rekun
-
Posts
203 -
Joined
-
Days Won
6
Posts posted by rekun
-
-
My statement still holds, as the Eset firewall would block all traffic which isn't initiated from inside the network. This include the traffic recieved from the ddos attack. This would not be detected as hacker attacks, as this normal behavior.
And still, no software firewall can prevent a ddos attack, as it can only block the traffic once it reaces your computer, and then it will be too late.
-
I think you do not fully understand how this works.
Eset Smart Security will not prevent your Internet from going down, as it can only block the traffic after it reaches your computer. If someone sends you a ddos attack it will flood your Internet connection and make it unstable/not useable. This traffic reaches your router, which do not forward it, since the traffic is most likely not one of the 3 ports you have forwarded. Therefore the traffic never reaches your computer, and Eset can't detect it.
The only thing you can do about is to talk to your ISP about ddos protection, but this is an enterprise features, and expensive.
No software firewall will ever be able to protect from a ddos attack.
If you were to connect your computer to the Internet without a router in front of it, you would properly see it block something, however your Internet would still go down, as the issue is that there is too much traffic trying to reach your system, and that your Wan connection is too small to deal with it
-
Hi ronxp2000
What you want is just Eset Antivirus, as module causing the need for manual configuration is the firewall. It will always be like this with firewalls, and is not a thing only related to Eset.
Also for 95% of the users, even the default firewall settings works just fine.
-
First malke sure you have installer The apache HTTP proxy AS part Of The era installation. If not, please download and install from Eset website.
Now make a policy for Eset endpoint to use this proxy.
-
Maybe you can use this:hxxp://support.eset.com/kb3677/?locale=en_US&viewlocale=en_US
To store and install the agent from a local share
-
Thanks, works as advised
-
If you are already on 6.2 there is no reason not to upgrade 6.3.
Once you have seen the changes, they are quite nice.
-
Hi
When a clients detects a PUP, it is not automatically deleted, and shows up in ERA as unresolved threats.
When pushing a full scan the computer, it is also not deleted as the actions should be selected after scan has completed. But the only way i can manage this computer is through ERA, so i never get to choose to delete them.
How can i delete these PUPs from ERA?
-
First off, if you have 500 clients connected to your era, then you should have made a backup of that server. Simple as that.
I dont think you can restore the certificate from the clients, as these do not hold the root certificate, which is what you need. Distributing the root certificate to the clients would be a security risk.
Taking a backup with SQL Management Studio is just as easy as taking af backup from the old era5. In addition to that, you can use the skills you have learned when you not to backup/restore other sql databases.
However the real solution is to use some kind of real backup solutions, and all backup solutions today support backup and restore of SQL servers.
You do not require a database manager to backup/restore databases, all it administrators should be able to do that.
I acutally like the change to SQL, as that brings the backup/restore process inline with other line of business applications.
On the other hand, I do think that working with ERA6 is more complex than with ERA5, but on the other hand you get much more features when you learn the new way to work with ERA.
Having 500 cliens, you should definitely appreciate this.
-
Before doing the above, you can also try to restart the Apache http proxy service on the remote administrator server, as that seems to fix the proxy server.
-
Hi
In version 6, all client are requesting updates from the official servers, however it is possible to do so through a proxy, which caches the results.
The issue you have could be related to some issue with the proxy.
You can make the clients connect directly to the official servers by editing the default policies in era.
Go to the admin panel in the left side and then select policies. Here you should look for all policies including the word proxy. There is one for each product (agent, endpoint, file security and so on)
Edit the policies and disable the settings related to the proxy settings.
Save the settings and wait a few minutes and the force an update.
Good luck
-
Hi
This is becaurse of a bug in the current version of era 6.
Please replace the network.dll On the era server as suggested here
-
Hi Marcos
Good to hear!
-
Hi
After installing EAV 9 i have experienced that Eset RealTime scanner does not work anymore.
I have eicar test file and also an old sample of Uptra downloader.
I can copy this file, extract the zip and also run the file all without Eset is stopping anything.
When trying to download the files, it is caught by the web protection and also when doing an on demand scan of the files.
If i extract/copy the file 10 times in a row, it will be caught 1 or 2 times, which leaves 8 sample on the pc.
So to summarize it all, if I have the sample local, I can extract, copy and run the file and it will only be detected 10-20% of the time.
If I install Eset Endpoint v6.2 it works just fine, as it is used too.
-
Hi
I would like to know if there are any plans to offer a cloud based Eset Remote Administrator to SMB customers which do not want to host their own Eset Remote Administrator?
It will be extremely useful, and almost all the competitors has it.
