neok 0 Posted June 19, 2018 Share Posted June 19, 2018 Hello, everyone.I currently use Eset Remote Administrator Server 6.5, with the Windows Agent version 6.5 and ESET EndPoint Antivirus 6.6. I have a computer network with limited access to the Internet. I need to know the DNS and/or ports of ESET's servers to create the relevant firewall rules so that my computers can be properly activated and updated from ESET Servers on Internet. Any help would be greatly appreciated. Best regards Gabriel Link to comment Share on other sites More sharing options...
Administrators Marcos 5,070 Posted June 19, 2018 Administrators Share Posted June 19, 2018 For a list of addresses of ESET's servers and ports that need to be opened on a firewall, please refer to https://support.eset.com/kb332/ (may not be 100% accurate at all times). Here is a list of rules from httpd.conf used by ESET's HTTP Proxy: Quote <ProxyMatch ^([h,H][t,T][t,T][p,P][s,S]?://)?([^@/]*@)?([a-zA-Z0-9-]{0,63}\.)?[a-zA-Z0-9-]{0,63}\.[e,E][s,S][e,E][t,T]\.[c,C][o,O][m,M](:[0-9]+)?(/.*)?$> Allow from all </ProxyMatch> #*.eset.eu: <ProxyMatch ^([h,H][t,T][t,T][p,P][s,S]?://)?([^@/]*@)?([a-zA-Z0-9-]{0,63}\.)?[a-zA-Z0-9-]{0,63}\.[e,E][s,S][e,E][t,T]\.[e,E][u,U](:[0-9]+)?(/.*)?$> Allow from all </ProxyMatch> #Antispam module (ESET Mail Security only): <ProxyMatch ^([h,H][t,T][t,T][p,P][s,S]?://)?([^@/]*@)?(ds1-uk-rules-1.mailshell.net|ds1-uk-rules-2.mailshell.net|ds1-uk-rules-3.mailshell.net|fh-uk11.mailshell.net)(:[0-9]+)?(/.*)?$> Allow from all </ProxyMatch> #Services (activation) <ProxyMatch ^([h,H][t,T][t,T][p,P][s,S]?://)?([^@/]*@)?(edf-pcs.cloudapp.net|edf-pcs2.cloudapp.net|edfpcs.trafficmanager.net)(:[0-9]+)?(/.*)?$> Allow from all </ProxyMatch> #ESET servers accessed directly via IP address: <ProxyMatch ^([h,H][t,T][t,T][p,P][s,S]?://)?([^@/]*@)?(91.228.165.|91.228.166.|91.228.167.|38.90.226.)([0-9]+)(:[0-9]+)?(/.*)?$> Allow from all </ProxyMatch> #Microsoft trusted roots distribution <ProxyMatch (?i)^http:\/\/www.download.windowsupdate.com\/msdownload\/update\/v3\/static\/trustedr\/.*\/.*?$> Allow from all </ProxyMatch> #Microsoft pki (crt and crl) <ProxyMatch (?i)^http:\/\/.*\.microsoft\.com\/pki\/.*$> Allow from all </ProxyMatch> # MS Network Connectivity Status Indicator https://technet.microsoft.com/en-us/library/cc766017(v=ws.10).aspx <ProxyMatch (?i)^http://www.msftncsi.com/ncsi.txt$> Allow from all </ProxyMatch> #Symantec/thawte ocsp/crl <ProxyMatch (?i)^http:\/\/.*\.symcd\.com\/.*$> Allow from all </ProxyMatch> #Symantec ocsp <ProxyMatch (?i)^http:\/\/ocsp\.verisign\.com\/.*?$> Allow from all </ProxyMatch> #*.eset.systems: <ProxyMatch ^([h,H][t,T][t,T][p,P][s,S]?://)?([^@/]*@)?([a-zA-Z0-9-]{0,63}\.)?[a-zA-Z0-9-]{0,63}\.[e,E][s,S][e,E][t,T]\.[s,S][y,Y][s,S][t,T][e,E][m,M][s,S](:[0-9]+)?(/.*)?$> Allow from all </ProxyMatch> Link to comment Share on other sites More sharing options...
neok 0 Posted June 19, 2018 Author Share Posted June 19, 2018 2 hours ago, Marcos said: For a list of addresses of ESET's servers and ports that need to be opened on a firewall, please refer to https://support.eset.com/kb332/ (may not be 100% accurate at all times). Here is a list of rules from httpd.conf used by ESET's HTTP Proxy: Okay. I'll try to get the addresses out of there. I don't use at the moment squid or anything similar. Thank you very much. P.S.: If you have a clean list even better. Link to comment Share on other sites More sharing options...
Recommended Posts