-
Posts
196 -
Joined
-
Last visited
-
Days Won
7
Everything posted by BALTAGY
-
Hi, Can't add Adguard Add-on to Firefox until i disable SSL option in ESET Here's the Add-on link https://adguard.com/forward.html?app=win&v=7.4.3147.0&appid=b6bcd3b60a18495c9ecd26f74985b56e&action=get_extension_mozilla_beta&from=browser_extensions
-
Firewall rule Max ip addresses
BALTAGY replied to BALTAGY's topic in ESET Internet Security & ESET Smart Security Premium
The list have 195747 ips 😁 -
Firewall rule Max ip addresses
BALTAGY replied to BALTAGY's topic in ESET Internet Security & ESET Smart Security Premium
It will only block the url, if this IP trying to connect to you by any other way it wont be blocked but if you block it via firewall you can block it completely -
Firewall rule Max ip addresses
BALTAGY replied to BALTAGY's topic in ESET Internet Security & ESET Smart Security Premium
Ya, and ability to add a long lists will be great -
Firewall rule Max ip addresses
BALTAGY replied to BALTAGY's topic in ESET Internet Security & ESET Smart Security Premium
Web access only work with URL's not ip's -
Firewall rule Max ip addresses
BALTAGY replied to BALTAGY's topic in ESET Internet Security & ESET Smart Security Premium
It will take a very long time to do so What made me want to add this ip list is one of the ips 185.156.177.234 tried to hack me via VNC and ESET blocked it, so i found an ip list https://malwareworld.com/textlists/suspiciousIPs.txt i would like to block Time;Event;Action;Source;Target;Protocol;Rule/worm name;Application;User 11/12/2019 10:53:58 PM;Security vulnerability exploitation;Blocked;185.156.177.234:1550xxxxxxxxxxxxx;TCP;Botnet.CnC.Generic;C:\Program Files\RealVNC\VNC Server\vncserver.exe;NT AUTHORITY\SYSTEM -
Firewall rule Max ip addresses
BALTAGY replied to BALTAGY's topic in ESET Internet Security & ESET Smart Security Premium
Rule get broken after 942 ips -
Firewall rule Max ip addresses
BALTAGY replied to BALTAGY's topic in ESET Internet Security & ESET Smart Security Premium
That's what i did, this pic above from zone rule Same problem happen as a rule or zone -
Files encrypted by ransomware
BALTAGY replied to SeriousHoax's topic in Malware Finding and Cleaning
I don't like these tests, we also don't need to prove this fact but look at this https://www.av-comparatives.org/tests/false-alarm-test-september-2019/ -
Files encrypted by ransomware
BALTAGY replied to SeriousHoax's topic in Malware Finding and Cleaning
Microsoft is known with very high false positive -
Files encrypted by ransomware
BALTAGY replied to SeriousHoax's topic in Malware Finding and Cleaning
Have a look at this one, Bitefender don't detect it but Bitdefender machine learning did https://www.virustotal.com/gui/file/6a9042b3670116b6f553833799e1dd172c670341e48e9bb94309b87bdc28544a/detection https://www.virustotal.com/gui/file/ca15b28914dc22461fbf8f213047673de7a0434d7ca0d8b796c1a6038f169e23/detection -
Files encrypted by ransomware
BALTAGY replied to SeriousHoax's topic in Malware Finding and Cleaning
Personally i know there's no 100% protection but machine learning and hips need to be improved and used more Also folder control is another way to be more protected i agree When i tested another ransomware, Bitdefender machine learning detected it but not ESET, and today i saw 3 other new ransomware that not detected by ESET -
Files encrypted by ransomware
BALTAGY replied to SeriousHoax's topic in Malware Finding and Cleaning
I did test smart for sometime, i never got any alert -
Files encrypted by ransomware
BALTAGY replied to SeriousHoax's topic in Malware Finding and Cleaning
Automatic -
Files encrypted by ransomware
BALTAGY replied to SeriousHoax's topic in Malware Finding and Cleaning
I think learning machine and Ransomware Shield and Hips need to be improved I did test another one also with no alert from ESET -
A message from malware writers to ESET found in Emotet
BALTAGY replied to Marcos's topic in Malware Finding and Cleaning
Yes it's WannaCash https://twitter.com/thyrex2002/status/1198543193266106368 -
A message from malware writers to ESET found in Emotet
BALTAGY replied to Marcos's topic in Malware Finding and Cleaning
Ya, sadly i can't download it to see if it will run while ESET installed -
A message from malware writers to ESET found in Emotet
BALTAGY replied to Marcos's topic in Malware Finding and Cleaning
@Marcos pls check this one, since i can't download it to send it via ESET https://www.virustotal.com/gui/file/5d178be58d8588c9b7460343f6c8a6fa8d0fd554df6450ab0beec905052371a0/detection -
I know this KB, but for example "STOP (DJVU)" ransomware run from user appdata or user temp folder with file name like xxx.tmp.exe So if i can create a HIPS rule to protect all files from being edited from any exe in temp folder, that will help to protect the files I know i can get a few warnings from legitimate files in user appdata but i can keep the files safe
-
I think HIPS can be used for more protection vs ransomware, also giving users a choice to create a rules they want like what i want to do is better
-
Also why ESET not use a rule like this with a trusted exe files list to be used a protection like WD ?
-
Well that's what i'm asking why HIPS don't allow me to make a rule for any exe in a location like appdata ? i will never know the ransomware name but if i can choose any exe in TEMP folder for example i can get a warning to accept or deny the changes
-
Here's what i want to do in the pic's, i want ESET to detect any exe in appdata and any folder inside for example then prevent them from writing to any files in other drives
-
I did choose the files since i want to protect other files in other drives