Jump to content

BaldNerd

Members
  • Posts

    36
  • Joined

  • Last visited

Everything posted by BaldNerd

  1. Fantastic - thank you so very much Ashley! I'll let the customer know. Robbie
  2. Hi all, I've got a customer site who uses ESET PROTECT Complete, and they can't have pre-boot auth enabled in their environment. All fine and good to disable it via policy in ESET PROTECT Cloud, but problem is, the systems with the pre-boot auth disabled turn red signifying an Error state. Not good when it comes to auditing the security of the environment, especially since this is an intended action. Anyone have a way to change the threshold for what qualifies as an "Error"? Essentially, we need a way to acknowledge the fact that pre-boot auth has been disabled, and set the state to OK even though it is disabled. Thanks! Robbie Ferguson
  3. @samzike I appreciate your desire to solicit legitimate user feedback from the ESET community. Even if you're able to receive such commentary, you'd be opening quite a can of worms: ESET products span everything from the single-device home account to many hundreds of thousands of computers running central management and EDR. I think, therefore, it would be best for you to try to determine who the target audience for your review will be (ie. is it someone with 2 computers and an Android phone? Or is it a business with 100 computers and a few servers?), and be a little more specific in what information you request based on that. Perhaps even take the appropriate product for a spin yourself, so you are able to formulate a direct opinion of the product you choose to review. Good luck with the review! Robbie // The Bald Nerd
  4. Glad I could help @Nkosinathis Robbie // The Bald Nerd
  5. Description: Ability to update PFX associated with MDC policy programmatically rather than through web interface. Detail: We have MDC using a Let's Encrypt signed cert. These certs get auto-generated every 90 days via a cronjob. Currently, while the cert itself (a PKCS#12 PFX file) gets created successfully on schedule, I must manually edit the MDC policy within the ESMC web console to upload the new PFX to the policy. I would like to be able to instead import the new PFX file directly to the policy, possibly by way of a Linux command line tool whose command I can include within the Let's Encrypt cronjob. An [easier?] alternative would be to allow the MDC policies to link to a hard file path for the PFX. That way I could just replace the PFX file as needed, restart the eramdmcore service, and allow the policy to simply pick up the new PFX on load. Thanks! Robbie // The Bald Nerd
  6. https://ela.eset.com - enter your license key at the top left to administer the license. Robbie // The Bald Nerd
  7. Yeah, ESET doesn't make it easy: that's why I suggested a phone call rather than a Google search I don't personally deal with box versions since the download version is always more current (as far as the installer goes). Just have to be sure, regardless of the version, that you're dealing with a legitimate ESET partner. Like that nerdy bald guy on the left. Haha! Robbie // The Bald Nerd
  8. Oh, I see. So you issued your own trial or something and attempted a deploy without installation support services? I'd highly suggest that you consult ESET Support for EEI. It is not intended to be self-installed. That is why when selling it, you must include ESET installation support services and priority support in the sale. Speak with your regional sales manager for more info. Robbie // The Bald Nerd
  9. @Fenway I believe what you are describing is that the retailer you purchased it from is listed as the ESET Partner for your license profile, and you want to separate yourself from them. Short answer: If you renew through a different partner, the profile gets updated in kind. Renewing through ESET directly does not necessarily make this change, though at least then the "shady" retailer doesn't get your money again. To alleviate some of your concerns, while it does appear the retailer may have pushed you to purchase some extras, both MalwareBytes Premium and SuperAntiSpyware play nicely (for the most part) with ESET products. You may experience minor performance degradation, but nothing debilitating. Both of those products are meant to add protection against malware (ie., not "viruses" in the traditional sense). That said, as an account manager for one of ESET's Platinum partners, my suggestion to you would be to upgrade your ESET product to one which negates the need of yet more software installed on your machine. ESET NOD32 Antivirus is an excellent antivirus. But these days the enhanced features of ESET Internet Security or even ESET Smart Security Premium are necessary to protect against ransomware and other threats that aren't classified as "viruses" (think: social engineering scams, data theft, and so-on). We (myself, or any other ESET vendor) could upgrade your existing license for you, which technically would negate the need to have all that extra software on there. Regardless, renewing your existing license through a different partner will ensure your ESET license is associated with the new partner. I could do this. Any other partner could do this. I'd be happy to help if you like, though I am careful not to come across as advertising "buy through me" on here. If you want to chat, feel free to DM me and I'll gladly assist, though I am not here to solicit. Option B would be to call ESET and ask them for a few names of local companies that are official partners. Then, you can choose who you'd like to deal with. Cheers, Robbie // The Bald Nerd
  10. I would suggest contacting the ESET support rep who assisted with the EEI deployment. You cannot simply change your IP address on an EEI server and hope for it to work without a lot of reconfiguring. A lot goes into setting up an EEI infrastructure. Robbie // The Bald Nerd
  11. @Lightning As @itman pointed out, there's no such thing as what you're explaining That said, if you indeed have an ESET product installed and need to remove it but cannot go about removing it by traditional means, you may use the ESET Uninstaller tool: https://download.eset.com/com/eset/tools/installers/eset_apps_remover/latest/esetuninstaller.exe Documentation is here, if you need it: https://support.eset.com/kb2289/#Windows10 Robbie // The Bald Nerd
