Jump to content

Recommended Posts

  • Administrators

Apparently HTTPS filtering is working just fine:

7. 4. 2020 5:21:26    HTTP filter    file   https://secure.eicar.org/eicarcom2.zip  Eicar test file    connection terminated    Event occurred during an attempt to access the web by the application: C:\Windows\System32\MicrosoftEdgeCP.exe

Does disabling this option in the SSL filtering setup make a difference?

image.png

Link to post
Share on other sites
  • Replies 129
  • Created
  • Last Reply

Top Posters In This Topic

Top Posters In This Topic

Popular Posts

I did test v13.0 and v12 all of them have same problem in a clean system only ESET and Firefox But once i installed chrome it works fine I think ESET need to check it, maybe a module update is n

The issue is fixed in the Internet protection module version 1396; currently it is available on pre-release update servers.

Posted Images

1 hour ago, Marcos said:

Apparently HTTPS filtering is working just fine:

7. 4. 2020 5:21:26    HTTP filter    file   https://secure.eicar.org/eicarcom2.zip  Eicar test file    connection terminated    Event occurred during an attempt to access the web by the application: C:\Windows\System32\MicrosoftEdgeCP.exe

Does disabling this option in the SSL filtering setup make a difference?

image.png

Hi, Yes the filtering is working for Edge but not Firefox. I just did a clean install of Windows 10 Pro and ESET and ssl filtering is not working with Firefox 75 on a clean Windows install either :(.

I'm not sure what else to try if it's not working on a clean Windows 10 Pro and ESET install. I did another log collection (this time it completed but said there were warnings present?). I tried toggling the setting your mentioned, the exclude communication with trusted domains and that doesn't seem to do anything.

Just to clarify: The SSL filtering does NOT work with Firefox but it DOES work with Edge and Chrome.

eis_logs.zip

Edited by hardwired
Link to post
Share on other sites
  • 2 weeks later...

Can confirm that latest ESET EIS is not automatically installing its certificate to Firefox CA store, it's a clean ESET install and the mentioned about:config flag is already set to true (I've used Adguard Pro previously but uninstalled it long time ago using its removal tool).
Firefox version: 75 stable channel

ESET EIS: 13.1.21.0

Internet protection module: 1395

Link to post
Share on other sites
  • Administrators
58 minutes ago, geminis3 said:

Can confirm that latest ESET EIS is not automatically installing its certificate to Firefox CA store

That's how it's supposed to be. Are you actually experiencing some issues?

Link to post
Share on other sites

Same here with the latest eset and Firefox 64 bits. I could not find a way to make eset scan firefox traffic as it does with other browsers.

Is there a way to do it ? I've read this whole topic but no solution.

Link to post
Share on other sites
  • Administrators
43 minutes ago, mateusb said:

Same here with the latest eset and Firefox 64 bits. I could not find a way to make eset scan firefox traffic as it does with other browsers.

Is there a way to do it ? I've read this whole topic but no solution.

Is eicar detected upon download with SSL filtering enabled? https://secure.eicar.org/eicarcom2.zip

Link to post
Share on other sites
  • ESET Insiders
Posted (edited)
4 minutes ago, Marcos said:

Is eicar detected upon download with SSL filtering enabled? https://secure.eicar.org/eicarcom2.zip

It don't get detected while downloading using Firefox but it get blocked on Chrome

Update:
I'm using "Internet Download Manager" and it got detected after i stopped IDM and used Firefox instead

But in Chrome it get blocked before IDM can catch the link

Edited by BALTAGY
Link to post
Share on other sites
4 minutes ago, BALTAGY said:

It don't get detected while downloading using Firefox but it get blocked on Chrome

Update:
I'm using "Internet Download Manager" and it got detected after i stopped IDM and used Firefox instead

But in Chrome it get blocked before IDM can catch the link

This is what happens to me, Firefox isn't filtering at all on a new install/new Windows install. Other browsers did but not Firefox.

Link to post
Share on other sites
  • Administrators
13 minutes ago, hardwired said:

This is what happens to me, Firefox isn't filtering at all on a new install/new Windows install. Other browsers did but not Firefox.

