Jump to content
ECELeader

Anti-phising and ssl/tls filtering not working in Firefox Developer Edition

Recommended Posts

Eset anti-phising and SSL filtering are not working in Firefox Developer Edition. They work fine in Chrome and regular Firefox, but not in the Developer edition.

 

Using ESET SSP 12.2.29.0. Even tried pre-release channel to see if there is a fix.

383948991_Annotation2019-09-22005645.thumb.png.d9c56c08b513d77073f4529302831a3b.png

Share this post


Link to post
Share on other sites

It's better to avoid SSL filtering. I keep it turned off. Anyway, wait for a reply from someone who knows about this issue.

Share this post


Link to post
Share on other sites

I have no problem here:

image.png

If you check information about the certificate used on this forum, do you see ESET there?

image.png

 

As for SSL filtering, it is important to keep it enabled since more and more malware is downloaded via https and the number of malicious websites utilizing SSL is growing as well. Also the fact that browsers are starting to report http connections as unsecure, bad guys have a good motivation to move to https as well.

By coincidence last week I attended a presentation by an ethical hacker who attempted to attack a machine utilizing Meterpreter. He failed once thanks to SSL filtering employed by ESET. When he managed to bypass it, the payload was detected and blocked upon injection by Advanced Memory Scanner.

Share this post


Link to post
Share on other sites

No I don't see ESET verification in the certificate when using Firefox Developer Edition:

1181277950_Annotation2019-09-22112102.png.0568fa4f026a0db71370f32e488ea4df.png

 

In the regular Firefox and Chrome it works just fine.

Eset detects the other AMTSO tests (eicar, cloudcar etc). The only test failing is the anti-phising one.

 

4 hours ago, Marcos said:

As for SSL filtering, it is important to keep it enabled since more and more malware is downloaded via https and the number of malicious websites utilizing SSL is growing as well. Also the fact that browsers are starting to report http connections as unsecure, bad guys have a good motivation to move to https as well.

By coincidence last week I attended a presentation by an ethical hacker who attempted to attack a machine utilizing Meterpreter. He failed once thanks to SSL filtering employed by ESET. When he managed to bypass it, the payload was detected and blocked upon injection by Advanced Memory Scanner.

Interesting story! I know the importance of SSL filtering so I always keep it on.

Edited by ECELeader

Share this post


Link to post
Share on other sites
4 hours ago, ECELeader said:

No I don't see ESET verification in the certificate when using Firefox Developer Edition:

Via Options -> Security Settings, open the Certificate store and verify if Eset's certificate is present under the Authorities store.

Edited by itman

Share this post


Link to post
Share on other sites

Thank you all for your help! The issue was solved after reinstalling all Firefox editions in my PC completely (removing the %AppData% folder as well) and reinstalling Firefox Developer Edition.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...