Nightowl
Most Valued Members-
Posts
1,863 -
Joined
-
Days Won
17
Everything posted by Nightowl
-
Liscens key
Nightowl replied to jasonmraz's topic in ESET Internet Security & ESET Smart Security Premium
For the next purchase just buy the license yourself not from any reseller , go straight to ESET website and they will redirect you to their website and then you get all the details about the license in e-mail. Else just go ahead with what itman told you , the store have the license they should give it to you as you already paid for this. -
eventlog.dat is over 80GB!
Nightowl replied to Leviathan!'s topic in ESET NOD32 Antivirus for Linux Desktop
It is because ESET is constantly reporting about failing to connect to socket due to AppArmor. Check this topic : https://forum.eset.com/topic/16859-cannot-connect-to-tmpesetssockpermission-denied/ -
I have tried to configure AppArmor to work along ESET , so far I have configured /opt/eset/esets/lib/libesets_pac.so AppArmor stopped blocking libesets at the moment , still trying to figure it out with the other messages. If I succeed I will provide with the workaround. Okay what is left and what I think now is preventing ESET is that AppArmor is denying cups and dhclient., I think AppArmor is preventing ESET from touching cups and dhclient because they are prevented in AppArmor , I guess I leave them like this. What I have done : First of all I did use grep to find out what is being blocked in AppArmor, grep denied /var/log/kern.log To checkout what is being blocked sudo aa-autodep /opt/eset/esets/lib/libesets_pac.so To add libesets_pac.so to AppArmor in complain mode so it will prompt you with block or allow And then for prompting of blocking and allowing : sudo aa-logprof You will be prompted 2 times about libesets you need to allow it twice and then save the conf. You will experience blocks from dhclient/dhcp-helper and cups As far as I understand , dhclient and cups by default are denied in AppArmor by the default config , so that's why when ESET is trying to connect to them or scan or I don't know exactly it's being blocked If someone from ESET team could provide more assistance it would be appreciated. aa-logprof won't prompt you about dhclient,cups because they are in enforced mode not in complain, if it's possible an advice by ESET to know if it's ESET that is trying to access them or not , because in the log the DENIED time is the same as ESET's log ESET is being denied this : apparmor="DENIED" operation="connect" profile="/sbin/dhclient" pid=1231 comm="dhclient" family="unix" sock_type="stream" protocol=0 requested_mask="send receive connect" denied_mask="send connect" addr=none peer_addr=" apparmor="DENIED" operation="connect" profile="/usr/lib/NetworkManager/nm-dhcp-helper" pid=2747 comm="nm-dhcp-helper" family="unix" sock_type="stream" protocol=0 requested_mask="send receive connect" denied_mask="send connect"
-
Ubuntu18.04 | ERA installation error
Nightowl replied to avielc's topic in ESET PROTECT On-prem (Remote Management)
Yes I understand what apt-get remove/purge does , but I wanted to know how did you fix it , I understand now that you did install an earlier version of libssl -
Ubuntu18.04 | ERA installation error
Nightowl replied to avielc's topic in ESET PROTECT On-prem (Remote Management)
So what you have done is removing the libssl and you did replace it with something else? -
WPS Office - Missing in Installed application
Nightowl replied to Justin's topic in ESET PROTECT On-prem (Remote Management)
Is that what you are looking for ? : -
Malicious trafic
Nightowl replied to Danutak's topic in ESET Internet Security & ESET Smart Security Premium
I think if you request from your ISP they will provide you a router so you can make your cable modem as a bridge mode and then connect it to the router and your devices should be connected to the router while the router have the firewall on , so it's more safe and secure to stay behind a router more than to stay behind not-protected cable modem. Or you can go ahead and buy a router without requesting from the ISP Example : Cable Modem as Bridge Mode connected to a router let's say a OpenWRT router , And then your devices are connected to the router and behind a firewall with a configuration that looks like this that will keep your incoming ports closed or hidden(stealth/reject) And then there is the option in the router where you can block pinging and ICMP,but most important is to filter/block all of the incoming ports unless you need a port opened or forwarded to a device then you can do it. -
Malicious trafic
Nightowl replied to Danutak's topic in ESET Internet Security & ESET Smart Security Premium
Sadly , OpenWRT do really change the router in terms of everything in the firmware. I never heard of Hitron before also. -
Malicious trafic
Nightowl replied to Danutak's topic in ESET Internet Security & ESET Smart Security Premium
If your router firmware is old and there is no updates for it and you want to switch firmware check out this website : https://openwrt.org/ It's an open-source firmware that can turn your router into a good router. -
AppArmor/SELinux Support
Nightowl replied to Nightowl's topic in ESET NOD32 Antivirus for Linux Desktop
I will try and I hope for a good result, Thank you Marcos. -
AppArmor/SELinux Support
Nightowl replied to Nightowl's topic in ESET NOD32 Antivirus for Linux Desktop
Why not , you just configure AppArmor to allow ESET to do it's job , it's similar to Windows Isolation system and yet v12 supports it Free alternatives like Sophos can work along with AppArmor , so the question why ESET cannot. Disabling AppArmor is not really recommended because it isolates the programs from touching the system where they are not meant to touch the system. Customer Care doesn't really respond to this , or will reply to me that it's not supported , but now most Linux distros use SELinux/AppArmor , so why disabling a security feature in Linux for the AV to work instead of working as extra layer of protection. -
Malicious trafic
Nightowl replied to Danutak's topic in ESET Internet Security & ESET Smart Security Premium
Check the PC that you received the Flood Attack from , ESET should give you the IP of the source. See what is causing the flood attacks.