Jump to content

Zurd

Members
  • Content Count

    33
  • Joined

  • Last visited

Profile Information

  • Location
    Canada

Recent Profile Visitors

504 profile views
  1. No worry, those are all wired computers in an office :)
  2. Thanks for the info, it definitely makes sense to add the network in the trusted zones, especially if it's a Windows domain so that everything that is remote from the server can work as expected.
  3. Anyone has any thoughts about adding the whole network like 192.168.0.0/255.255.255.0 in the Trusted zone? It allows ping to the computer but at the same time, I wonder why you would want to put the whole network as trusted. What if a computer is infected and start attacking other computers on your network? Shouldn't the Trusted zone always be empty? https://help.eset.com/ees/7/en-US/trusted_zone.html
  4. Indeed, an alert message coming from ESET's software is not ESET problem. The developer's of ESET never put that message there, they have nothing to do about it, this is basic computer knowledge :)
  5. You should have posted this before or just answered my questions better and we wouldn't have wasted so much time. You should add this information about IDS exceptions of duplicate IP in your knowledge base, that will save time for others: https://support.eset.com/kb3430/?viewlocale=en_US
  6. After some research, I just found out there is an option already in ESET in IDS to disable the duplicate IP addresses messages. You do not need to whitelist any IP which would be a bad security decision and which shouldn't be suggested by ESET's administrators. To disable those warning, go into Settings / Network Protection / Network Attack Protection / IDS Exceptions, click Edit then Add. Choose Duplicate IP addresses and set to No all of them which are Block, Notify and especially Log so you will not see those alerts in ESET RAC. If you have ESET RAC, you can create a custom policy
  7. Yes, there is a duplicate IP detected. I don't have to do this test, I believe you that there is one. That is not the issue. Like I said before, what about having an option in ESET to not warn about duplicate IP? But just those warnings without having to whitelist anything.
  8. Yes, if I whitelist the IP range in ESET's IDS (Intrusion Detection System), I won't be notified about duplicate IP addresses. However, I also won't be notified when a real intrusion or attack occurs. We might as well uninstall ESET's firewall? Wouldn't that achieve the same goal? I don't understand why you say it has nothing to do with ESET. The warning message of duplicate IP comes from the software ESET. It has everything to do with this software. Wouldn't it be a good idea to add, in the future, an option to not warn about duplicate IP?
  9. If we set an IDS exclusion for an IP range, doesn't that defeat the purpose of having ESET's firewall? Isn't there any other solution like an option to disable the duplicate IP message? Whitelisting IP's just for a false positive is extreme. It's actually more than just a false positive, it's just a duplicate IP, it is in no way an attack on the network.
  10. Products used: ESET Endpoint Security 7.0.2091.0 with ESET Management Agent 7.0.577.0 and Detection Engine 19287 (20190501) Operating System: Windows Server 2016 Standard and Windows 7 or 10 computers ESET RAC: ESET Security Management Center (Server), Version 7.0 (7.0.577.0) and ESET Security Management Center (Web Console), Version 7.0 (7.0.429.0) Problem: Both ESET RAC and each computer running ESET Endpoint Security will display an alert message saying "Duplicate IP addresses on network" but there shouldn't be any message. Cause of the problem: It can be easily reproduc
  11. I had the problem below while trying to push an installation on a computer. I tried to install the .MSI file manually and it worked on the computer. Eveything else was fine since I already pushed quite a few other installations. Turns out the only thing needed to make this work was to reboot the server running ESET Remote Administrator. Not sure why, maybe a Windows Update but it's all good now. I didn't see anything like this on the forum so I thought I'd share the solution. So in case it's not working, just reboot! Operating System: Windows 7 Professional x64 Edition Operating Sys
  12. Where would that option be? I can't find it. Will that use more bandwitdh to communicate with every clients?
  13. After much testing everything's working! Here's some tricks that can help to troubleshoot this. In ESET RAC, in the Clients tab, there's a column for "Requested Policy Name" and "Actual Policy Name". This page helps in setting up ESET RAC: hxxp://kb.eset.com/esetkb/index?page=content&id=SOLN3453&locale=en_US In the client, this option is available in: Options > Antivirus & antispyware > Real-time file system protection > Setup... > Extensions and not in: Options > Antivirus & antispyware > Exclusions by path It takes forever for the client
  14. I tested the policy with another settings just for testing, the "Scan removable media", is now at No, I rebooted the client computer but this option is still checked. We only have one custom policy, we're modifying "Windows desktop v5" but I also tested with v3 and v4 but it's still not working. The client computer is using ESET Endpoint Security 5.0.2229.1
  15. I saw in the documentation that [policy] "Rules are applied immediately after the client connects to the server" So I rebooted the computer but I still cannot see this new policy.
×
×
  • Create New...