Jump to content

Rémi

Members
  • Content Count

    16
  • Joined

  • Last visited

Profile Information

  • Location
    Belgium
  1. I did some more testing, so I have to add that the entire workdevapp.com domain seems blacklisted by eset. https://www.virustotal.com/fr/url/cd5a6ae2fa40f7a16aa606e828db50446ded4e333ae09b2480cda80491bc2e31/analysis/ But that the js file itself does not trigger eset. But it does trigger zonealarm and Kaspersky as an adware. https://www.virustotal.com/fr/file/cec906f1fc42b843aaa4aaa12db15767882547e5e247b4e0489f76313b14da45/analysis/1539006038/
  2. Hi, one of my customers suddenly had an eset warning when trying to browse her own wordpress-powered website. If I test the website on virustotal, there is no detection. But I inspected the source for the home page, and found a series of suspicious urls to a remote js file: workdevapp.com/1deb3dd710d8d90c20.js This url do trigger eset on virustotal. But only eset, all other antivirus are green... How do I know if it's really a virus ? Thanks, -- Rémi
  3. what is the use for the «agent certificate for server assisted installation» ?
  4. you mean that I can't clean those files without doing a complete new scan of the machine ??? There is no way to target specific files ?
  5. yep, that's where I see the threats. But I can only see the details of those detections, not act on them.
  6. Hi, is there an official channel to report such bugs or is the forum enough ?
  7. Hello, I have a new ERA server with latest versions of the server and web console. I installed the agent on two client machines, both Win7, and from there deployed Eset Endpoint Security, latest version. Default configuration, no policy applied yet, I'm only «toying» with it to get a grasp. During the initial scan, EES discovered a few low level threats (Potentially Unwanted Applications), and says «action selection postponed until scan completion». The problem is that the initial scan is now over, and I still cannot find how I could act on those files. I'd like to simply d
  8. urgh, I can't believe it, but the agent has problems with strong passwords: I created a test agent certificate with a weak password (only letters and numbers), and there it works !!! my previous password had a ], a ", and the last char was a ?. Amazingly, one of these poses problems, even though ERA let's me use it.
  9. question: I use an automated password generator and copy/paste them, so my passwords are strong and very random. Could it be a problem with some characters in the password ? For example the last character is a '?'. Could that be a problem ?
  10. ok found it. I exported the agent certificate, the CA key, copy pasted the certificate password, and launched a repair. Same problem. Then I completely uninstalled the agent, rebooted, relaunched the install in offline mode, same certificate, key, and password, and same result :-(
  11. no there was no policy applied in installer. In era I can only create an all in one, or agent live installer. I can download the agent installer from the eset website, but how do I apply the right certificate in that one ?
  12. And to be completely complete, here are the installed versions :-) ESET Remote Administrator (Server), Version 6.5 (6.5.417.0) ESET Remote Administrator (Web Console), Version 6.5 (6.5.388.0)
  13. Hello, I installed a new era server on a linux machine. All went well, the web console is working properly, and I imported a first licence in it. For the sake of completeness, I must add that the era server and console are on a vm with a private ip address, but port 2222 is forwarded from my public host to the private server, and ports 80 and 443 are properly handled by an apache reverse proxy. I don't think that this is the source of the problem, but I had to mention it. First thing I did was to revoke the default certificates and CA, and create new ones for my company. Th
  14. using the MySQL repositories could be an option, but it adds a level of complexity to the deployment and management, especially if one uses a configuration management system based on ansible or saltstack. Adding official repository support to an existing infrastructure management system is a lot more involved than just using the integrated tools. Not rocket science, but still one level of complexity that I could do without. Furthermore it also adds complexity and uncertainty when one wants to upgrade the system. I know that debian's upgrade system is integrated, tested, mostly works well,
  15. @MichalJ This unfortunately makes the install a lot more convoluted on any recent linux server... For example it's only possible to install it on debian oldstable (jessie), not on current or future stable... And debian is definitely not a fast mover, so the situation is probably worse elsewhere. Thanks anyway for your answer.
×
×
  • Create New...