Peter Randziak
-
Posts
3,511 -
Joined
-
Last visited
-
Days Won
207
Posts posted by Peter Randziak
-
-
Hello guys,
the lab processed the samples and as of now, they are subject of detection so thank you for the submission.
16 hours ago, SeriousHoax said:With due respect, isn't manual work the job of a human analyst? Not all samples can be detected by an automated process, so human analysis is needed for many samples.
well yes it is, but with the amount of samples / submissions is really huge so the analysis have to pick which to process...
Peter
-
Hello sesk,
On 6/9/2023 at 1:37 PM, sesk said:where and what are the "Advanced Preferences (Advanced Setup)"? 7.3.3700.0 installed. command+ does not open anything. no preferences in the menu bar? thank you for the update. edit: is it the extra during the installation process ?
The advanced setup is there by default, it is not selectable during the installation / upgrade.
Were you able to open them? Have you tried the second option
"click ESET Cyber Security in the macOS menu bar and select Preferences (Settings)."
https://help.eset.com/ecs_mac/7/en-US/?advanced_preferences.htmlPeter
-
On 6/2/2023 at 12:32 AM, chercm said:
this beta version had a software update and it caused my mac to lose internet connection and i had to uninstall it
Sad to hear that, but for sure I recommend to install the GA version which is already available and in case of any issues contact our Support team to assist you...
Peter
-
Hello @SeriousHoax,
I'm checking it with the lab.
For sure it's much better to submit the report with the samples included, as those are being automatically processed.
Grabbing hashes from a text and looking for those samples is a manual work...Peter
-
Hello @anjayani,
have you followed the instructions at https://help.eset.com/elga/en-US/?test_functionality.html, especially the
"5.Windows users: To make the file unique, open the command line by pressing Win+R and type powershell. Navigate to the folder with the excluded test file. Run the command below, it adds the current timestamp to the end of the file, and the file gets a new hash:
Add-Content .\EdtdTestFile.exe $(date)" part?I tested it myself and the modified file bas been submitted and detected / removed after the analysis.
Peter
-
Hello @thae,
some features, like the "HTTPS traffic caching for ESET security products" are supported on the listed products / versions only, but the ESET Bridge can be used as a proxy 1. to cache the standard http traffic and 2. to be used as gateway in a network without direct internet access...
Peter
-
Hello @FTL,
the ESET PROTECT Cloud should be used to manage only those seats, that have been activated using a “cloud eligible license”
The licenses can be upgraded at any time, you do not need to wait until the renewal date.
P.S.
19 hours ago, FTL said:Ran my own hosted EPC for ages as most licences were on prem licences.
the C means cloud so I assume you run the ESET PROTECT on-prem 🙂
Peter
-
-
Hello @Dai Tomiyama,
On 5/24/2023 at 3:17 AM, Dai Tomiyama said:Can you confirm the version of ESET PROTECT that manages EEAU10 as it is not mentioned in the online help, etc.?
Not all of our clients have the latest EP, so we are checking with EP version 9.0 or later, will the information be available soon?
Of course we understand that it is best practice to use the most up-to-date EP as well.
Please let us know if you have any information on this question, as it is one that we actually get asked frequently by our clients.
Yes the older, but still supported versions of ESET PROTECT can be used to manage even the new products, thanks to updates of the Configuration module.
Peter
-
2 hours ago, rotaru said:
"Confirming" is nice, but should have been some sort of announcement, not just sitting duck, hopping nobody would notice.
This incident seems to be limited to a single country and to a particular product package, was resolved on the same day as it was reported.
So a public, global announcement won't be appropriate in my opinion, announcement on that partner's web would be...Peter
-
Hello @Lukas Juda,
I can confirm, that yesterday there were issues with the Multi-device security packs.
Those were resolved so the issue should not occur anymore, can you please confirm?We apologize for the inconvenience caused.
Peter
-
Hello @DaLiu
I can confirm, that yesterday there were issues with the Multi-device security packs.
Those were resolved so the issue should not occur anymore, can you please confirm?We apologize for the inconvenience caused.
Peter
-
Hello @Lockbits,
yes the ESET Bridge is able to forward the traffic to the EPC.
For the Advanced scenarios for ESET Bridge with ESET PROTECT, see https://support.eset.com/en/kb8368-advanced-scenarios-for-eset-bridge-with-eset-protectPeter
-
Hello @azeu666,
3 minutes ago, azeu666 said:I do not have ESET PROTECT to mange endpoints.
O.K., so please configure the logging verbosity locally as per https://help.eset.com/eeau/10/en-US/?idh_config_logs.html
Peter
-
17 minutes ago, azeu666 said:
I am referring to: "please enable the diagnostics logging via a policy (as shown on the attached screenshot), reproduce the issue, collect the logs and revert the logging verbosity to the previous value. "
How am I to accomplish the abovr?
