pps 4 Posted December 15, 2017 Share Posted December 15, 2017 Hello, In our company we have about 100 users which each one has more than one installations in his pc of a specific application (appname.exe) and in many different paths. For example one user has C:\appfolder\appname.exe , C:\apps\appfolder\appname.exe, C:\apps\a1\appfolder\appname.exe a second one has C:\Appfolder\appname.exe and so on. So insted of 100+ rules for appname.exe we want to make only one firewall rule that includes all the above cases. Thanks, Peter Link to comment Share on other sites More sharing options...
schuetzdentalCB 8 Posted December 15, 2017 Share Posted December 15, 2017 (edited) maybe the software is using a special port which you can block? i have seen no function to block only a process in eset firewall rules without the absolute path to the process Edited December 15, 2017 by schuetzdentalCB Link to comment Share on other sites More sharing options...
Administrators Marcos 5,243 Posted December 15, 2017 Administrators Share Posted December 15, 2017 Rules require a full path to an application. If they were based just on file names, one could enter "svchost.exe" for instance but since it's a typical name of malware it would also allow the communication for both the system and malicious processes. Link to comment Share on other sites More sharing options...
pps 4 Posted December 27, 2017 Author Share Posted December 27, 2017 hello, If the same application exists in 400 different places 400 rules is not a manageable solution to use paths. Is it possible to identify the executable via hashing or something similar? thanks Link to comment Share on other sites More sharing options...
Recommended Posts