Jump to content

Enrico

Members
  • Content Count

    41
  • Joined

  • Last visited

Profile Information

  • Gender
    Male
  • Location
    Italy
  1. Akamaiedge is a CDN used by multiple websites and programs, blocking that global domain can cause issues, it's better to block only some of the subdomains used for analytics or tracking (like *g.akamaiedge.*). You can use Wireshark with the filter "dns" to log all the connection requests made by the app.
  2. @itman : if I create a new zone with some IP ranges (goog), then create a deny rule for Firefox, the firewall behaves correctly. So we have two options: something's wrong in the op rule or something was fixed with the last module update.
  3. That rule is totally wrong, you must create a new rule under Firewall - Advanced - Rules - Edit - Add Note that the IP's can change from time to time, so it's better to block domains, subdomains or even scripts with web access protection - url address management ( *line.me* ).
  4. Since the last modules update the target column is empty. Best regards.
  5. The same was happening on my Dell laptop and the two workstations upgraded to 20H2. I was unable to collect logs on the workstations since I immediately rolled back to 1909 (mainly for performance reasons) and permanently disabled win updates. I will do some more testing on the laptop next weekend.
  6. I know, but tell it to the bank (that was naggin' me with "install the app from gooogle play because it's more secure" blah blah), to the insurance or to the biggest ISP here, today their are facing serious issues because of this procrastination.
  7. Update: I've started having issues with FF on some websites, the solution was set "security.tls.version.min" to 1 .
  8. I can confirm that disabling filtering the cert goes away... In the 20H2 machine I've resolved with Eset reinstallation/reconfiguration, root certificates cleanup/rebuild and restoring some old firefox profiles, now everything seems ok, so probably it was a corruption or a misconfiguration due to November patches. In the 1909 machine a newer Eset certificate was installed and after reboot no browsing issues. Thanks
  9. After the last updates I started having the certificates issue with firefox https://forum.eset.com/topic/23125-certificate-issues-for-firefox-740-64bit/page/6/ On W10 20H2 FF 78.4.1 ESR has credential issues that lead to secure connection errors and data loss, Ungoogled Chromium seems not affected. On W10 1909 FF displays invalid cert on every website, the same with Ungoogled. Pref "security.enterprise_roots.enabled" is "true" and locked (by Eset or by group policy) I see no errors in browsers console. On the third PC with 20H2 and without Eset SSP I have no issues.
  10. BTW: because of professional needs I've had to disable firewall rules, hosts and reconfigure FF in order to purchase the renewal. Now EvilCorp is blocked again.
  11. Google reCaptcha is a data stealer tool https://www.fastcompany.com/90369697/googles-new-recaptcha-has-a-dark-side https://www.termsfeed.com/blog/privacy-policy-recaptcha/ . The ITA website is hosted on Google servers (first connection is made to 35.201.113.0/24).
  12. This "google is everywhere" thing is getting ridiculous, I cannot even open a support request because of goolag recaptcha. Somebody can help me finding a license renewal process that not involves giving personal data to google?
  13. UUID was removed from the link, that's why you see a blank page. You can visit this page https://eshop.eset.com/it/eset/renewal/ and see dns logs. Strangest thing is that I load the international page But clicking "renew" leads to eshop.eset.com/it/eset/renewal/ and relative connections to google servers. Another strange thing: different languages=different third parties involved in user tracking (some localizations like french and dutch are more privacy friendly). Funny that to purchase the license of a software that I use to protect me from Google (& frien
  14. Yesterday I've recived a license renewal e-mail from licenze'at'enjoy.eset.com (ITA), in the recipient there was a hyperlink (renew now) to https://enjoy.eset.com/pub/cc?_ri_= ...(tracking UUID)... , the link resolves to a Google server IP (109.113.201.35.bc.googleusercontent.com ). For privacy and security reasons I'm blocking all Google Ip ranges and domains, so no connection was made. My question is: why license renewal process must pass trough Google data gathering?
  15. Disable "Preload pages for faster browsing and searching" and see if it happens again. (in order to reduce attack surface never use prefetch/predict browser features) It seems to me that Google Safebrowsing (aka censorship) is failing again to detect malicious websites.
×
×
  • Create New...