Seth
-
Posts
74 -
Joined
-
Last visited
Posts posted by Seth
-
-
There is an easier way to do this. Do the following:
1. In Eset's GUI, access Internet Protection.
2. Then access Web Access Protection by clicking on the wheel symbol.
3. Click on URL Address Management. Then click on Edit.
4. Click on List of blocked addresses. Then click on Edit.
5. Enable(checkmarked) the List active setting.
6. Click on Add. Then enter "*.google.com/*" w/o the quotes.
7. Click on OK on that screen and every screen displayed as you exit the Eset GUI.
8. Repeat steps 1 - 4 to ensure you set up everything OK.
This will use Eset's network filtering to block access to any domain associated with Google.
I have a few thousand IP I want to block. Doing your suggestion would mean that I have to check every IP for domain name because they are not same. That would take very long time hence the IP ranges.
I looked up this forum IP and found this IP: 52.21.38.34 I'm not sure if it's correct IP but it did not work blocking it from Eset firewall.
-
If you used Google for testing, did you block all the IP ranges they use? You'd better use a domain that resolves to one IP addresses in one range for testing if you do not know all the ranges.
64.233.160.0 - 64.233.191.255
66.102.0.0 - 66.102.15.255
66.249.64.0 - 66.249.95.255
72.14.192.0 - 72.14.255.255
74.125.0.0 - 74.125.255.255
209.85.128.0 - 209.85.255.255
216.239.32.0 - 216.239.63.255
I used all those IP ranges and it did not work. What is the IP number for this forum? I can check if it blocks. Doesn't matter if it's another site/IP.
1. Does it matter if you put space between IP and - ?
2. Should it still work if the first IP number are not same. For example: 66.xx.xx.xx - 200.xx.xx.xx <--- Would this till work?
-
I added Google IP to firewall to block it only for testing. I created a rule that deny both inbound and outbound traffic but I still could access Google IP. What did I do wrong? I'm trying to block IPs not URLs.
-
How do I setup IP range? I want to add 2 IPs to be blocked and every IP between them too? Is this possible with ESS 9?
-
ESSP looks very interesting. When is it planned to release ESSP or any beta?
-
Can someone please tell if EIS will be higher than ESS? And if so, will it be free upgrade from EIS to ESS? When can we expect a stable release?
-
As I said I downloaded ESS to the desktop with no other files there at that moment and installed ESS. But you are saying as above that there could be hidden files? So my install is not 100% safe until I move installer to an empty folder before installing?
Theoretically yes.
Ok thanks.
-
I downloaded the offline installer to the desktop and runned it as administrator. No other files were at the desktop at that moment. Am I safe?
Well, ESET said all installers are already fixed and I also don't know whether the offline installers were affected at all.
But in a more general way (which also applies for other installers) this answer is a bit longer: If there are really no files theoretically yes.
However there may be hidden files or something like this, so the only way to be certain is creating an empty new folder, moving the file inside of it and running it from there.
This attack can only happen when another bad DLL file that is not from the software you want to install in the same folder?
As I said I downloaded ESS to the desktop with no other files there at that moment and installed ESS. But you are saying as above that there could be hidden files? So my install is not 100% safe until I move installer to an empty folder before installing?
-
"If you already have an affected ESET product installed, you do not need to take any action to address this issue."
I really don't get this. Don't do anything about your product that is affected is the solution?
-
I downloaded the offline installer to the desktop and runned it as administrator. No other files were at the desktop at that moment. Am I safe?
Well, ESET said all installers are already fixed and I also don't know whether the offline installers were affected at all.
But in a more general way (which also applies for other installers) this answer is a bit longer: If there are really no files theoretically yes.
However there may be hidden files or something like this, so the only way to be certain is creating an empty new folder, moving the file inside of it and running it from there.
What step should I take to be 100% sure? Uninstall? How to be sure you remove everything when uninstalling ESS? It seem that there is always something left in regedit when uninstalling software. I use MalwareBytes too. Is it affected too?