Is this file created after enabling SSL filtering? "C:\Program Files\Mozilla Firefox\defaults\pref\eset_security_config_overlay.js"

Link to post
Share on other sites
1 hour ago, BALTAGY said:

Update:
I'm using "Internet Download Manager" and it got detected after i stopped IDM and used Firefox instead

Are you using the stand-alone installed version or the FireFox add-on?

Link to post
Share on other sites
  • ESET Insiders
11 minutes ago, itman said:

Are you using the stand-alone installed version or the FireFox add-on?

If you install IDM, it will install the Firefox add-on, same happen with all browsers

Also i have the file Marcos asking about

Link to post
Share on other sites
8 minutes ago, BALTAGY said:

If you install IDM, it will install the Firefox add-on, same happen with all browsers

If the .exe associated with the installed IDM is actually doing the file downloading, it should be shown in "List of SSL/TLS filtered applications" per the below screen shot:

Eset_Filtered_Apps.thumb.png.9395a8ef89d8dd93216e1a60259b7f50.png

 

Edited by itman
Link to post
Share on other sites
  • ESET Insiders
48 minutes ago, itman said:

If the .exe associated with the installed IDM is actually doing the file downloading, it should be shown in "List of SSL/TLS filtered applications" per the below screen shot:

Eset_Filtered_Apps.thumb.png.9395a8ef89d8dd93216e1a60259b7f50.png

 

Snap1.jpg

Link to post
Share on other sites

Appears there is something wrong with the FireFox add-on to IDM. 

With the add-on enabled, it is somehow blocking Eset SSL/TLS protocol scanning of downloads. Check the configuration options for the add-on for anything related to AV HTTPS scanning exclusions or the like.

Edited by itman
Link to post
Share on other sites

The only reference I see in IDM relating to AV use is shown below. What does it show on your system?

Quote

Downloads tab

In Dialogs group box you can control how IDM dialogs are displayed. Select "Don't show" item in Download progress list box, if you don't want to see "Download Progress" dialog at all. If you don't like to see "Download Progress" dialog appearing in front of all other windows, select "Show minimized". You can disable "Download Complete" dialog using "Show download complete dialog" box.

Image downloads.png

 

Edited by itman
Link to post
Share on other sites
  • ESET Insiders
2 minutes ago, itman said:

The only reference I see IDM relating to AV use is shown below. What does it show on your system?

Snap1.jpg

It's empty, also i never needed to add anything to it since ESET did block before IDM can capture the link

Link to post
Share on other sites
  • ESET Insiders
12 minutes ago, itman said:

The only reference I see in IDM relating to AV use is shown below. What does it show on your system?

Also note that eicar.com and eicar.com.txt are blocked by ESET but not eicar_com.zip or eicarcom2.zip

Another note that i'm using Adguard and i see Adguard
certificate in all sites including forum.eset.com

Link to post
Share on other sites
  • Administrators

I recall that Adguard may cause issues when installed together with ESET. Try uninstalling it, at least temporarily.

Link to post
Share on other sites
17 minutes ago, BALTAGY said:

i see Adguard certificate in all sites including forum.eset.com

Does the Eset root cert. show on this web site: https://www.wilderssecurity.com/ ? If Adguard's shows, there's a problem.

Also if Eset is performing SSL/TLS protocol scanning, any like feature in Adguard should be disabled. Same principal applies here as to use of two real-time scanners together.

Edited by itman
Link to post
Share on other sites
3 minutes ago, BALTAGY said:

It's Adguard

Also if Eset is performing SSL/TLS protocol scanning, any like feature in Adguard should be disabled. Same principal applies here as to use of two real-time scanners together.

Edited by itman
Link to post
Share on other sites
  • ESET Insiders
Just now, itman said:

Also if Eset is performing SSL/TLS protocol scanning, any like feature in Adguard should be disabled. Same principal appears here as to use of two real-time scanners together.

Adguard only block Ads, but since the last v7.4 i see "Your browser is being managed by your organization." in Firefox settings and Adguard certificate is in all sites

I'm testing only ESET+IDM+Firefox in a clean system and will collect the logs

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.


×
×
  • Create New...