Jump to content

itman

Most Valued Members
  • Content Count

    6,967
  • Joined

  • Last visited

  • Days Won

    183

Kudos

  1. Upvote
    itman received kudos from filips in How to deal with display name spoofing, when contains right mailadress also in reply, but "name@abc.com" is different   
    See if this posting helps: https://forum.eset.com/topic/14855-spoofed-email-address/
  2. Upvote
    itman received kudos from Aryeh Goretsky in Blocking IP address 34.102.136.180. Something to do with WPAD   
    This is related to WPAD DNS activity:
    https://findproxyforurl.com/wpad-introduction/
    Appears WPAD has a number of security risks with the recommendation it be permanently disabled if not using IE11 or Edge as your browser: https://auth0.com/blog/heads-up-https-is-not-enough-when-using-wpad/
  3. Upvote
    itman received kudos from Aryeh Goretsky in Best Business VPN for Remote Connection   
    https://www.comparitech.com/blog/vpn-privacy/remote-access-vpn/
  4. Upvote
    itman received kudos from kwk1 in Network protection troubleshooting advice   
    If you are using Eset's Home or office network protection mode, all your local network devices are Trusted. As such, there really is no reason to disable SSDP service since Eset will allow all that type network traffic.
  5. Upvote
    itman received kudos from kwk1 in Network protection troubleshooting advice   
    If you are using Eset's firewall Public network protection, the only trusted device on your network is the device where Eset is installed on. Eset;s default firewall rules for inbound SSDP traffic; i.e. UDP protocol port 1900, only allow this traffic for trusted network devices.
    To stop this blocking activity from occurring, there are the following options:
    1. Switch Eset network protection mode for your network to "Home or office network."
    2. Disable the Win SSDP service. This is the option I employ since I use Eset's Public network protection.
    3. Disable UDP on your router if it exists and is enabled. What is occurring is the router is allowing other devices on your network "to discover" your device for connectivity purposes.
  6. Upvote
    itman received kudos from Leonardo in anti virus best software   
    Here's a complete article on Eset's RDP bruteforce blocking; https://www.welivesecurity.com/2020/06/29/remote-access-risk-pandemic-cybercrooks-bruteforcing-game/
    Of note in this article is the non-Eset based installation best practices that also need to be implemented.
  7. Upvote
    itman received kudos from Leonardo in License issue   
    You need to contact whomever you purchased the license from to straighten this out.
  8. Upvote
    itman received kudos from BobLongworth in Can’t Uninstall ESET Endpoint Anti-Virus   
    https://support.eset.com/en/kb2289-uninstall-eset-manually-using-the-eset-uninstaller-tool
    Note: This must be run in Win Safe boot mode.
  9. Upvote
    itman received kudos from BobLongworth in ESET firewall vs Windows 10 firewall   
    To begin, the Eset firewall and IDS are separate components within its Network Protection component. IDS is conditioned by network packet filtering rules and like intrusion detection rules that monitor for abuse of protocols commonly used by remote attackers. The Eset firewall component monitoring parallels that of the Win firewall in that app network use of protocols and ports are being monitored. It differs from the Win firewall in that it has full user interaction capability of outbound Internet traffic whereas the Win firewall only supports logging capability.
    In Eset default configuration, the Eset firewall will also defer to existing Win firewall inbound rules unless an Eset firewall rule exists that specifically blocks that network traffic. This greatly simplifies Win 10 Store apps use whose program names constantly change with each update of the app. 
    Also note that Windows desktop versions do not natively contain an IDS component. There is limited network monitoring capability but only if Window Defender is used as the AV solution.
    My recommendation for corporate networks is that a network perimeter firewall appliance also be deployed for maximum security.
     
