Tim Jones

Is anyone else having this issue? Im thinking about logging a call with our vendor as no matter what I do Eset File Security 7 allways logs reports ( and blocks) ips if policy is pushed from SMC7

That is what i have set but it still alerts in the client and back to ERA, The settings are showing in the clients

Hey Guys I have updated to Version 7 great stuff it so much better than 6, I have also started updating my clients to V7 as well but have noticed the V7 File Server clients now reporting in Detected attack against security hole, Obviously awesome and IPS protection is much appreciated, However it seems to alert from my scans with Nessus Is there any way to exclude the IP's of our Nessus Scanners from triggering these and swamping the reports and dashboards with these alerts, I have excluded the ip's in the policy for all alerts and logs but im not sure its working any one else having a similar issue? ( it could be but maybe ive missed something) Tim

Hi I am interested in this GA release, How GA is it? will it be updated to production supported, Could i build a new server import my RA certs and move a few clients across and see how they go?

One more thing if you could locally run a command against ERAAgent to regen guid would be nice eg eraagent --regenguid and that just does an UPDATE key_value_table SET value = '%randomguid%' WHERE key = 'local_peer_uuid' in C:\ProgramData\ESET\RemoteAdministrator\Agent\EraAgentApplicationData\Data\data.db and updates the reg keys as well REG delete HKEY_LOCAL_MACHINE\SOFTWARE\ESET\RemoteAdministrator\Agent\CurrentVersion\Info /v ProductInstanceID /f REG add HKEY_LOCAL_MACHINE\SOFTWARE\ESET\RemoteAdministrator\Agent\CurrentVersion\Info /v ProductInstanceID /t REG_SZ /d %randomguid% /f otherwise you end up having to do it with sqlite3 with a bunch of scripts and hacks to crash the service modify it then start it again it works but would be nice if i didn't have to and it could just do it out of the box, PS I know its wrong, and I only do this when the guys forget to tell me when they deployed an image without telling me first and somehow included it in the image, would be even better if this was supported so i could just tell the guys to do what they like as long as they run the command at the end of an imaging task Tim

Hi Team, Description: Example REST API usage with Perl / Python Detail: An example document on how to use the API with Perl would be helpful you have one using C however I would just like to create a few script based calls to it using Perl for use with Nagios and other systems I have to integrate further with our other tools. Description: Failure Details inside Web Interface, Detail: Most of the time when a task fails it provides hardly any details why I need to follow the rabbit hole to the trace log, Description: Slackware Linux Support /+ Native x64 support without 32 bit libs Detail: I run 100s of Slackware Servers and have gone away from multilib etc, Also activate product from Remote Administrator rather than having to download an offline license for them Description: Use Latest option for software install Detail: Software install of ESET use latest option would be helpful eg tick a box and policy would always use the latest version available of eg Endpoint Antivirus when running the task Description: From Dashboard take filters and generate a Dynamic Group / Action Detail: I forever have out of date machine on the dashboard and have to copy the filters down and go an create a dynamic group from them to trigger an upgrade can a button be incorporated ( where you have generate CSV /PDF etc ) to say generate dynamic group please Thanks Tim

also seems that when using the downloaded (all in one Agent+Installer) package from the RA server one of the guys has reported --silent the same switch I use for Eset old versions does not work and exit code is 5024....

yea definitely splash screen at startup is turned off in policy and can see setting on local machine is off in the GUI ( and locked due to my policy), but still get the splash screen at startup

Has anyone got issues with this i rolled it out to a few test machines and the EAF protection in EMET alerts on all browsers blocking their use, Also noticed splash screen has come back Thanks Tim