Jump to content

Outcast

Members
  • Posts

    49
  • Joined

  • Last visited

Everything posted by Outcast

  1. Under "Advanced setup" > "Log files", my "Minimum verbosity" setting was and is set to "Informative". I had and still have "Close message boxes automatically" disabled. I have no clue how I can review the message that was displayed. My goodness, I was present when the alert appeared, and I simply did not have time to review the alert and formulate a response to it. This is a completely unacceptable design. I am saying this as a person who works with monitoring and alerting for a living. My users would be continually aggravated if I alerted them and then deleted the alerts before they could respond. I understand the need to balance convenience with alerting functionality, but this alert only appeared because I configured the product to alert me. I didn't configure the product to alert me but give me only 60 seconds to evaluate the alert, understand its configuration, and respond to it. Thank you very much for the replies.
  2. ...Or could the alert have disappeared for some other reason? Maybe while the alert was on-screen, NOD32 checked the source application's reputation online, and decided that it was trusted, so the alert no longer applied? Moreover, how is it possible for a HIPS alert to appear, but for NOTHING to appear in the HIPS event log afterward?
  3. OK, so I guess I'll never really know the full difference between "Automatic mode" and "Smart mode". I've been using "Smart mode", and just got the first alert that I've been around to witness. I'd never seen the alert before and was scrutinizing it, making sure to configure the new rule as needed. But after a short period of time, the alert simply disappeared. There was nothing in the log, no new rule created--nothing. Is it possible to configure how long these alerts remain on screen? It's really frustrating for them to disappear while actively reviewing them.
  4. I'm running product version 14.1.19.0, trying to understand the real difference between "Automatic mode" and "Smart mode". The documentation page says: Are the "pre-defined rules" hard-coded, internal rules? I hope so, because my rule list in the UI is empty. If they're internal (i.e. hidden from the UI), what are these rules, exactly? It would be nice to know what they are, since knowing might help me decide if this mode is adequate for my purposes. When "Smart mode" is used, do the pre-defined rules used in "Automatic mode" still apply? The documentation makes it sound like "Smart mode" is very relaxed and not very protective.
  5. There is no way the servers were returning "invalid/expired license" results to a range of clients with legitimate licenses unless there was serious DB corruption. I expect the servers were either returning errors or totally unreachable, and the clients weren't smart enough to interpret this. I do this every day and I know the lingo, excuses, etc.
  6. Sounds to me like ESET's failover was manual and not automatic, and software clients aren't smart enough to retry before throwing an error. I bet rebooting the affected machines or perhaps simply recycling their network adapters will magically "resolve" the issue at least some of the time. The clients will be forced to reconnect, and they should reconnect to functional servers in so doing.
  7. I'm not still having issues, but this makes me wonder why issues in one DC would affect customers to this extent. Redundancy? Does ESET understand that it's embarrassing and annoying to be giving a presentation and have a goofy alert pop up, and then to waste time interpreting the alert? I've only been using the product for a matter of days. Is this a frequent thing?
  8. Now the message is gone. So, it was an ESET issue, as I thought. Authentication servers having issues? (Rhetorical) I don't want to sound rude, but the whole reason I'm trying to get away from Microsoft Defender in the first place is that it wasted my time.
  9. I'm currently running a trial of ESET NOD32 Antivirus 14.0.22.0 on Windows 10 Pro x64 20H2. This error just popped up on the main window: "ESET LiveGrid is not accessible ... The credentials used to access ESET LiveGrid servers are not correct." I have changed nothing. I don't even know what "credentials" it would be referring to. I was just sitting here, trying to work, not interacting with the product, and this notification/error appeared out of nowhere. I'm guessing this is an issues on ESET's side. What's going on?
  10. Mistake? The issue is resolved. For some reason, I had to exclude my email client from the local proxy (Proxifier) to make it work, but work it does. Thanks.
  11. I can tell from reviewing packet logs that the traffic on port 587 is indeed encrypted when "Enable TLS" is enabled, and yet it works. So my email server does support TLS on port 587, meaning that my web host's documentation is flatly wrong. Quite annoying. Thanks for the replies!
