Jump to content

beefydog

Members
  • Content Count

    11
  • Joined

  • Last visited

Profile Information

  • Location
    USA
  1. Word of warning: An extremely nasty Trojan with the signature of W64/Kryptik is infecting systems and, so far, only 3 programs are detecting it: F-Prot, Trend & Kaspersky. ESET lets it right in (now I have a weekend of fixing to do!!!).
  2. Ran a complete scan on another machine using the Rescue CD, ESET was unable to find the W64/Kryptik trojan (nor its spawns). Very disturbing news. So much for promise of zero-day protection.
  3. All my PCs (4 PCs, 2 servers) spontaneously got infected with the W64/Kryptik Trojan, so I desperately found an online scanner to run the cleanup, and 7 infections were found. After about 9 hours of scanning, the program crashed. I noticed that a few hundred other people had the same problem but with an older version (version 2, I believe) than whatever was available yesterday (18-06-27) from the website. Running Windows 8.1 x64 , updates through today: June 25, 2018. Trojan disabled my AV software (FPROT) and my anti spyware (Spybot S&D), Firewall on. Regardless, I'm scanning from th
  4. The default policy for Endpoint for Windows is "Firewall - Block all traffic except ERA connection" - this is why everything was blocked. I'll be making a new policy and reinstalling Endpoint again after many tests. I did discover the " Also evaluate rules from Windows Firewall " firewall rule. Nice.
  5. Installing the Antivirus got me access back to the machines (whew!). My complaint is that the default policy for the Endpoint is, for some reason, not working properly (it appears to be set to allow RDP connections, ICMP, etc, but none of these rules are applied in the stock policy). I hope future versions correct this bug as it could potentially be an IT disaster (Competitor's products actually adapt current firewall rules from Windows firewall - which would make more sense - at the very least, ASK if you would like to import Windows firewall rules at installation - or have a mechanism to c
  6. To matters worse, remote registry, ICMP and pretty much every single port is being blocked! I'm going to attempt to replace endpoint with just the antivirus and spend another couple of days figuring out ERA better.
  7. Ok. I've found in the ERA, under the Admin tab the ESET endpoint for Windows policy, then, clicked firewall Tab and see several options: Inbound Traffic From the Trusted Zone Outbound Traffic To The Trusted Zone Inbound Internet Traffic Outbound Internet Traffic Unfortunately, all these options are unselectable (greyed out) - so I can't add any ports nor applications. Is there no way to turn these on to be able to edit?
  8. I installed ESET Endpoint Security on a bunch of Windows PCs and, after installation, I noticed to my horror, that all Remote Desktop ports have been blocked (and I'm many miles away, but VPNed into the network) for all machines. I don't see anywhere in any instructions (the ERA guide) how to make changes to the firewall ports via Policies (to allow RDP in). HELP! Is there ANY instructions, anywhere that shows EXACTLY how to create policies of this nature - I've looked and only see really rudimentary stuff - nothing on ports?
  9. I did not realize the web protection required the firewall to be on. I'll have to figure this out. The Trusted Zone config was for the LAN subnet, but the firewall still blocks all ports including necessary Windows domain ports for every day networking. I supposed each and every app needs to be configured?
  10. I figured it out. Right click the selected workstation (or workstations), New Task-->Configuration Task, hit Create button, go to Windows desktop v5 --> Personal firewall --> Settings --> Firewall system integration, then select "Personal firewall completely disabled" (mark it first, then hit the Console button), then click the "next" button on the previous dialog. (and wait). Worked like a charm. I'll probably leave the firewalls off - totally unnecessary w/o our UTM firewall. just need endpoint security (USB drives, CD drives, etc)
  11. I setup the remote administration tools to be able to do push installs on Windows 7 (SP1) workstations, and, as a test, I did just a single push install, first the antivirus product, which was successful (then I rebooted and everything was fine). I then installed the Endpoint Security to the same Windows 7 workstation and now cannot ping, telnet, or anything to the machine. I presume the firewall locks all ports on the machine making it completely inaccessible from the outside. Unfortunately, I have to remotely get in via Remote Desktop (it's 200 miles away) and can't see to find any way to
×
×
  • Create New...