Jump to content

hgm

Members
  • Posts

    5
  • Joined

  • Last visited

Kudos

  1. Upvote
    hgm gave kudos to Marcos in Clarify Detection: JAVA/Exploit.CVE-2021-44228   
    Please check if the detection is still being triggered. Today the detection was fine-tuned to avoid certain false positives.
  2. Upvote
    hgm gave kudos to itman in Clarify Detection: JAVA/Exploit.CVE-2021-44228   
    Refer to this: https://forum.eset.com/topic/30842-apache-http-proxy-version-2452/ if applicable to your installation.
    Also, it is not just Apache server that is affected by this vulnerability, but many other products: https://github.com/NCSC-NL/log4shell/blob/main/software/README.md . Here is the Github web page with comprehensive information on this vulnerability including scripts that can scan devices for vulnerable software: https://github.com/NCSC-NL/log4shell .
    It is possible that IE11 accessed a compromised web site and was redirected to a known attacker server trying to exploit the Log4Shell vulnerability. In other words, this was an initial exploratory attempt against the source device. Since Eset blocked this access, there is nothing to be concerned about at the current time in regards to this particular incident.
  3. Upvote
    hgm gave kudos to itman in Clarify Detection: JAVA/Exploit.CVE-2021-44228   
    Yes.
    Since this was outbound communication which Eset allows all by default, I assume this IP address, 117.2.3.4, is on the Eset IP address blacklist. Have you applied all Log4Shell Apache server and related software vulnerability patches?
  4. Upvote
    hgm gave kudos to noorigin in Real-time file protection is non-functional after update to 7.3   
    Just to follow up, in the end I reinstalled v7.2 and everything is now OK. I'll be waiting for v8 before doing any more upgrades.
  5. Upvote
    hgm gave kudos to noorigin in Real-time file protection is non-functional after update to 7.3   
    This is important guys.... with no ETA on v8 and some of us managing dozens/hundreds of servers, we really need to kinda know if it is safe or not to upgrade. I have a few dozen more to do but am terrified RTFP wont work and my only recourse is to reinstall the OS. Can you give us ANY guidance at all regarding what to look out for before upgrading? I feel like there should be an announcement on the front page or something....
  6. Upvote
    hgm gave kudos to noorigin in Real-time file protection is non-functional after update to 7.3   
    So what is the issue? Simply saying " you gotta reinstall the OS" then dropping the mic and walking away is not cool. Does this mean we all run a risk of OS reinstallation when upgrading ESET FS? How can we update and NOT be affected by this, or at least know if we will be? Anywhere we can read more about this "known issue"? More info please!
  7. Upvote
    hgm gave kudos to anjayani in eset outdated   
    hi,
    regarding this https://support-eol.eset.com/en/trending_vista_7.html
    is there a way to hide the outdate message on endpoint GUI and in the esmc/eset protect?
    and what will happen if i stay in endpoint v7.1 until the last time? what functions / features will be disabled?
    im asking this because, i have many user that impossible to upgrade the OS/Endpoint , in many reasons.
     
    do we have a trick? i bet my job for this
     
    thx in advance
  8. Upvote
    hgm gave kudos to GregA in Dynamic group for outdated Agents in ESMC?   
    This is my Dynamic Group rule.

  9. Upvote
    hgm gave kudos to Miami in Dynamic group for outdated Agents in ESMC?   
    Hello, 
    we use dynamic group with following template configuration to show us all V6 Agents. I am sure you can adjust that to ver 7.

    Of course the group is populated on next connection of the client (agent).
×
×
  • Create New...