cutting_edgetech
-
Posts
336 -
Joined
-
Last visited
-
Days Won
3
Posts posted by cutting_edgetech
-
-
No, I don't have pre-release updates enabled. I try to stay away from updates that may not be stable. I doubt they will contain a fix for this since I don't think this has been reported. I'm going to send a bug report. The UI design is flawed anyway and should be changed.
-
I use the Network Wizard many times a day, every day. After I made the above post yesterday I accessed the drop down menu to see the one hour window view, and there was a slight freeze before the Window changed to the 1 hour view. After that 3 attackers on my Network that showed blocked in the Network View Wizard changed to unblocked! I had to turn my router off, and reboot again. There is definitely an issue with the Network Wizard. Unfortunately since I use the wizard many times a day, every day, i'm being affected when most people will not.
I'm going to have to send a bug report. I don't think posting in the forum is going to help. I'm sure they will want logs, and other info. I will obviously be forced to drop Eset if I can't find a fix for this. I could avoid using the Network Wizard if Eset would log all blocked connections. I maintain a really good blocklist that I use with Peerblock. I add all malicious network attacks to my blocklist which I have created from many different sources. Many of my Network attacks don't get logged since they get blocked when there is not an allow rule to allow their attempts to access my network. Is there a way to make Eset Log access attempts that get blocked for when there is no allow rule, and no specific block rule?
-
I have encountered a serious problem with the Firewall Trouble Shooting Wizard Feature. It unblocks blocked connections on it's own (attackers in my case) when using the drop down menu to change the time frame from 15 minutes to 1 hour. The problem seems to be that if I click 1 hour then it unblocks the blocked IP address just under it since the 1 hour selection is exactly over the unblock button. I have had this happen at least 10+ times in the past 3 weeks. Once this occurs I don't see any obvious way to block the attacker's IP address again without creating a packet filter rule for that IP address.
There is also a second way Eset is unblocking blocked IP addresses (malicious IP addresses in my case) on it's own from the Network Trouble Shooting Wizard. If I choose details to see why the IP address was blocked and use the Close Button to close the details window it will also sometimes unblock the IP address just under it. I assume this is also due to the close button being over the unblock button.
Once Eset unblocks the attackers IP Address I have to turn off my router, and reboot my computer. I've been rebooting since I run in a virtual environment, and as mentioned above I see no obvious way to block the address again once Eset unblocks it without creating a packet filter rule for that one IP address.
To be clear i'm not double clicking so this should not be occurring. That being said, the UI is not designed very well. The 1 hour selection from the drop down menu, and the close button from the details window should not be over the rather large unblock button. Also, I strongly believe the user should be prompted saying something like, "are you sure you want to unblock this IP Address". I have to assume there is a glitch in the UI since i'm 100% positive i'm not double clicking.
I have turned on logging for most of my packet filter rules but all blocks do not get logged so that is my reason for using the Network Trouble Shooting Wizard so often. It's the easiest way to see attackers being blocked that are not written to the log file. Usually, the ones that don't get logged are those that get blocked due to there being no allow rule for. All most all of these have been verified attackers so far So I still need to use the Network Trouble Shooting Wizard so I can get those IPs to add to my blacklist (peerblock).
I've already tried using another mouse and also reinstalling Eset, neither worked. I'm using Eset Internet Security 12.1.34.0 on Windows 10 X64 version 1709.
I would strongly suggest making changes to the Firewall Trouble Shooting Wizard UI so that the 1 hour menu option, and the close button for the details window is not over the unblock buttons. What can we do to get this fixed? I've been using Eset since 2003, and I don't want to change to another product.
-
1 hour ago, Marcos said:
Please contact ESET LLC. Most of moderators here are from ESET HQ in Europe so we have no clue about discounts that ESET LLC offers.
Ok, thank you! I will do that.
-
I assume if I don't get a reply from Eset soon then I will have to contact their sales department.