-
I downloaded the offline installer to the desktop and runned it as administrator. No other files were at the desktop at that moment. Am I safe?
-
Description: A few suggestions to make the Firewall rules list more user-friendly, again.
Detail: Up until (and including) version 8 the rules list had the following useful features which are now missing in v.9:
- "Detailed view" was available where the list could be sorted by various categories, most importantly by name and date modified. Detailed view is gone in v.9 for not apparent reason, and so the list cannot be sorted anymore. Please either bring back Detailed view with sorting, OR enable sorting in the main rules list.
- Program icons were shown next to each application name. The icons made the list very easy to browse and made all safe applications easy to identify. Icons have been removed in v.9. Please bring back program icons in the list.
- The application column in v.9 shows the full directory path, and the app name at the very end of it. This makes the rules list even more difficult to read. The whole thing is just a big blob of text, very tedious to go through. I have to extend the app name column, scroll to the end of the line and find the actual app name at the end of the path. In version 8 only the app name was shown, and the full path was displayed as a tooltip when scrolling over the app name. That was much more user-friendly. Please either use a tooltip for the path, or create a separate column for the path.
- The column width is reset every time I enter the rules list. I have to extend the application name column every time in order to read the name. This is especially hard with the long path name shown in that column. Up until v.8 ESET remembered the column widths and it did not reset them every time the list was opened. Please let ESET save the column width settings.
The list in version 8 worked well and it didn't need 'fixing' since it wasn't broken. I understand the need to modernize the GUI once in a while, but that really doesn't mean just gutting a bunch of useful features and replacing them with a 'search' button (the magnifier glass icon in the top right corner), which is not a replacement for all the things I mentioned above. The search is useful, but most of the time I do not need to search for a specific application. Instead, I regularly go through the entire list to remove any outdated entries and look for anything that may seem suspicious, or revise the list for whatever reason. That's very difficult to do in version 9.
I'm not asking for any new features, all I'm asking is bring back the user-friendly list style from previous versions, or give us an alternative, instead of just gutting the user-friendly sortable list.
Thank you for your consideration.
EDIT:
- Another feature that's been removed, that was present in the Detailed View in v.8, was the green / red arrow-icon identifier for 'allowed' and 'denied' inbound or outbound traffic. This allowed me to very easily identify all blocked and non-blocked programs in the list. All this color-coding was very convenient. I don't understand why it has been removed.
For comparison:
v.8 hxxp://s5.postimg.org/akn0j22yf/ESET_rules_list_v8.png
Yes I agree. Please ESET add this.
-
Do you mean after the file is downloaded just copying it to another folder and executing it prevents this attack?
Yes, it does. i know... it's quite easy.
Ok. Thank you
-
A way to prevent such attacks is to copy all installers into an empty directory before executing or to make sure there are no rogue DLL files in the Download folder.
Do you mean after the file is downloaded just copying it to another folder and executing it prevents this attack?
-
Can you disable the LiveGrid alert in the latest build 9.0.349?
It's always been possible to disable LiveGrid. As of v9, the protection status changes to red to warn the user that protection against current threats is not ensured if LiveGrid is disabled completely. It's possible to disable submission of statistics and suspicious files which doesn't change the protection status, however. Of course, this is not recommended, otherwise ESET may not be able to clean potential threats if you encounter any as ESET needs to get malicious files in order to add a signature detection.
Thank you Marcos. I already know this because you have mentioned it in another thread that were closed
I wished you could disable the alert notification from LiveGrid. Just give the user a warning when disabling LiveGrid and if the user accept the danger from disabling LiveGrid then it's on them if anything happens. I think you mentioned that in feature build you could disable alert warnings. Please add this feature. -
Can you disable the LiveGrid alert in the latest build 9.0.349?