-
Hi everybody
I have heard from our local Eset team, that they are actively working to fix this issue, and have just received a potential fix for testing.
So it seems that things are not as bad as the Eset team reports in here.
-
This seems strange.
I have just tried to install the it on a fully updated Win7 X64 SP1 system, and I have not seen the message you suggests.
-
Hi Macros
Any update on this case? have you succeded forcing Microsoft to release the update?
The hotfix does seem to fix the issue, but it is not possible to deploy using either GPO or WSUS, which makes it really hard for us to deploy.
I Have had the isssue occur at all of the customers i have upgraded, so it should not be so hard to reproduce at your end.
I dont have any users that i can use to beta test this anymore, as they are already quite angry about this.
-
Hi Marcos
We are not saying that issue isn't happening because of a bug in Windows.
What we are saying, is that you will have work around this issue, as you have done in the past (and every other av company still does).
When doing a google search for KB2664888, you will only find topics related to Eset.
Also it only happens with the Agent, and i think it should be possible to build an agent without this feature.
This is a major issue for all companies. It is very hard to deploy, as it does not come through Windows Update /WSUS.
A solution could also be to make Microsoft deploy the update via Windows Update/WSUS, this would work for me as well.
-
It is still not working with the new update tot he agent.
Both computers have been freezing daily since installing the new agent.
It is also not possible to create a memory using the guide provided earlier. It works fine when the computer is running "normal" but when it freezes, the the ctrl + scrlk is not working.
Are Eset working to fix this? or is it "working as expected"
Can we do anything to help fix the issue?
-
I have tried to install the agent on 2 computers, and they have both been running for a couple of hours without issues. We will know more in the next couple of days
-
-
Hi Bogdan
That your computers are freezing is NOT a bug, but a feature so good that Eset won't tell you about it, even though they know about. It ensures that your users is very unproductive and always angry. Eset even admits the error, but have no plans about fixing it.
The solution is to uninstall the agent, with a stop managing task in era. The clients will still be protected by the endpoint antivirus but not manageble. This gives you time to find another AV provider.
https://forum.eset.com/topic/5935-era-agent-62110-causing-computers-to-freeze/page-1
-
Hi Macros/Eset
According to this Thread it seems that the hot fix does fix the issue, I have not tested it myself, as I can't make my paid customers beta test the product further, as they are angry enough already. however it is also not a suitable solution for us. We have a lot of customers running Eset, and I can not recommend them to download and install a request only hot fix that Microsoft says needs more testing, on all their computers and servers. Also I won't even think about the time required to do this. It is a lot easier to switch to another AV product, that actually do work.
I think that this is a very big issue, that Eset do not really care about. I think we can safely assume that this currently affecting several thousands of computers every day, with a lot of frustration and angry users. At the moment I would rather recommend users to run without antivirus, as this has a much lower chance of making their computers unusable, than running the current version of Eset. This is very bad.
This case is proof of bad quality control, and also shows that Eset does not really care about the users. If you did, you would have test the product better, maybe even with a beta version, and if the issue went unnoticed doing the beta, pulled the update and rereleased the old version until you fixed the issue.
A lot of things went wrong when you released version 6, buggy as it was, missing important features of the old version, and introducing much more complexity without any new important new features. And now it is just getting even worse.
Pointing fingers at Microsoft does not help at all. It may be their product having a bug, however every day you get more users running the new version, and all of them will experience this issue, and as reported by davidpitt even your own support is denying this issue. Also the old version 5/6 works without crashing the computers, and so does all other AV vendors, so it is clearly possible to work around the issue.
Can we atleast get Eset to admit that there is a bug, that are making their customers computers almost unusable?
Info about eset smart security ?
in ESET Internet Security & ESET Smart Security Premium & ESET Security Ultimate
Posted
Sorry to be repeating myself (and itman + others)
There is never ever going to be a software firewall that is able to prevent connection failure during a ddos attack, becaurse it is simply protecting the wrong thing.
Think of it like this :
During a ddos diffent computers around the world will send 1000 mbits
You only have "normal" internet connection with about 20 mbits
The software firewall will block the 20 mbit, but can do nothing about the remaining 980 mbits, as that will never reach you or your router/hardware firewall.
You can do different things to solve this. you can buy an internet connecting that is bigger than to total amout of traffic recieved from the ddos attack (properly not going to happen). Make a deal with your ISP or another company which has this extreme amounts of bandwith, and have them filter the bad traffic from the good traffic.
Both ways are very expensive, and not something you would to for a normal household.
To sum it all up, the software firewall will never to able to protect you from a ddos.