rgoldman
Members-
Posts
63 -
Joined
-
Last visited
About rgoldman
-
Rank
Newbie
Profile Information
-
Location
USA
Recent Profile Visitors
The recent visitors block is disabled and is not being shown to other users.
-
rgoldman started following Secure Authentication/Outlook Desktop App , ESET FDE Deply Remote (Without Password) and Mail Security
-
Hi I've been able to remotely deploy EFDE on Windows 10 with TPM. However, a password is required to set on the Endpoint itself, is there a way to do that within ESET Protect possibly, or the EEE Server - I haven't deployed the EEE Server.
-
I have, thank you!
-
Update ESMC 10.0.14 from 9.1.292.0
rgoldman replied to bruno67's topic in ESET PROTECT On-prem (Remote Management)
Also check ODBC driver version https://help.eset.com/protect_install/91/en-US/database_requirements.html -
rgoldman reacted to a post in a topic: ESET PROTECT 9.1.18.1 (hotfix) - Problem access console after Update onprem
-
Hope they bring it back similar to how it was. Was hoping to implement for 200-300 users. Anyway yeh download is 404 and can’t get license.
-
Was just about to fire up a Mail Security instance in our data center for us and our customers and noticed I can't get a license. Where is Mail Security for Linux?!
-
Yes I've been needing this. Insurance companies are making 2FA pretty much mandatory for everything. A simple 2FA method (or app which ESET has) when connecting through ActiveSync/Outlook clients would be perfect. I did a trial run of SA for a little while and it's perfect I just would need this added authentication for ActiveSync. Like as soon as possible! : ) I think if it could remember the device for 90-120 days without needing the 2FA again would be great and make everyone happy. The user's wouldn't constantly be required to enter codes.
-
Hello Does ESET SA support ActiveSync connections yet, like for mobile devices and Outlook connections? Thanks
-
rgoldman reacted to a post in a topic: Hafnium related? False positive?
-
russell_t reacted to a post in a topic: Hafnium related? False positive?
-
Getting alerts today on some of these (Exchange server): Object URI: file:///C:/Windows/Microsoft.NET/Framework64/v4.0.30319/Temporary ASP.NET Files/owa/8e05b027/e164d61b/App_Web_oierlfno.dll Severity: Warning Detection Type: Trojan Detection Name: MSIL/Webshell.BY Object Type: File Action Performed: Cleaned by deleting Anyone know if this could be legit or false positive? Thanks
-
I understand. I was just wanting to exclude one of my domains, not powershell completely. Thanks!
-
Thanks for the help
-
No but I didn't want to post it here, it's xxxxx.
-
An Event Log notification has occurred with the following parameters: Process Name: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe Object URI: https://mydomain.dom/s/MTx56fiz7kKC4No/download Severity: Warning Detection Type: Detection Name: Blocked Object Type: file Action Performed: Connection terminated Restart: no Circumstances: Event occurred during an attempt to access the web.
-
<?xml version="1.0" encoding="utf-8" ?> <ESET> <LOG> <RECORD> <COLUMN NAME="Time">9/8/2021 10:09:10 AM</COLUMN> <COLUMN NAME="Scanner">HTTP filter</COLUMN> <COLUMN NAME="Object type">file</COLUMN> <COLUMN NAME="Object">https://mydomain.dom/s/MTx56fiz7kKC4No/download</COLUMN> <COLUMN NAME="Detection">Blocked Object</COLUMN> <COLUMN NAME="Action">connection terminated</COLUMN> <COLUMN NAME="User">SHOPTECH\user</COLUMN> <COLUMN NAME="Information">Event occurred during an attempt to access the web by the application: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (F43D9BB316E30AE1A3494AC5B0624F6BEA1BF054).</COLUMN> <COLUMN NAME="Hash">35D8C4E86ECF41973D340BCC02B7DAEC4077106B</COLUMN> <COLUMN NAME="First seen here">8/11/2021 10:09:14 AM</COLUMN> </RECORD> </LOG> </ESET> export.txt
-
Hi and thanks It says its the HTTP filter, so I'm thinking I need to create a new policy and refresh it.