Jump to content

toxinon12345

ESET Insiders
  • Content Count

    165
  • Joined

  • Last visited

  • Days Won

    5

toxinon12345 last won the day on February 15

toxinon12345 had the most liked content!

Profile Information

  • Gender
    Male
  • Location
    Nicaragua
  • Interests
    [Technology, BioInformatics, Umbrella corp]... ---> ESET

Recent Profile Visitors

601 profile views
  1. Translation is ambiguous when you disable LiveGrid: "Esto puede ser muy peligroso, por lo que debe volver a habilitar la protección de inmediato" If we think of it as an implication, we should use "así que" or "por lo tanto". Thanks.
  2. Well, I guess Similarity digests are what extend a cloud for effective classification; in addition to reputation metadata (age/users). Of course, you should not expect blocking every executable out there with the premise of "Low reputation" only: that would create tons on FPs e.g. for developers; but an hybrid approach combining core routines with cloud classifier should readjust threshold levels for threat determination. The problem with a dynamic whitelisting is the performance overhead, e.g. querying the cloud for every new installed PE program [ *.exe | *.dll ], if we add script execution: PowerShell, Batch, VBscript it would mean another filegroup to look at. Some other products claimed to have resolved, at least partially, that problem with what they call "prefetch scan", "solid asynchronous packet", and other sort of weird terms. Maybe it makes sense for interactive windows : PUA's for example.
  3. Not sure how feasible could be this, but a more user friendly HIPS... Description: HIPS "application control". ESET harddened mode. Detail: a HIPS extension with [Application Startup Control] leveraging reputation data for whitelisted and good prevalence executables.
  4. Description: counting of "OFF/stopped" items Detail: I would like to see counting of "Permanently disabled" items at "Setup Pane". Also with no-color always. (Black and white) something similar to this, but in that case would be a '3' in Black/white https://forum.eset.com/uploads/post-6339-0-20654900-1457971762.png
  5. Add to wishlist: Performance enhancements to Emulation I noticed when scanning an UPX packed Icon Resource Library, it needs to unpack that section too....... but when removed the icons/bitmaps from the DLL, then UPXed and scanned all is OK back again
  6. Descr:experimental auto-whitelist in Filesystem protectin Details:limited to write-execute events & UPX bigger than ~3MB
  7. On execution emulation for files bigger than aprox. 4 MB..etc + Mapping <big+upx> executables ---> on-access LiveGrid whitelisting ! file skipping ! local cache similar to PrevX º Webroot fastest lookups ---- speeds between those of code analysis and code emulation
  8. Removable media insertion Add "Quick scan | Superficial scan" option in the notification prompt "Profile selector" in Advanced setup
  9. Low prevalent and rare files with suspicious packed PE --> Query reputation data after successfully downloaded such file Also, I think AMS possibly could benefit speed from the whitelist
  10. Turn On the new HIPS Advanced Memory Scanner, it is a post-execution detection layer It is available in version 7
  11. Traffic lights for Setup Pane Most people would fix problems by means of Home Screen the way it currently does
  12. You are refering to Web content filtering Anti-Spam parsers are proven to be also very effective when combined to URL blocking Recently ESET won First place thanks to the Anti-Phishing module,,,you can view it here Currently Parental Controls trust only in reactive methods as URL blocking; without using specific proactive algorithms If Web parsing could be added into Parental Controls, it would be great Anyway the yearning of Web reputation seems to be added long time ago
×
×
  • Create New...