BALTAGY

Hi, Can't add Adguard Add-on to Firefox until i disable SSL option in ESET Here's the Add-on link https://adguard.com/forward.html?app=win&v=7.4.3147.0&appid=b6bcd3b60a18495c9ecd26f74985b56e&action=get_extension_mozilla_beta&from=browser_extensions

The list have 195747 ips 😁

It will only block the url, if this IP trying to connect to you by any other way it wont be blocked but if you block it via firewall you can block it completely

Ya, and ability to add a long lists will be great

Web access only work with URL's not ip's

It will take a very long time to do so What made me want to add this ip list is one of the ips 185.156.177.234 tried to hack me via VNC and ESET blocked it, so i found an ip list https://malwareworld.com/textlists/suspiciousIPs.txt i would like to block Time;Event;Action;Source;Target;Protocol;Rule/worm name;Application;User 11/12/2019 10:53:58 PM;Security vulnerability exploitation;Blocked;185.156.177.234:1550xxxxxxxxxxxxx;TCP;Botnet.CnC.Generic;C:\Program Files\RealVNC\VNC Server\vncserver.exe;NT AUTHORITY\SYSTEM

Rule get broken after 942 ips

That's what i did, this pic above from zone rule Same problem happen as a rule or zone

Hi, What's the max ip addresses i can use in a single firewall rule ? when i try to block many ip addresses the rule become like this pic and it don't work When i make the ip addresses number less it work Not sure if it's a bug ? ESET Internet Security v13.0.24

I don't like these tests, we also don't need to prove this fact but look at this https://www.av-comparatives.org/tests/false-alarm-test-september-2019/

Microsoft is known with very high false positive

Have a look at this one, Bitefender don't detect it but Bitdefender machine learning did https://www.virustotal.com/gui/file/6a9042b3670116b6f553833799e1dd172c670341e48e9bb94309b87bdc28544a/detection https://www.virustotal.com/gui/file/ca15b28914dc22461fbf8f213047673de7a0434d7ca0d8b796c1a6038f169e23/detection

Personally i know there's no 100% protection but machine learning and hips need to be improved and used more Also folder control is another way to be more protected i agree When i tested another ransomware, Bitdefender machine learning detected it but not ESET, and today i saw 3 other new ransomware that not detected by ESET

I did test smart for sometime, i never got any alert

Automatic

I think learning machine and Ransomware Shield and Hips need to be improved I did test another one also with no alert from ESET

Yes it's WannaCash https://twitter.com/thyrex2002/status/1198543193266106368

Ya, sadly i can't download it to see if it will run while ESET installed

@Marcos pls check this one, since i can't download it to send it via ESET https://www.virustotal.com/gui/file/5d178be58d8588c9b7460343f6c8a6fa8d0fd554df6450ab0beec905052371a0/detection

I know this KB, but for example "STOP (DJVU)" ransomware run from user appdata or user temp folder with file name like xxx.tmp.exe So if i can create a HIPS rule to protect all files from being edited from any exe in temp folder, that will help to protect the files I know i can get a few warnings from legitimate files in user appdata but i can keep the files safe

I think HIPS can be used for more protection vs ransomware, also giving users a choice to create a rules they want like what i want to do is better

Also why ESET not use a rule like this with a trusted exe files list to be used a protection like WD ?

Well that's what i'm asking why HIPS don't allow me to make a rule for any exe in a location like appdata ? i will never know the ransomware name but if i can choose any exe in TEMP folder for example i can get a warning to accept or deny the changes

Here's what i want to do in the pic's, i want ESET to detect any exe in appdata and any folder inside for example then prevent them from writing to any files in other drives

I did choose the files since i want to protect other files in other drives