Jump to content

novice

Members
  • Posts

    263
  • Joined

  • Last visited

  • Days Won

    1

novice last won the day on July 26 2015

novice had the most liked content!

About novice

  • Rank
    Newbie
    Newbie

Profile Information

  • Location
    Canada

Recent Profile Visitors

2,117 profile views
  1. I understand that " disconnect means to terminate the connection " but my questions were: 1.Why Eicar has a reputation of only 5 days when should be 10 years or more? 2.If the question is "Block access?" why the option offered are "Disconnect" and "Ignore Threat"?? Shouldn't rather be "Block" and "Allow"????
  2. Just tested ESET against Eicar. The Pop-Up warning says , on reputation, "Discovered 5 days ago" And as options: Block access? But the possible buttons are : Disconnect and Ignore So, how come is "Discovered 5 days ago" and if I am asked "Block" why the option is "Disconnect" and not "Block" or "Ignore"
  3. What about proving me wrong rather than banning , ah?
  4. So is either your sophisticated unproved theory OR much simpler one: ESET failed to protect against that specific ransomware ...
  5. And you were advising me to work on my spelling skills....
  6. I remember an antivirus ( do not recall which) asking for CAPTCHA in order to proceed with uninstall. A simple and elegant solution.
  7. What about resetting the phone to factory default , as long as you are giving it to a child???
  8. This doesn't matter... If somehow is an ESET glitch , still the old "an unauthorized person manages to log in with administrator rights and disabled ESET.." can be used successfully. Who can prove otherwise????
  9. You do like this explanation, don't you????? What can be more convenient then blaming the user for "not securing his PC"???? And I assume I will banned for reveling the truth....
  10. Thank you for your answer! Seems like ".. the attacker most likely logged in as an administrator and paused or uninstalled ESET " is the explanation of the day to justify ESET inability to protect against ransomware. At least several situations before were explained using the same (convenient) scenario. The addition of "antiransomware shield" to ESET was advertised as a big achievement , yet I have never seen it "in action" and the number of people coming here and complaining about being infected by ransomware is higher than any other forum. Despite all bells and whistles, it seems like ESET still relies 99.9% on signatures and Live Grid, while HIPS/behavior/heuristic has an insignificant contribution.
  11. Just out of curiosity , how the dedicated "antiransomware module +HIPS" work, if we still rely on " The detection was added on June 24 "??? Shouldn't the computer be protected somehow even before "adding the detection" by those 2 modules (antiransomware module +HIPS)??? If we still rely on a signature to be added, what's the point of having the antiransomware module +HIPS?
  12. You are right assuming my lack of experience in securing a business computer network . However I overcompensate with common sense. If: " Most likely this is what happened: - an attacker logged in with administrator privileges (stole an admin password, guessed it or brute-forced it) via RDP - ESET was not password protected so they paused or removed the AV " why doesn't ESET , by default, ask the business network administrator to implement a password during install with a certain strength. So, the vulnerability of having an unprotected ESET will disappear. How complicated could be to implement this? Is already implemented on various forums where you are asked for a password with upper characters, lower characters , numbers, special characters, certain strength... The down part of this would be that ESET cannot blame the user anymore...., not good!
  13. What do you mean by "the option has nothing to do with either"???? You just said " Sophos has a simple mitigation "
  14. So why Sophos and not ESET? Doesn't seem to be rocket science....
×
×
  • Create New...