Jump to content

firewall policy and remote access


Aim2018

Recommended Posts

Hi,
I was trying to run vbscript remotely from allowed remote host  . In firewall  rules  port 135 ,1026-1029,445 are opened 
apart from that I have policies like attached 

1649365802_scriptpolicy.png.c3e7b6ded0592063a88cf376fd98896f.png

But it is giving the error remote connection failed 

 

Please help 

 

Thanks 

 

Link to comment
Share on other sites

To begin with, Eset's firewall evaluates rule from top to bottom order. Unless the user rules you added were placed at the top of the existing rule set, it can be assumed that existing Eset default firewall rules are overriding your custom rules.

Appears you are trying to use RPC for your remote connection activity? Eset already has default rules for that. However, the default rules only allow inbound RPC activity for IP addresses listed in the "Trusted" zone.

You should review the existing Eset default rules in regards to "Trusted" zone activity. If those meet your security policy criteria, the simple solution is to add the local network IP address shown in your screen shot to the "Trusted" zone.

Edited by itman
Link to comment
Share on other sites

Hi,

Thanks for the  reply 
I am planning to use  the  HIPS rules  (and also the  firewall  rules mentioned in the discussion ) from the  below link  to protect from ransomeware . 

https://techcenter.eset.nl/kb/articles/configure-hips-rules-for-eset-business-products-to-protect-against-ransomware

For software deployment I am using pdq ,manageengine and sccm also  which basically uses custom vb and powershell scripts 

I want to exclude  those deployment from the hips and the firewall rules 

Please advise 

Thanks

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...