-
49 minutes ago, novice said:
By definition "a student" would use 1 license... what's the point of offering 3PC's ????
Very simple, I have 2 PCs which I use Eset on. Students these days use multiple devices for school. Also, i'm an InfoSec Major so I need 2 or more computers at the very minimum. I have Linux on my Laptop or I would need 3.
-
2 hours ago, itman said:
My best guess is Eset is giving a 50% discount off of the full retail price of $79.99 for 3 - PCs for 1 year per my recent check at newegg.com. The $59.99 current price appears to be a temporary cut in price from the normal retail price of $79.99.
The shopping cart says the regular price for 2 license for 1 year is $59.99.
-
I'm trying to use my student discount for Eset Internet Security for 2 devices for 1 year, and it is trying to charge me an incorrect price. Eset Advertises 50% off for students, and Eset says regular price is $59.99. The problem is Eset is attempting to charge me $44.99 with the discount. That is definitely not equal to 50% off. The sale price should be $30.00 off the original price which is equal to $29.99. Does Eset honor their 50% off advertising which can be found here? https://www.eset.com/us/offers/students/
-
4 hours ago, puff-m-d said:
Hello @cutting_edgetech,
While you are on the "Network connections" tab in the ESET GUI, right click in the "Network connections" pane and uncheck "Show only TCP connections". UDP connections should now show along with the TCP connections.
I hope this helps...
Thank you! I did not know that option was there! Eset should not hide this option. It causes people to waste a lot of their time.
-
True, I can use Nirsoft's tool, I have in the past, but Eset should improve their Network Connections viewer. I think it falls short of expectations.
-
My Eset GUI occasionally crashes when accessing firewall settings. Maybe that's not the reason it crashes and is only a coincidence, but none the less it still crashes. It will freeze up when accessing Firewall application settings, and sometimes crash. Has anyone else had any problem with Eset GUI freezing up, and crashing?
I think maybe it has something to do with enabling diagnostic mode under the firewall application rules for an application since that is what I did 5 minutes before the GUI stopped responding. Diagnostics worked since it gave me a few notifications about connection attempts, I definitely didn't receive enough that would overwhelm my system leading to the freeze. I only received a few notification in the 5 minute period that I used it. It was when I tried accessing the Firewall application settings again to disable diagnostic mode that the GUI stopped responding, and the GUI completely crashed about 10 minutes after that.I just sent a service request through Eset Application. I sent Eset Logs I collected after the GUI crashed. The crash doesn't happen often, but it shouldn't be crashing at all. I sent a service request in with logs, but if Eset staff here would like me to send them the logs by email then let me know. I don't post log files on open forums.
I'm using Eset Internet Security 12.0.31.0 on Windows 10 x64 version 1709.
-
Ok, thank you for providing me with that info! I must say i'm disappointed. I think they should also monitor UDP as well. I will just rely on Process Hacker, and others that monitor other protocols.
-
There seems to be a bug with Network Connections Viewer in Eset Internet Security 12.0.31.0. I'm running a P2P Client called Fopnu right now, and downloading a file. Fopnu Client is not showing up in the Network Connections Viewer. It shows nothing actively downloading at all. I clicked on refresh several times and there was no change. I exited out of Network Connections Viewer, and then opened it again but no change.
I'm using Windows 10 x64 Pro version 1709.
-
32 minutes ago, itman said:
Good to hear the problem has been resolved.
Yes, I hope they was able to identify the problem and fix it. If not then Eset client was able to add some policy on it's own from me disabling SSL/TLS that allowed the page to load, and also allowed the login. If that's the case then maybe the problem will reappear once I roll my machine back, or reformat. Hopefully they fixed the problem though.
-
4 hours ago, Rami said:
It could have been ESET because Marcos said that he will report it to the developers and also as he said it's not related to the firewall , it's related to the SSL/TLS scanning , so setting the firewall as Automatic or Interactive won't make any differences.
