Connector 0 Posted October 24, 2019 Share Posted October 24, 2019 Hi everybody, I hope that this is the correct Place for this. Out of pure curiosity, when I was checking some certificates I noticed that the certificate on google.com is not marked as verified by ESET, as is usually the case with active SSL/TLS Filtering, but instead marked as verified by GTS. Also noticed the same thing with cnn.com. When I crosschecked it with a local news website, it showed me the Certificate as Verified by: ESET SSL Filter CA See the screenshots attached, they are in German but it translates to Verified By: [...] Just asking out of pure curiosity, could it be that those Sites are verified by an independent Certificate Authority and are already registered as Safe within ESET's Database? 😄 I tried it out with Chrome, Edge, Firefox and Opera, all of them are up-to-date. I'm using ESET Endpoint Security version 7.1.2053, with active SSL/TLS Filtering in automatic mode. Link to comment Share on other sites More sharing options...
Administrators Marcos 4,704 Posted October 24, 2019 Administrators Share Posted October 24, 2019 Trusted sites are excluded from SSL filtering by default. You can have them filtered and scanned by disabling the appropriate setting: Link to comment Share on other sites More sharing options...
Connector 0 Posted October 24, 2019 Author Share Posted October 24, 2019 I see, that makes Sense, thanks for the quick answer and satisfying my curiosity Link to comment Share on other sites More sharing options...
Most Valued Members peteyt 359 Posted October 24, 2019 Most Valued Members Share Posted October 24, 2019 3 hours ago, Marcos said: Trusted sites are excluded from SSL filtering by default. You can have them filtered and scanned by disabling the appropriate setting: Is there any risk of this being used wrongly - e.g. if a trusted domain is hijacked I presume eset would still detect malware etc. Just asking as its something I was just curious about Link to comment Share on other sites More sharing options...
Connector 0 Posted October 28, 2019 Author Share Posted October 28, 2019 Played around with the SSL/TLS Options in a test environment and crosschecked with amtso, I think that ESET is gonna block the communication with a hijacked/unsafe page if the certificate is in some way compromised, since there are a lot of layers in place to make secure communication with the site in question possible. And it's still gonna stop downloads/execution of suspicious files. Although, I think the only way to really know for sure is if such a case happens in a real-life situation 🤷♂️ Link to comment Share on other sites More sharing options...
Recommended Posts