-
Posts
12,172 -
Joined
-
Last visited
-
Days Won
319
Everything posted by itman
-
Set up RDP in firewall
itman replied to wood1e2's topic in ESET Internet Security & ESET Smart Security Premium
By standard user account, I assume you literally mean just that and not the default local admin account. This is done obviously for security reasons. You can alter standard user account privileges using Group Policy. See this article for reference: https://community.spiceworks.com/topic/333331-how-do-i-enable-remote-desktop-for-local-standard-user -
Set up RDP in firewall
itman replied to wood1e2's topic in ESET Internet Security & ESET Smart Security Premium
You need to first establish what the IPv4 address of the remote device you are trying to connect to via RDP. Then add that IP address to Eset's Firewall -> Advanced -> Zones - edit. Then select Trusted Zone, then the Edit tab. Add the IPv4 IP address there. Click on the OK tab and any other OK tab shown to save your settings. -
Set up RDP in firewall
itman replied to wood1e2's topic in ESET Internet Security & ESET Smart Security Premium
If this is Win 10 Home version, remote RDP is not supported. You need to purchase a Pro+ version of Windows. -
@Marcos did some more testing and found what the issue is. I have Thunderbird set to receive e-mail only in text format. Appears Eset is no longer scanning incoming T-Bird text e-mail. I can live with that since the only thing allowed in text based e-mail are live URL links as far as I am aware of. However, further research needed in this area by Eset. Clicking on those links will force the Win default browser to open and display the web page there. I assume Eset would block anything malicious upon attempted web page access. My other concern was attachments to text e-mail which are also not scanned as verified through testing. I really don't know for fact if those were previously being scanned? However upon opening or attempted saving of the attachment, Eset does detect the malware and deletes the source T-Bird e-mail w/attachment. Eset however does not delete the currently displayed e-mail w/attachment. Correction - Eset does not delete the e-mail or attachment within T-Bird.
-
Well the below screen shot notes that the ThreatSense engine appears now to only support Outlook or LiveMail e-mail formats. Thunderbird emails use the .mbox extension. Appears Eset previously performed a conversion to .EML format and that was either inadvertently omitted, or done so intentionally. In either case I need to know pronto if this will be fixed or Eset e-mail scanning no longer supports Thunderbird.
-
https://blog.knowbe4.com/byod-really-means-bring-your-own-risk
-
Reflecting a bit, this issue existed prior to ver. 12.2.23 and started around the time Eset HTTPS ports added the, 0-65535 range to ver. 12.1. "My gut is telling me" this might have hosed the IMAPS and POPS ports usage by Eset's e-mail scanner. Will experiment with excluding the IMAPS ports there and see if that resolves the issue.
-
Now this is interesting. I just noticed my Win 10 clock time was hosed after rebooting. Got set to 4 hours ahead. Had to re-sync my clock time.
-
I connect via 1 GB fiber Ethernet. Due to the fact my PC is connected via household wiring via powerlink adapters, my top connection speed is around 250 MB. The Sysrescue virus database download took approx. a minute.. What was odd is the first 40000 KB was almost instantaneous and it slowed after that. Might be due to some Linux network buffering issues or the like. Extrapolating my download speed results to lets say a 30 MB connection. the database download should take in the range of 8 - 10 minutes. This also assumes a full 30 MB download speed w/no ISP throttling going on.
-
The forum's primary purpose is to help Eset users with installation or operational issues. As far as bugs and the like, it is very much a hit or miss issue if they ever get fixed. It all depends on if the Eset moderator responding will forward the issue to Eset development for further analysis. On the other hand, opening a support ticket is a "mixed bag," I have had excellent assistance and I have had otherwise. As far as product problem resolution, what I have observed is Eset has the following priority; security vulnerabilities, severe operational issues, and everything else. Some requests although being hinted at multiple times in the forum as to be implemented in the near future, never get implemented. Bottom line - if whatever issue is bugging someone to the point where it becomes intolerable, they are better served by using a different security product.
-
I would start by ensuring all ports on the WAN site of the router are closed and preferably in stealth status. Stealth status means the ports are "invisible" to anyone doing external port scanning against your router. Next, I would check out if you have a device on your internal network for some reason trying to access this device in an unstateful manner. The Eset firewall is stateful. It will only allow inbound TCP packets that are associated with a prior outbound transmission.
-
All my files was changed to .KEEP FILES
itman replied to pegorense's topic in Malware Finding and Cleaning
Make sure your server OS has all security updates applied. Of note is Bluekeep worm patches and these just announced like worm vulnerabilities: https://forum.eset.com/topic/20484-patch-new-wormable-vulnerabilities-in-remote-desktop-services-cve-2019-11811182/ -
I solved the problem by simply not having any scheduled scans. Personally, I believe many using Eset are "scan crazy." Since Eset's real-time protection scans files upon creation and again at execution time, additional off-line scanning really is not necessary. For those that insist on daily scanning of all drives, a good alternative is to use the "Idle time" scan option. This will result in files being continuously scanned when the device is in an idle state.
-
A very strong warning here. I just performed a detail scan of this web site using Quttera. It found a whopping 19 malware instances; all Javascript based: https://quttera.com/detailed_report/watchdoctorwhoonline.com
-
Forgot about that one. It's a new option added in ver. 12.2.23 I beleive.