Via a policy for ESET Endpoint for Linux (V7+) configured by means of ESET PROTECT
I assume you use the ESET PROTECT to mange your endpoints, right?
Peter
-
Hello @Dai Tomiyama,
4 hours ago, Dai Tomiyama said:We too are in the process of downloading the build and checking out the new features.
I have one question, we have a test environment where we are getting modules from a mirror tool.I am referring to the "ep10" folder since the EEAU version is 10, but the module has not been distributed and I am not able to update the module via the mirror tool.
Will this be distributed soon?Sorry if I am posting to the wrong place.
The EEAU 10 BETA updates from http://update.eset.com/eset_upd/businesslinux it uses the modules in a DAT format (64 bit).
The EEAU 10 BETA should be able to update via the mirror, if properly configured.
see https://help.eset.com/protect_install/10.0/en-US/mirror_tool_windows.html for example
Peter
-
Hello @azeu666,
17 hours ago, azeu666 said:As stated Friday, 12-05-2024 20:23, I have ESET PROTECT Essential On-Prem. I am not running Eset Endpoint for Linux (V7+).
The ESET PROTECT Essential On-Prem is a name of the bundle you bought to protect your company.
The "Eset Endpoint for Linux (V7+)." is the product deployed on the Linux workstations, note that this BETA program is for "ESET Endpoint Antivirus for Linux 10 BETA".
As the dev team is interested in checking the report belowOn 5/12/2023 at 9:23 PM, azeu666 said:Web access protection to scan HTTP and HTTPS communication blocks access to HTTP sites on a 192.168.1.0/24 network.
can you please provide us with the requested logs to check it with them?
Thank you, Peter
-
On 5/13/2023 at 8:39 AM, azeu666 said:
Where is the changelog presenting all the new features and improvements?
A changelog will be available with the GA release, but it will more or less contain the same info.
The Web access protection is the top new feature, besides that the other improvements mentioned improve the security and usability of the product.On 5/13/2023 at 8:39 AM, azeu666 said:Will the custom scan be integrated with the supported Linux file managers, thus eliminating the need to type the path?
We have such in the backlog so we would like to bring it in the future releases...
-
On 5/12/2023 at 5:57 PM, Nightowl said:
It seems that HTTPS filtering broke down FortiClient VPN application , I had to downgrade for now.
On 5/12/2023 at 9:23 PM, azeu666 said:Web access protection to scan HTTP and HTTPS communication blocks access to HTTP sites on a 192.168.1.0/24 network.
On 5/13/2023 at 8:39 AM, azeu666 said:The Beta version blocks Mullvad VPN 2023.3 for Linux with Wireguard Obfuscation set to UDP over TCP, and Quantun-resistant tunnel set to on.
sad to hear that you face such issue, glad you reported it here in BETA program.
We would like to check it with the Dev team, please provide us with:
1. Diagnostics logs captured with the collector script https://help.eset.com/eeau/10/en-US/collect_logs.html
please enable the diagnostics logging via a policy (as shown on the attached screenshot), reproduce the issue, collect the logs and revert the logging verbosity to the previous value.
2. pair of Wireshark logs one with the protection enabled i.e. from a attempt when the connection fails due to traffic filtering and second from an attempt with the protection disabled so the connection succeeds so we can compare them
Once you have the diagnostics logs collected and the 2 Wireshark logs, please pack them to an archive, upload to a safe location and send me and @TomasP the download details so we can check it with the dev team.
Thank you in advance,
Peter -
-
On 5/11/2023 at 2:22 PM, Nightowl said:
I can't manage to find the policy if I understood you right it will be added right?
If you mean the policy to mange the new settings i.e. those which were added in the version 10 only (i.e. are not available in the version 9), this is a BAU that those are being added later.
-
Hello @Nightowl,
thank you for trying it our and for the feedback provided.
5 hours ago, Nightowl said:There should be new settings added from ESET protect or it's same policy of before?
Support for new features / settings will have to be added as usually, so they will be manageable from the management console.
Peter
-
Hello @Andy C,
sorry to hear that you experienced the issue again.
Can you please provide us with a complete memory dump from the server in such state so our development team can investigate it?Once you have it, please pack it, upload to a safe location and send the download details to me and @Marcos over a private message.
Thank you, Peter
-
Hello @Nightowl,
thank you for your interest in the BETA program participation.
The activations of the BETA build are not restricted, so your standard license will work.
In case you need one for the BETA testing, just drop me a private message.Peter
eset liveguard test file not detected as malware
in ESET Endpoint Products
Posted
Hello @anjayani,
glad to hear that it works now, so you can be sure that the ELGA is protecting your environment as it should.
When it comes to the question why it was not detected, I do not want to speculate / guess so to get an answer it would have to be checked from the logs...
Peter