Jump to content

kamiran.asia

Members
  • Content Count

    192
  • Joined

  • Last visited

Profile Information

  • Gender
    Male
  • Location
    United Arab Emirates
  • Interests
    ESET Softwares

Recent Profile Visitors

2,538 profile views
  1. It seems that there is a problem in ISP , We will work on this problem , Thank You Very Much.
  2. Hi Dear Marcos and thank you for your rapid response as usual 😍 the Log is attached. logs.txt
  3. Hi Dear ESET Support. We have problem in our Mail Security For Exchange. As You can see in Screen Shot of Mail Security , Anti-Spam Connection is limited. We have ping connection to all these servers : h1-ars01-v.eset.com 91.228.166.61 h1-ars02-v.eset.com 91.228.166.62 h1-ars03-v.eset.com 91.228.166.63 h1-ars04-v.eset.com 91.228.166.64 h1-ars05-v.eset.com 91.228.166.65 h3-ars01-v.eset.com 91.228.167.36 h3-ars02-v.eset.com 91.228.167.67 h3-ars03-v.eset.com 91.228.167.68 h3-ars04-v.eset.com 91.228.167.74 h3-ars05-v.eset.com
  4. As our test in our company ESET IDS can block Zerologon as this detection and block attacker IP for 1 hour :
  5. No Dear , Problem is Why IDS in 2008R2 did not block communication from attacker ip . attack will block but communication will not block for 1 hour for attacker IP. So hacker can attack over and over again. As you know when IDS block an IP address , All communications is block for 1 hour ( Ping , ... ) It seems that it is a bug or may be a lake of security in 2008 R2.
  6. Yes Dear , As you can see in the picture we have Network section and attack is detected and Attacker Ip is listed in Black list of IDS.
  7. Dear ITMan , This problem is just in 2008 R2 , In 2012 , 2016 , 2019 , ESET IDS Detect CVE-2020-1472 , and The Attacker ip Blocked ! while other Security vendors like kaspersky , bitdefender and mcaffe ( As we tested ) did not detect this attack. we use picuslabs tool for this attack test . https://github.com/picussecurity/picuslabs/tree/master/CVE-2020-1472 Zerologon Also we test Other CVE-2020-1472 scripts and the result was the same as picuslabs tools. the Question is why at 2008 R2 Attack is blocked but attacker IP not blocked even when it is listed in Blacklist IP list
  8. No Fresh Windows installation and then ESET installed with all in one installer. No items in questions .
  9. Full Screen Shot ... Attacker Pc : 192.168.235.1 Server : 192.168.235.132
  10. 192.168.235.1 is the attacker and CMD is from attacker PC. Attacker PC is my PC and Server is a VM. these two windows mix in one screen. 😊
  11. Hi Dears. We find s.th in file security v7 - 7.2 . If attacker blocked by IDS ( for Example Zerologon attack ) Ip will not block for 1 hour ! is this a bug or a problem in 2008R2 ? Best regards.
  12. No this ESMC was always at a Windows Server. Other Clients are Connected , This new installation did not connect. 😟
  13. Hi Dears. We have Client with agent 7.2.1266.0 could not connect to ESMC. The Logs is attached . The error is : AUTHENTICATION_FAILED (Error description: unable to authenticate entity) Best Regards. Logs.zip
  14. Hi Dear ESET Support. We find a special issue in V7.0 and 7.1 in some version of windows 10 : GUI will become Red with "Antivirus Protection is non-functional" Error in Protection Status. Real Time and all modules are work probably (As Screen Shots) but the AV is become Red in ESMC. This issue occurred in last 7 days and the solution is upgrading to V7.3. But is there any changing in that versions cause not support win10 any more in some circumstances ? Or it is a bug in those legacy versions ? Statistic of this issue is about 40% of all Win10 in network.
  15. Hi dears , Same Problem for many of our Customers. We Think that old Version of V7 ( 7.0 , 7.1 ) on Windows 10 have this problem , Repair old version will fix the problem or Upgrade to V 7.3 and restart is needed. But what is the problem ? It seems that there is problem in new updates.
×
×
  • Create New...