idea about this situation?