Jump to content

schuetzdentalCB

Members
  • Content Count

    90
  • Joined

  • Last visited

Profile Information

  • Location
    Germany
  1. Funny thing is if you remotly install older Endpoint Security/Antivirus Version it's working. (for me) - i have the same issue but with the newest Endpoint Security Version.
  2. Maybe something interesting regarding the secure browser feature: Trojan's with implemented Keylogger Function like the QuasarRAT can still record input from eset's secured browser window. - or maybe i misunderstand this function and its only protecting against hardware keyloggers?
  3. hey, just found this new Feature in my ESET Security Management Center when editing client policies for Eset Endpoint Security: Looks like that this feature is not recognized by the clients? Endpoint Security itself doesn't have that menu feature when checking directly on client. also theres nothing happening when adding a protected website? is it some beta stuff?
  4. Hi, why is it that eset is able to block acces to smb share and c$ adminshare but its not working when using the hostname \\hostname\...? its even not logging the event when using hostname instead of local ip. also when using custom ids rule which says block admin share acces its not working. i know i could block it on remote pc/server site but im just curious about this.
  5. Hey, is anyone having an idea how to use eset hips to prevent google chrome from saving .html files to the local harddisk? most download links like from wetransfer are not using a direct link to the downloadable file like wetransfer.com\dl\sample.html which could be blocked by webcontrol easily. is hips able to work with wilcard paths like *.*.html like the webcontrol module? in my tests it wasn't responding to this. so i think no.. sometimes there are incoming mails with legit wetransfer or dropbox download links which then just download a .html file with some stupid phising content
  6. Do you have SSL/TLS Filtering enabled? And on the same Policypage "add root cert to browser" - Function Enabled? I think ESET needs to work with its own browser cert to decrypt browsed https pages.
  7. no idea? - already tried to reinstall the whole ESLC appliance but stillt 122 pending updates with same error after a few seconds.
  8. Hi, already googled it but cant find any real answer to my problem. as there is no SSH available in ESET Shared Local Cache i cant do anything attached please find a screenshot with the error. already checked: firewall is not blocking update servers/repos, internet access working fine on the machine, mounted vmware tools .iso over vsphere to the machine because of the error message but that did not change anything. update task from ESMC is also not working. best regards maybe anyone knows how to fix this or i re-install the VM. Christian
  9. Today ESET marked the same File which looks like something as an microsoft update as a trojan on 3 PC's. - Maybe someone can tell me something about this? Looks Like False Positive to me. Threatname: XML/Runner.M Hash: B885CB1F1F93D57B56F07EF5789AECA4CA170336 file:///C:/Windows/servicing/LCU/Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.535.1.6/amd64_microsoft-onecore d..ectxdatabaseupdater_31bf3856ad364e35_10.0.18362.387_none_8b2d87237c70998c.manifest THX
  10. hi, just a short question. if eset endpoint with activated EDTD configured like above, is it really blocking .exe, .bat, and so on until its analyzed by EDTD? in my test with an unkown file i was still able to execute it after download over chrome browser. (edtd was still checking the file online at this moment). - what is eset doing to prevent a user from running an unkown file? changing nfts permissions or something like this?
  11. Something else which would be awesome is some kind of Application Whitelisting Function. - Like Windows AppLocker or this McAfee Application Control which allows Whitelisting Applications and deny everything else on a client system to run.
×
×
  • Create New...