Jump to content
SergeyStrelnikov

Message Appearance in Filtered Websites (EIS 12)

Recommended Posts

Hello, since a week or two, not all sites is saved into Logs - Filtered Websites.  But "Minimum Logging Verbosity" is set to "Informative" in my config. I want to know - its some bug or it should be so? :huh: Because about a week ago absolutely all sites were displayed in this magazine. And now only dangerous sites are viewing thats all.

Share this post


Link to post
Share on other sites

@Marcos About eicar - yes. My AV is detect this file. But phishing test page not blocking (Screenshot is below). And i want to add - Some sites is registering in Site filter log. But not all. Only sites what was blocked. But i set log to registering all sites. Why AV gnot registering all viewed sites in log. Thats is my problem.

1.jpg

Share this post


Link to post
Share on other sites

As long as https filtering works and a particular website or url or certificate is not exckuded and antiphishing is enabled,there's no reason why it wouldn't work 

Share this post


Link to post
Share on other sites
Posted (edited)

-EDIT- The first thing to check is that Eset's Anti-Phishing protection is enabled in the Eset GUI Web and Email section.

There is a very ....... long discussion on this issue in another forum thread.

It turns out the person had a corrupted FireFox profile. He had to uninstall FireFox and deleted file-wise everything associated with it including his old profile file. He then reinstalled Firefox and the AMSTO Phishing Page was detected.

Edited by itman

Share this post


Link to post
Share on other sites

@itman You mean i need to reinstall my current browser or try other browser? By the way please give me link to this "discussion on this issue in another forum thread".

Share this post


Link to post
Share on other sites
29 minutes ago, SergeyStrelnikov said:

@itman You mean i need to reinstall my current browser or try other browser? By the way please give me link to this "discussion on this issue in another forum thread".

What browser are you using when you perform the AMTSO Phishing test and it's not detected by Eset?

Share this post


Link to post
Share on other sites
47 minutes ago, SergeyStrelnikov said:

@itman - Google Chrome 7.0.3865.120 64-bit.

OK. Thought you might be using FireFox.

First verify that Anti-phishing protection is enabled. Open the Eset GUI and select Advanced Setup. Select Web and Email ->  Anti-phishing Protection. Verify that Enable Anti-phishing Protection is check marked.  If it is not, check mark it. Save the change. Now retest at the AMTSO web site. If it was check marked originally, proceed as follows.  

This has work for some. You can search the forum for related postings. Open the Eset GUI and select Advanced Setup. Select Web and Email -> SSL/TLS -> List of SSL/TLS filtered applications. Find the entry for chrome.exe and select it. Mouse click on the Edit tab. Change the scan action from Auto to Scan. Save the change. Now retest at the AMTSO web site.

Edited by itman

Share this post


Link to post
Share on other sites

@itman It doesn't work... Anti-phishing Protection is check marked. I tried to re-check. Nothing. Im configured SSL/TLS from chrome.exe... Nothing.

Any other suggestion? Anyway - my problem - why not all sites is saved into Logs? Only blocked are saves.

Share this post


Link to post
Share on other sites
5 hours ago, SergeyStrelnikov said:

@itman It doesn't work... Anti-phishing Protection is check marked. I tried to re-check. Nothing. Im configured SSL/TLS from chrome.exe... Nothing.

Any other suggestion? Anyway - my problem - why not all sites is saved into Logs? Only blocked are saves.

All I can suggest is what worked for one Eset user having the same issue using Firefox. In that instance, the user totally uninstalled FireFox. Then and most importantly, he deleted anything leftover including his FireFox profile. Note that FireFox does not delete the user profile file when it is uninstalled. This will allow the user to retain all his custom settings when FireFox is reinstalled. The problem is most of the "nasty" issues are due to a corrupted profile and the only resolution is to allow FireFox to build a new profile when it is reinstalled.

You will have to do research if Chrome works the same way. That is if the profile is retained when it is reinstalled. If this is the case, advise you do what is stated above. Then recreate all your custom settings including add-ons and extensions. Finally, now retest at the AMTSO Desktop Phishing test site. Alternatively, below are a couple of "live" phishing web sites that Eset's phishing protection detects:

http://www.paypal.com.myhr.app.aruntest.shnpoc.net/

http://alnamal.com/

Edited by itman

Share this post


Link to post
Share on other sites

@itman Yes, these sites were blocked by my EIS and messages in the log also appeared. And yes, I reinstalled Chrome. Before this, it was completely deleted, profiles too. But still, my EIS dont blocking AMTSO web-page. I even don't know what to do next...

Share this post


Link to post
Share on other sites
25 minutes ago, SergeyStrelnikov said:

@itman Yes, these sites were blocked by my EIS and messages in the log also appeared. And yes, I reinstalled Chrome. Before this, it was completely deleted, profiles too. But still, my EIS dont blocking AMTSO web-page. I even don't know what to do next...

Does Eset detect the two real phishing links I posted?

Share this post


Link to post
Share on other sites
2 hours ago, SergeyStrelnikov said:

@itman - Yes. ESET detect both of this two links.

Then I would say Eset phishing protection is fully functional.

As far as the AMTSO Desktop test site goes, they were hacked a while back and some tests, PUA and Cloudcar, aren't functional at all. As such, I would say Chrome's non-detection of the AMTSO phishing test would be related to this status and not directly related to any issues within Eset.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...