Jump to content

rgoldman

Members
  • Posts

    63
  • Joined

  • Last visited

Posts posted by rgoldman

  1. Yes I've been needing this. Insurance companies are making 2FA pretty much mandatory for everything.

    A simple 2FA method (or app which ESET has) when connecting through ActiveSync/Outlook clients would be perfect. I did a trial run of SA for a little while and it's perfect I just would need this added authentication for ActiveSync. Like as soon as possible! : )

    I think if it could remember the device for 90-120 days without needing the 2FA again would be great and make everyone happy. The user's wouldn't constantly be required to enter codes.

  2. An Event Log notification has occurred with the following parameters:

    Process Name: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe

    Object URI: https://mydomain.dom/s/MTx56fiz7kKC4No/download

    Severity: Warning

    Detection Type: 

    Detection Name: Blocked

    Object Type: file

    Action Performed: Connection terminated

    Restart: no

    Circumstances: Event occurred during an attempt to access the web.

  3. <?xml version="1.0" encoding="utf-8" ?>
    <ESET>
      <LOG>
        <RECORD>
          <COLUMN NAME="Time">9/8/2021 10:09:10 AM</COLUMN>
          <COLUMN NAME="Scanner">HTTP filter</COLUMN>
          <COLUMN NAME="Object type">file</COLUMN>
          <COLUMN NAME="Object">https://mydomain.dom/s/MTx56fiz7kKC4No/download</COLUMN>
          <COLUMN NAME="Detection">Blocked Object</COLUMN>
          <COLUMN NAME="Action">connection terminated</COLUMN>
          <COLUMN NAME="User">SHOPTECH\user</COLUMN>
          <COLUMN NAME="Information">Event occurred during an attempt to access the web by the application: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (F43D9BB316E30AE1A3494AC5B0624F6BEA1BF054).</COLUMN>
          <COLUMN NAME="Hash">35D8C4E86ECF41973D340BCC02B7DAEC4077106B</COLUMN>
          <COLUMN NAME="First seen here">8/11/2021 10:09:14 AM</COLUMN>
        </RECORD>
     </LOG>
    </ESET>

    export.txt

  4. Hi

    Recently I have an issue with ESET blocking powershell from downloading a file on my domain/url. It's a bginfo script.

    I need to allow this to execute but I don't want to allow powershell access to everything, so I need to just allow my domain/url.

    First I added it to allowed/excluded in Web Protection but doesn't seem to allow it. Now I've attempted to create a firewall rule to see if that works. Any other ideas?

    Thanks

  5. Yes I’m hoping we don’t have to reboot after every installation/upgrade. I understand why but as said updates are coming pretty frequent and requiring reboots, which is partially on MS yes. End users need to work and not worry about fixing their computer all the time (@ MS not necessarily ESET). (I feel like a beta tester for MS at this point) It appears to me protection is not active until rebooted, at least on the recent 7x versions (I haven’t tried 8x for this reason yet).

    And the SSL/TLS issue is still up in the air.

  6. Had to uninstall yesterday to get my email to come through Outlook. As I said everything e-mail related in the policy is disabled. Someone said it shouldn’t matter but I also added exclusions for OST/PST files and the Outlook directory. It seems it takes a day or two for it to slow down but when it does it’s unusable. 

×
×
  • Create New...