Georgi Stoychev
Members-
Posts
33 -
Joined
-
Last visited
About Georgi Stoychev
-
Rank
Newbie
Profile Information
-
Location
Bulgaria
Recent Profile Visitors
The recent visitors block is disabled and is not being shown to other users.
-
"Web control is not fully functional" warning
Georgi Stoychev replied to Georgi Stoychev's topic in ESET Endpoint Products
Hi Marcos, Yes, all of those settings are enabled. Just checked the endpoints on which the issue was present, and at the moment none of them have this warning. -
Hello, From time to time, some of our colleagues receive the following warning on their endpoints, even though that we have disabled the notification in the ESET Protect console: The warning is also shown in the Protect Console. Any idea what is causing the warning, and how can we completely hide it on the endpoints?
-
Hello, In relation to CVE-2024-3661, we would like to know if it's possible to somehow block DHCP packets, which contain option 121 on the endpoints, through ESET Protect's Firewall?
-
Hello, We have several employees who travel often and from time to time, they connect to client networks. Recently, one of them connected to such network and in our ESET protect on-prem console, we received multiple alerts from the Firewall module that Security vulnerability exploitation attempt was detected on the endpoint. There is a high chance that this really was such an attempt, but our employee was not aware of this, and he said that he hasn't seen such notification. Is there something we can do to show these notifications on the endpoints as well, since we couldn't find such option in our console?
-
Here is some additional info on this case: We've copied the code in a .txt file + running a manual scan - the file is "clean" When the file is renamed to .ps1 + running a manual scan - the file is "bad" When half of the code is in the .ps1 file (tried with both halves) + running manual scan - the file is "clean" I am attaching the problematic file in .txt format. get-chocolateywebfile 1.txt
-
Hello, We are using Chocolatey in our corporate environment, and started to receive thousands of alerts about this file being malicious - "file:///C:/ProgramData/chocolatey/helpers/functions/Get-ChocolateyWebFile.ps1". For the moment, we have added an exclusion in our ESET Management Console, since we received about 1000+ alarms. Can you tell us how can we investigate further what could be the cause of it? It seems pretty serious.
-
Hello, Couple of days ago, we changed our ESET Protect On-Prem server certificate, as it was about to expire, and the old certificate was revoked. Today we see that several computers, which were offline when we replaced the certificate, are not connecting to the server. We saw in the logs in "C:\ProgramData\ESET\RemoteAdministrator\Agent\EraAgentApplicationData\Logs" an error message "Error: Remote server peer certificate is not trusted by this agent. Details: NodVerifyCertificateChain failed: NodVerifyTrustResult: 42, NVT_NotTrusted, X509ChainStatus: 0x4, X509CSF_Revoked, certificate" We have a backup of the old server certificate, but would like to use the new one. Is there some step that we may have missed when we changed the old certificate? We haven't restarted the server after the change. Could that be the issue?
-
"Update information is not consistent" alert
Georgi Stoychev replied to Georgi Stoychev's topic in ESET Endpoint Products
Okay, thank you. This is the first occurrence of such issue, since we are using ESET Protect (about 3 years), and we are not sure how we could reproduce it -
"Update information is not consistent" alert
Georgi Stoychev replied to Georgi Stoychev's topic in ESET Endpoint Products
Hi Marcos and thanks for the reply! Is there anything we should do on our side?