  10. Upvote
    itman received kudos from Nightowl in Internet Security and Google Searches   
    Or clear your browser history and/or cache in Chrome at its close time and see if that resolves the alerts.
  11. Upvote
    itman received kudos from mallard65 in License issue   
    You need to contact whomever you purchased the license from to straighten this out.
  12. Upvote
    itman gave kudos to IgorDR in Threat removed pop up   
    I had this problem this morning and here is the solution!
    The problem is that Nod32 is not able to delete or move the infected email, so it continously dowloads the same email via IMAP, every minute.
    But you don't see the email in your email client, because it is still on the server.
    You have 2 solutions:
    Use the web interface of your email provider and delete the email directly on the server. If your email provider does not offer you a web interface, disable the antivirus, let the infected email to be dowloaded to your client, delete it and restore the antivirus.
  13. Upvote
    itman received kudos from mallard65 in Update authorization +ESET Live Grid   
    Actually the statement posted was:
    It is you whom is drawing inference between the separate sentences. In the context posted, the sentences are totally independent of each other.
  14. Upvote
    itman received kudos from Computerjul in Running AdGuard with ESET Internet Security   
    I will also add that using the installed version of Adguard makes sense if you are using an AV solution that does not perform SSL/TLS protocol scanning such as Emsisoft, Windows Defender, etc..
  15. Upvote
    itman received kudos from Computerjul in Running AdGuard with ESET Internet Security   
    The problem is Eset SSL/TLS; i.e. HTTPS, protocol scanning uses the Windows Filtering Platform to do so. The installed version of Adguard also does the same and also by default, uses Windows Filtering Platform. That is where the conflict is and why WFP must be disabled in installed Adguard. This doesn't weaken Adguard's SSL/TLS protocol scanning in any way since it will install a network adapter mini-port filter driver instead to do this protocol scanning.
    In the browser add-on version of Adguard, it is examining HTTPS traffic after it has been processed by the browser. As such, it can't detect adware/malware as effectively as can be done via examination outside of the browser. However since Eset has already examined that traffic outside of the browser, it would have already detected anything malicious and removed it prior to web page rendering. This means that the only thing left for Adguard to detect is ads and the like. Additionally, other browser add-ons such as uBlock origin are quite capable of removing ads and the like. As such, I really don't understand why folks insist on spending money on the installed version of Adguard.
  16. Upvote
    itman received kudos from Computerjul in Running AdGuard with ESET Internet Security   
    Yes.
    Most of the Adguard issues are embedded in other titled postings. Eset's forum search capability "sucks" when it comes to finding embedded search criteria by word or phase reference.
  17. Upvote
    itman received kudos from offbyone in Firefox + ESET SSL Filter CA   
    Yes, it is conflicting:
    https://support.mozilla.org/en-US/kb/how-disable-enterprise-roots-preference
    Because prior to ver. 68, Enterprise Roots preference by default was not to refer to it.
  18. Upvote
    itman received kudos from Computerjul in Question about ESET Firewall & rules   
    If the question is if Eset by default monitors for modification of Win firewall rules, the answer is no.
    If this is in regards to the Eset firewall, the simplest answer is the following. The Eset Public profile will not allow by default any inbound traffic from other devices on your local network other than the router.
  19. Upvote
    itman received kudos from peteyt in Deny Internet access for running process   
    You really have to ask Microsoft "the rhyme an reasoning" behind this. My best guess is to make it difficult for malware to drop a bogus Store app there.
  20. Upvote
    itman received kudos from Aryeh Goretsky in Gamer Mode: Why there's no shortcut/hotkey way to activate it?   
    Have you tried this?
    https://help.eset.com/eis/13/en-US/idh_page_settings_antivirus.html?idh_config_gamer.html
  21. Upvote
    itman received kudos from Aryeh Goretsky in Notifies of optional windows updates as recommended   
    I believe this is a Microsoft "techno-babble" issue.
    These Win 10 non-security updates are classified in the Microsoft Update Catalog as Recommended updates versus Optional updates. However, Microsoft in its KB articles will note that they show under the Win 10 Update Settings section of Optional Updates.
    A true Optional update is Silverlight, etc..
  22. Upvote
    itman received kudos from Aryeh Goretsky in Initial Scan Deleted My Files Without Confirming   
    To begin, Eset doesn't permanently delete files; it places them in Quarantine. They can always be restored from there after setting real-time scan exclusions for the files for whatever Eset detected. This is not recommended unless the files have also been verified by another malware scanning authority such as VirusTotal.
    Eset scans by default are set to "Remedy detection if safe, ask otherwise." Safe in this context means file removal would not adversely affect system operation. Refer to the below screen shot on how to modify default scan cleaning behavior:

     
  23. Upvote
    itman received kudos from Aryeh Goretsky in How to get my site marked as safe   
    Eset has predefined categories a parent for example, could restrict a child household member from accessing. See the below screen shot for a few of them. The alert Eset is displaying is because and assumed the source that installed Eset on their household devices has restricted access to one or more of these categories. Obviously, your web site is classified in one of these parental control categories. I don't know what Eset uses to determine how a web site falls in one of the categories. But there are various web site rating concerns that do so.
     
     
  24. Upvote
    itman gave kudos to Marcos in ESET replacing site EV SSL certificate with its own?!?   
    While EV certificate used to matter and were excluded from filtering by default, this will change within the next few days and all communication will be scanned regardless of the type of certificate used. By the way, there is a big difference in trust between bank domains and ad providers.
  25. Upvote
    itman received kudos from Cp3p0 in ESET replacing site EV SSL certificate with its own?!?   
    Actually it does.
    Firefox, Chrome, and Edge all recognize Eset root CA certificate. Otherwise, they would be alerting about it. All FireFox is informing about is the certificate is not one contained within their own internal root CA certificate store. FireFox now defers to the Win root CA certificate store in this situation which does contain Eset's certificate.
×
×
  • Create New...