-
Posts
12,172 -
Joined
-
Last visited
-
Days Won
319
Everything posted by itman
-
Suspicious firewall blocking
itman replied to BKab's topic in ESET Internet Security & ESET Smart Security Premium
Inbound UPnP traffic; i.e. port 1900, UDP, is a security risk; especially if originating from the router. Most ISP issued routers no longer perform that type of network traffic. You can stop this type of traffic by disabling Win SSDP service. I have w/o any subsequent issues occurring. Alternatively, you can disable UDP PnP processing on the router. Unless you really know what you are doing, I would not override Eset firewall inbound blocking -
Suspicious firewall blocking
itman replied to BKab's topic in ESET Internet Security & ESET Smart Security Premium
All the blocked entries are for inbound network traffic from svchost.exe. They are also all UDP protocol related. Have you modified Eset default firewall rules or added new firewall rules? -
ESET complains about HTML/ScrInject.B on website
itman replied to cyb's topic in ESET Endpoint Products
Other security solutions detect malware on this web site: https://www.virustotal.com/gui/url/b46e440427a1adca8708e0d7ae228ff3380b47975ae146cc749f610ffea6357e -
The no. of accounts varies by Eset in-country provider. In the U.S., it's a minimum of 10 licenses! Also as a FYI, what Eset is doing marketing-wise is not unique among AV solutions. BitDefender's VPN solution also has a 10 license minimum purchase: https://www.bitdefender.com/solutions/premium-security.html .
-
As far as WindScribe VPN goes, they do offer a "not to bad" free version and other options to lower its paid version cost: https://www.techradar.com/reviews/windscribe
-
Someone at malwareips.com noted it's WindScribe: https://malwaretips.com/threads/eset-v17-0.127074/post-1066689 .
-
ESET Firewall and Steam
itman replied to arcanum's topic in ESET Internet Security & ESET Smart Security Premium
This is not going to get resolved until you post the Eset logs @Marcos requested. Only Eset moderators can access forum attachments. -
Secure banking and browsing
itman replied to Daamu32's topic in ESET Internet Security & ESET Smart Security Premium
From a developer's point of view, it was probably one of the worst features Eset implemented. It required constant maintenance of an internal whitelist of known banking and select financial web sites with constant forum postings for some web site not being included. Bottom line is Eset wants you to always run in Secure all browser mode since it eliminates all the above. If you chose not to do so, B&PP standalone mode still exists accessible from Win desktop icon or within the Eset GUI. -
Secure banking and browsing
itman replied to Daamu32's topic in ESET Internet Security & ESET Smart Security Premium
It has been noted multiple times in past forum postings by Eset moderator that B&PP redirection would be removed in future Eset versions. The more recent of these postings stated it would be removed in ver. 17 as noted below; -
Safe Banking and Browsing
itman replied to a topic in Quick questions by guests (registration not required)
Only for Firefox. Eset doesn't support Brave browser. -
Refer to this Sucuri scan of your web site: https://sitecheck.sucuri.net/results/https/beskidzywiec.pl .
-
Scheduled Scans
itman replied to Aryeh Goretsky's topic in ESET Internet Security & ESET Smart Security Premium
Actually, it's a problem for any AV solution currently performing HTTP/HTTPS scanning. See this posting/thread on the subject: https://forum.eset.com/topic/38340-web-access-protection-and-encrypted-client-hello-ech/?do=findComment&comment=173774 . Appears the only security solution that performs HTTP/HTTPS scanning that has figured out how not to bust ECH tunneling is AdGuard and only if using their DNS servers. -EDIT- "To add to this mystery" the Cloudflare test web site: https://www.cloudflare.com/ssl/encrypted-sni/ is excluded from Eset HTTP/HTTPS scanning which can be verified by mouse clicking on the web site page lock symbol and noting that Eset's root cert. is not shown. However if Eset SSL/TLS scanning is disabled, then the Secure SNI test passes. One possibility is Clouldfare is redirecting to this web site: https://crypto.cloudflare.com/cdn-cgi/trace/ to perform the Secure SNI test. This web site is scanned using Eset SSL/TLS processing. -
ESET Firewall and Steam
itman replied to arcanum's topic in ESET Internet Security & ESET Smart Security Premium
Steam has instructions here: https://help.steampowered.com/en/faqs/view/66C8-4FF1-8470-B666 when using a firewall. -
ESET Firewall and Steam
itman replied to arcanum's topic in ESET Internet Security & ESET Smart Security Premium
Based on what is posted here: https://help.steampowered.com/en/faqs/view/2EA8-4D75-DA21-31EB , it appears Steam randomly assigns ports in the ranges specified in the article. Hence, Eset firewall alerts being generated when different ports are being used. You might consider creating firewall rule/s for Steam processes for the port ranges specified. Or, creating generic rules for Steam processes without port specification. -
Again, the problem is with your router configuration; https://medium.com/@jamescuban99_23577/how-do-you-resolve-an-ip-conflict-and-what-is-it-6d4f651a3508
-
First, refer to this Microsoft article: https://support.microsoft.com/en-au/topic/fix-duplicate-ip-address-conflicts-on-a-dhcp-network-d68499da-69a3-da3b-4630-d17e502adf50#bkmk_details . You can also exclude the static IP address from Eset IDS detection as shown in this Eset knowledge base article: https://support.eset.com/en/kb2933-arp-icmp-or-dns-cache-poisoning-attack-in-eset-home-products-for-windows .
-
Open Eset GUI -> Network protection - Network Connections. Select your network connection and right button mouse click on it per below screen shot. Select Edit and change network profile from Public to Private. Once changed to Private, you can additionally set the network connection to "My Network."
-
To receive equivalent protection you need to enable Secure all browsers option for Safe Banking & Protection per below screen shot. In this mode, the Eset supported browser is in essence running in permanent Banking & Payment protection mode. Also note that the previous redirection to Banking & Payment protection mode only worked for select financial web sites previously defined by Eset; not all such classified web sites.