It did make a difference on my machine. Setting the Firewall to Automatic Mode always resolved the problem. That's why I was saying that Eset must be enforcing different SSL/TLS policy in Automatic Mode than Interactive Mode, or the problem is not only SSL/TLS. I could reproduce this 100 percent of the time. This was the case since at least version 11.
-
Eset is no longer blocking my schools login screen, or the login itself when using Interactive Mode. Also, i'm able to download resources on Blackboard again.
I have made no changes. I don't know if Eset made any changes/fixes or not.
-
I'm not using my own Microsoft On-line ID (windows is a pain to deal with if you authenticate Windows OS login using that method due to privacy issues), but it appears that the school is creating a Online-ID for me to use with Microsoft Sharepoint platform.
The domains switches twice during the login process. Take note that Eset blocks even getting to the login screen, but also blocks the login itself most of the time. I don't remember the domain switches that take place before arriving at the logon page. You can see that yourself though without having logon credentials.
The domain starts at https://sts.kctcs.edu/......then switches to https://login.microsoftonline.com/login.srf?client-request-id....., and then to https://kctcs.sharepoint.com/sites/mypath
That's about as detailed as I can get for now. I'm typing one handed here due to crazy doctor paralyzing my hand with botox shots for writers cramp. It will be at least 2 more months before I can type again. I was suppose to graduate this semester in InfoSec, and transfer to another University, That's all on hold now. I will provide what info I can, but it takes me forever to type anything now. ?
-
1 hour ago, Marcos said:
In this case the issue doesn't appear to be related to the firewall. I was able to reproduce it and merely disabling SSL/TLS filtering helped. Switching the firewall to automatic mode didn't make any difference.
I'll report it to devs and provide them with logs. We'll keep you posted.
I still can't log in with Interactive Mode, and I still can't download documents in Interactive Mode. Switching the Firewall to Automatic Mode is a temporary fix for me. Switching to Automatic Mode allows me to login, and access all resources on Blackboard.
Eset appears to be treating SSL/TLS filtering differently in Automatic Mode than in Interactive Mode.
I just thought I would let you know so you can pass the word on to the developers.
Thank you for all your help!cutting_edgetech
Michael
-
2 minutes ago, itman said:
Click on Edit as shown in the below screen shot.
Also if this doesn't work, the real "culprit" is that there is a redirect to login.microsoftonline.com going on prior to the school sign on web page appearing.
Ok, Thank you for all your help!
-
23 minutes ago, itman said:
In the meantime, you could just try to exclude your school's IP address which appears to be, 67.208.145.191, from SSL/TLS protocol scanning. This would prevent you from always having to toggle SSL/TLS protocol scanning off and on.
Where can I add the IP exception at? I'm not seeing it in the UI.
-
1 hour ago, Marcos said:
In this case the issue doesn't appear to be related to the firewall. I was able to reproduce it and merely disabling SSL/TLS filtering helped. Switching the firewall to automatic mode didn't make any difference.
I'll report it to devs and provide them with logs. We'll keep you posted.
I also have logs I collected with Eset Log Collector. If you need them I can send them by email, or pm if possible.
-
Here is a screenshot of the sharepoint platform they are using as a central location to access everything. I really like the layout they have.
-
Only, with my school website, AFAIK. I have problems signing in, and also accessing resources once I have signed in. When using blackboard I can't download documents (.pdf, .doc) without switching to Automatic Mode.
-
Disabling SSL protocol Scanning seems to have fixed the problem (not really a fix, but a work around).
It did not work at first, but after clearing the browser cache I was able to load the sign-in page, and sign in with Eset's Firewall in Interactive Mode.
I was able to sign in with Internet Explorer, and Firefox.
Serious Flaw/bug in Eset Firewall Troube Shooting Wizard
in ESET Internet Security & ESET Smart Security Premium
Posted · Edited by cutting_edgetech