Jump to content

Message Appearance in Filtered Websites (EIS 12)


Recommended Posts

Hello, since a week or two, not all sites is saved into Logs - Filtered Websites.  But "Minimum Logging Verbosity" is set to "Informative" in my config. I want to know - its some bug or it should be so? :huh: Because about a week ago absolutely all sites were displayed in this magazine. And now only dangerous sites are viewing thats all.

Link to post
Share on other sites
  • 2 weeks later...
  • 4 weeks later...

@Marcos About eicar - yes. My AV is detect this file. But phishing test page not blocking (Screenshot is below). And i want to add - Some sites is registering in Site filter log. But not all. Only sites what was blocked. But i set log to registering all sites. Why AV gnot registering all viewed sites in log. Thats is my problem.

1.jpg

Link to post
Share on other sites
  • Administrators

As long as https filtering works and a particular website or url or certificate is not exckuded and antiphishing is enabled,there's no reason why it wouldn't work 

Link to post
Share on other sites

-EDIT- The first thing to check is that Eset's Anti-Phishing protection is enabled in the Eset GUI Web and Email section.

There is a very ....... long discussion on this issue in another forum thread.

It turns out the person had a corrupted FireFox profile. He had to uninstall FireFox and deleted file-wise everything associated with it including his old profile file. He then reinstalled Firefox and the AMSTO Phishing Page was detected.

Edited by itman
Link to post
Share on other sites
  • 2 weeks later...
29 minutes ago, SergeyStrelnikov said:

@itman You mean i need to reinstall my current browser or try other browser? By the way please give me link to this "discussion on this issue in another forum thread".

What browser are you using when you perform the AMTSO Phishing test and it's not detected by Eset?

Link to post
Share on other sites
47 minutes ago, SergeyStrelnikov said:

@itman - Google Chrome 7.0.3865.120 64-bit.

OK. Thought you might be using FireFox.

First verify that Anti-phishing protection is enabled. Open the Eset GUI and select Advanced Setup. Select Web and Email ->  Anti-phishing Protection. Verify that Enable Anti-phishing Protection is check marked.  If it is not, check mark it. Save the change. Now retest at the AMTSO web site. If it was check marked originally, proceed as follows.  

This has work for some. You can search the forum for related postings. Open the Eset GUI and select Advanced Setup. Select Web and Email -> SSL/TLS -> List of SSL/TLS filtered applications. Find the entry for chrome.exe and select it. Mouse click on the Edit tab. Change the scan action from Auto to Scan. Save the change. Now retest at the AMTSO web site.

Edited by itman
Link to post
Share on other sites
  • 2 weeks later...
5 hours ago, SergeyStrelnikov said:

@itman It doesn't work... Anti-phishing Protection is check marked. I tried to re-check. Nothing. Im configured SSL/TLS from chrome.exe... Nothing.

Any other suggestion? Anyway - my problem - why not all sites is saved into Logs? Only blocked are saves.

All I can suggest is what worked for one Eset user having the same issue using Firefox. In that instance, the user totally uninstalled FireFox. Then and most importantly, he deleted anything leftover including his FireFox profile. Note that FireFox does not delete the user profile file when it is uninstalled. This will allow the user to retain all his custom settings when FireFox is reinstalled. The problem is most of the "nasty" issues are due to a corrupted profile and the only resolution is to allow FireFox to build a new profile when it is reinstalled.

You will have to do research if Chrome works the same way. That is if the profile is retained when it is reinstalled. If this is the case, advise you do what is stated above. Then recreate all your custom settings including add-ons and extensions. Finally, now retest at the AMTSO Desktop Phishing test site. Alternatively, below are a couple of "live" phishing web sites that Eset's phishing protection detects:

http://www.paypal.com.myhr.app.aruntest.shnpoc.net/

http://alnamal.com/

Edited by itman
Link to post
Share on other sites
25 minutes ago, SergeyStrelnikov said:

@itman Yes, these sites were blocked by my EIS and messages in the log also appeared. And yes, I reinstalled Chrome. Before this, it was completely deleted, profiles too. But still, my EIS dont blocking AMTSO web-page. I even don't know what to do next...

Does Eset detect the two real phishing links I posted?

Link to post
Share on other sites
2 hours ago, SergeyStrelnikov said:

@itman - Yes. ESET detect both of this two links.

Then I would say Eset phishing protection is fully functional.

As far as the AMTSO Desktop test site goes, they were hacked a while back and some tests, PUA and Cloudcar, aren't functional at all. As such, I would say Chrome's non-detection of the AMTSO phishing test would be related to this status and not directly related to any issues within Eset.

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...