  12. I found that using "host.name:587" actually works whether or not "Enable TLS" is on. Since my server doesn't support SSL/TLS on 587 at all, I can only guess that when it's on, the application tries using TLS and then automatically backs off to plaintext.
  13. Because my mail server only uses SSL/TLS on port 465, I hadn't tried port 587 in that manner, only 465. As it turns out, 587 (i.e. host.name:587) works, but 465 (i.e. host.name:465) does not. Strange.
  14. I see the issue now. The ESET NOD32 Antivirus process ekrn.exe is attempting to use SMTP on port 25 (whether or not I have the "Enable TLS" setting enabled). My SMTP server uses ports 465 (SSL/TLS) and 587 (non-SSL) only. And the interface doesn't allow me to specify a port (I tried tacking :465 on the end of the hostname, to no avail).
  15. I'm currently running a trial of ESET NOD32 Antivirus 14.0.22.0 on Windows 10 Pro x64 20H2. I'm not having any other issues with the product, so hopefully this will be my last thread! I can't get email notifications to work. When I hit "Test" under TOOLS > Notifications > "EMAIL NOTIFICATIONS", I get "An error occurred while sending the test notification." with no indication of what the error is. - No log entry is created explaining what the problem is. - I've quadruple-checked my SMTP server host name, my username, and password. - I've tried using the SMTP server's IP address (rather than hostname). - I've tried disabling Windows Firewall. - I've tried disabling "Enable TLS". - I've tried excluding the SMTP server IP address from protocol filtering. - I've tried setting both "CERTIFICATE VALIDITY" settings to "Ask about certificate validity" (rather than "Block communication that uses that certificate") I have a bunch of other applications that send email from my PC just fine, so this is not a new thing to me. What could be the issue?
  16. It just started working for me, finally. I think someone fixed something behind the scenes. Thanks for the replies.
  17. I have both of those LiveGrid settings enabled. I did see one event log entry saying that there was an issue connecting to the LiveGrid servers--there was a yellow message on the main interface at the same time--but that was a couple days ago, when I was having connectivity issues in general. Currently there is no such indication in the UI or in the event log.
  18. I'm running a trial of ESET NOD32 Antivirus 14.0.22.0 on Windows 10 Pro x64 20H2. When I invoke the Tools > "Running processes" facility, nothing at all appears in the list. Clicking the refresh button doesn't help. It's supposed to show a list of all running processes, right? The name of the tool implies it does, but the window also says "This window displays a list of selected files with additional information from ESET LiveGrid." What does "selected files" refer to? Is this a known issue, or am I missing something?
  19. I have a memory scan that runs hourly. A desktop notification appears each time it completes. Is there a way to disable this notification only for the hourly scan? I don't think there is... Is there a way to disable desktop notifications for all completed scans? Would setting "Minimum verbosity of events to display" to "Warnings" accomplish this? If so, I'm guessing that would disable notifications for other things as well.
  20. I got it working. I excluded both poppeeper.exe and ekrn.exe from Proxifier by adding them each to a Proxifier rule with its action set to "Direct". Then I set "SSL/TLS protocol filtering mode" to "Policy mode". I verified that poppeeper.exe was listed in the "List of SSSL/TLS filtered applications" (it already was, and it was set to "Auto", which is how I left it). When I subsequently saw ekrn.exe connecting the email server on port 993, I knew it was working. Another test message verified as much. Thank you for the replies.
  21. I'm using POP Peeper, but also using Proxifier which acts as a local proxy. I've tried various configurations (including bypassing Proxifier so POP Peeper connects directly to the email server), and can't get it to work.
  22. I just sent a plain text message to myself, and the message is unmodified. As I did with the HTML messages I tested with before, I also looked at the raw message content. How do I find my local ESET distributor to send a support request?
  23. I'm currently running a trial of ESET NOD32 Antivirus 14.0.22.0 on Windows 10 Pro x64 20H2. I have "Append tag messages to received and read email" set to "To all email when scanned", and "Update subject of received and read email" is enabled. Shouldn't this cause all received email to be modified, indicating that it was scanned? I'm not seeing any changes to my incoming messages. I'm receiving mail via IMAPS on port 993, and NOD32 is configured to "Enable IMAPS checking" on "585, 993". What could be going on here?
×
×
  • Create New...