Firewall on ESET ENDPOINT SECURITY

[hungtt 1]

Hi all,

I have a question about FIREWALL on ESET ENDPOINT SECURITY (EES)

As i know,default firewall on EES will block all traffic from outside to client.When i create TRUSTZONE = 192.168.1.0/24 ( my LAN network) and RULE " Allow access to shared files and printers on the local computer" will allow TRUST ZONE access.

So, when one of clients on LAN network infected ransomware ( as WannaCry), this client ( has created TRUSTZONE) would be infected from infected client ?

[Marcos 5,070]

You can simply disable shares on particular computers or limit permissions to read-only to prevent encryption if ransomware happens to run on a computer in your network. It often happens that in larger networks users have shares shared for Everyone with full permissions which is not secure. It's better to grant Everyone only read permissions and full permissions only to specific users who really need them and are protected to the maximum possible extent.

[hungtt 1]

Thanks your advice.

[rkok 3]

On 13-7-2017 at 11:44 AM, Marcos said:

You can simply disable shares on particular computers or limit permissions to read-only to prevent encryption if ransomware happens to run on a computer in your network. It often happens that in larger networks users have shares shared for Everyone with full permissions which is not secure. It's better to grant Everyone only read permissions and full permissions only to specific users who really need them and are protected to the maximum possible extent.

In addition to Marcos reply..

Better not to use the Everyone group but use the Authenticated group and give read permissions.

Learned that one the hard way some years back