  12. The ESET rogue scanner must be picking up each device that connects. It'd be tough to walk you through here in the forum, so perhaps a call to ESET support would be helpful if you're stumped, but I have a feeling you may have a networking issue if those devices are meant to be entirely separated from your LAN. Key point: those "rogue" devices are indeed devices which ESET Security Management has seen on your network. Personally I'd want to find out why the network is allowing cross-talk like that, since I'd dread the thought of BYOD having any amount of access to the corporate network without admin approval. Hope you figure it out!! Robbie // The Bald Nerd
  13. @Nkosinathis the only way ESET could be part of this issue is if the icons are hosted on a CDN that is being blocked for some reason. Temporarily disable your ESET product by right-clicking on it and choosing to turn it off for 5 minutes. During that window, open OneDrive. Are you icons back? Or still gone? If they're still gone, it has nothing to do with ESET. If they're back, best way we could help is if you right click where one of the icons are meant to appear and "Inspect", and then send us the URL that it is supposed to include in the <img src=""> tag. Once you know the CDN that is being blocked (which can be determined by the image URL), you can make a decision about how you want to address the problem. Obviously it's blocked for some reason (maybe someone was using the same CDN to distribute malware), so simply excluding it would not be advised. Cheers, Robbie // The Bald Nerd
  14. Hi @ScottWStewart Is there any chance you share your WiFi access or otherwise allow people to temporarily connect to your network? Cheers, Robbie // The Bald Nerd
  15. Just a suggestion: you might get better technical support if you didn't call technical support useless. Might be a good life lesson for you. Robbie // The Bald Nerd
  16. Do you have any network shares mounted to your computer as a drive letter which are accessed through the VPN? If yes, you might consider turning off scanning of Network Drives in the Real-Time Protection settings. This feature is on by default, and in many scenarios can be helpful, but over a VPN it'd be devilishly slow and could account for the strange scanner behavior. Robbie // The Bald Nerd
  17. Yeah, this does not sound like a virus. This sounds like command and control. Ie., someone is actually controlling your computer remotely. I'd suggest getting a local computer shop involved in cleaning it up, and in future make absolutely sure you are using a product that includes the 2-way firewall (eg., ESET Smart Security Premium), and never ignore the warnings without reading them carefully. You also have to be careful what you click on. It is most likely (though I can't know for sure with the little information you provided) that the tool the malicious user is using to control your computer was installed by clicking on a bad file. Sometimes an email attachment, or sometimes a social engineering trick like "Click here to download free game". If other people have physical access to your computer, also make sure Google Remote Desktop is not installed (since I assume it wasn't you who installed it if it's there), and other remote admin tools like LogMeIn, VNC Server, ScreenConnect (ConnectWise), TeamViewer, etc. are removed if they exist (again, since it sounds to me like you didn't install them, so they might be the tool being used by the malicious party). Good luck
  18. Hi there, The MDC must be activated by a single license. But once activated, there is no obvious place to assign which license is in fact used for various mobile deployments. Scenario: Department 1 has 300 Android phones and an EEPA license for their devices. MDC is activated against this license, and the phones are protected by MDM. Department 2 has 150 Android phones and an EEPA license for their devices. Attempt to deploy MDM results in Department 1's license being used, showing as being over its device limit. How would the IT team remedy this and allow each department within the organization to deploy its own license on their mobile devices. All departments are administered by the same IT department via a single ESMC/MDC. It is not an option to deploy individual ESMC/MDC servers for each department. Thanks! Robbie // The Bald Nerd
  19. You're assuming he has a home product, @Marcos. Need more info to answer. I disagree about it not being necessary since the license server keeps track of how many devices are using the license and a user must be licensed for each (regardless of whether it is on/connected or not).
  20. Hi @GrantMG Is this a consumer (home) product, or a business product? If it is a business product, is it administered by an ESMC / ERA server, or just standalone?
  21. Thanks @Mirek S. Any chance you have a Linux binary that uses the API to output JSON via command switches? From a quick glance at the docs it looks like it's to allow writing API functionality into my own apps. But I'd much prefer a simple terminal command I can run with some arguments, if possible. I do not know C\C++. Robbie // The Bald Nerd
  22. What is the running operating system on the virtual machines? And what installer are you using?
  23. Thanks @Mirek S. Once again, pointed me toward the right direction. My immediate thought reading your reply was to check the policy. Sure enough, the policy itself requires I manually re-upload the PFX file. It doesn't link to the file on disk, but rather uses the web interface to replace the cert manually. Uploaded the new file that way, and it worked. Problem fixed. So, the question now is, do I need to manually upload my PFX file like that every 3 months (Let's Encrypt certs are valid for 90 days) or can it be done from the Linux shell so I can script it into the cronjob? It'd be REALLY nice to not have to manually do the cert. Thanks, Robbie // The Bald Nerd
  24. Thanks @Mirek S. I've added the root CA to my fullchain as instructed, re-created the PFX, and even re-compiled MDC against the new PFX just to be sure... restarted eraserver, tomcat9 and eramdmcore services, sent a wakeup call, and still see the same error after several minutes of waiting: HTTPS certificate chain is incomplete. Enrollment is not allowed. I even rebooted the entire server just to ensure it wasn't a service I missed caching the old chain. Any suggestions? Thanks! Robbie // The Bald Nerd
×
×
  • Create New...