Jump to content

Recommended Posts

Posted

Hello,

I am trying to block application via policy on ESET Remote Administration.

More specific  from Detection Engine / HIPS / Rules.

Is this right? Is there any other way to do? Is it possible that?

 

Clinets:  Endpoint Antivirus Version of Product 7.0.2100.4

Server:

ESET Remote Administrator (Server), Version 6.5 (6.5.417.0)
ESET Remote Administrator (Web Console), Version 6.5 (6.5.388.0)
CentOS (64-bit), Version 7.7.1908
 

 

 

 

  • Administrators
Posted

We do not have a feature like Application Control. Currently you can use HIPS rules to block access to or execution of specific applications defined by a path.

Posted
1 minute ago, Marcos said:

We do not have a feature like Application Control. Currently you can use HIPS rules to block access to or execution of specific applications defined by a path.

Yes as said on first post i tried with HIPS.

Can you give a full example? Because i tried with specific path with executable file. For example i tried with below

  • "C:\Program Files (x86)\Notepad++\notepad++.exe"
  • C:\Program Files (x86)\Notepad++\notepad++.exe
  • "C:\Program Files (x86)\Notepad++\*
  • Administrators
Posted

This is a rule to block execution of Notepad:

image.png

image.png

image.png

image.png

Posted (edited)

I am wondering if the issue is the use of the "+" sign in the path name? Note the OP is referring to notepad++ app and not the Win notepad.exe app.

As as test, create a HIPS rule for Microsoft's notepad.exe startup and see that works.

Edited by itman
Posted (edited)
23 minutes ago, Marcos said:

This is a rule to block execution of Notepad:

image.png

image.png

image.png

image.png

 

Thank you Marcos. It is working.

Notepad is for example. I block other application. 

Edited by karanik
Posted
24 minutes ago, itman said:

I am wondering if the issue is the use of the "+" sign in the path name? Note the OP is referring to notepad++ app and not the Win notepad.exe app.

As as test, create a HIPS rule for Microsoft's notepad.exe startup and see that works.

I  just wanted an example.

I wanted to block another application.

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...