-
Hi,
As far as I know, ESET counts the PC you want to protect cover by the license,
so... I think you need 1 license x2 PC, or X PC you want to protect.
In my country add 1 pc to my current license is not even expensive.
I know you can get license for more than one PC with same key. But I would like to know for sure from ESET staff before I do something. I have 1 license for 2 PC. 1 for main PC and the other on another PC that I almost never use. But I will probably use a VM and want to protect that too. So im thinking if its alright to use same license on the VM too as long as I dont go online with the second PC that I almost never use and never at same time as the VM? Will this be a issue?
Thanks for the reply TomasP.
On point 1. Do I really have to uninstall on first computer before I use it on another computer? Lets say I have 2 computers and never use both at same time. I install ESS on both with same key but never use the computers at same time. I should be able to get updates and be fully protected if I never are connected to internet at same time?
-
I can see ESET NOD32 Antivirus and ESET Smart Security under applications when adding CCEnhancer to CCleaner. Is it safe to clean these 2?
-
Thanks for the reply TomasP.
On point 1. Do I really have to uninstall on first computer before I use it on another computer? Lets say I have 2 computers and never use both at same time. I install ESS on both with same key but never use the computers at same time. I should be able to get updates and be fully protected if I never are connected to internet at same time?
-
Can we expect a new build anytime soon?
-
1. Can I move around same key to different computers as long as they are not active at same time and still be fully protected? ESET seem to know the name of computer when you install it for first time. Can it cause issues when you use same key on different computer with different name?
2. Can you run same key on Host and Virtual Maschine at same time and still be fully protected? Can ESET somehow think something is fishy and block the key and maybe updates? It should not matter as long as the the Host and VM uses same IP? Just want to be sure. Dont want to mess up my license.
-
I followed the instructions from https://github.com/reek/anti-adblock-killer#anti-adblock-killer--reek and did not work on this site: dreamfilmhd.bz
ADB detected on dreamfilmhd.bz
Thank you. It worked
-
2) yes having an older IE will decrease your security, hence, do not use IE! Chrome or Firefox + AdBlock Plus add-on/extension to prevent unwanted ads, make sure you go to the filter preferences in ABP and uncheck the "allow some non intrusive ads to be displayed" most malware these days come from accidentally clicking an add which downloads some program that contains a nasty PUP
Yes, but on more and more sites Adblock Plus or uBlock is not enough, because they are using now Anti-Adblock-Software like Addefend:
AdDefend enables you to integrate unblockable online ads into your website.These Anti-Adblock programs load testpixels and use additional methods when you load such a website and if they detect that you are using an Adblocker, the website uses very aggressive methods of displaying ads i.e the ads are generated from the webdomain and not the Ad-Domain, or the website is completly blocked with activated adblocker.
Therefore I recommend to install greasemonkey and then Anti-Adblock-Killer Reek and to subscribe to the corresponding additional filter-list for Adblock Plus or uBlock:
Features:Detect & Kill Anti-Adblockers
Check if Anti-Adblock Killer list is installed
Check & Notify updates
More filters for Adblockers
I followed the instructions from https://github.com/reek/anti-adblock-killer#anti-adblock-killer--reek and did not work on this site: dreamfilmhd.bz
I have these addons installed.
ABP
HTTPS-Everywhere
Ghostery
What have I done wrong? Btw is it even safe to use these scripts?
-
I would like to be able to sort the rules in the alphabetical order of HIPs rules. It can be alot to go through. I would also like if you could create groups and send rules to that group in HIPS. I have hard time to focus on details in advance setting because of the GUI. Maybe thats just me. But overall I love ESS.
IP range firewall
in ESET Internet Security & ESET Smart Security Premium
Posted
I'm trying to block Telemetry IP from Microsoft. So you mean adding all IP list just the way they are to Hosts file would work? How stable would that be compared to firewall?
But ESS9 has a firewall. Doesn't it work for blocking IPs?
Do you know an IP and domain name I can test?