Ondrej Lovász 0 Posted April 26, 2014 Share Posted April 26, 2014 Packet inspection- Deny opening of executable files on a server outside the Trusted zone in SMB protocol:Should this rule deny just an opening or also copy paste from server outside of the Trusted zone? I am using a VPN connection to a one of my work servers and I am not able to copy a file form the server unless I disable this protection. Link to comment Share on other sites More sharing options...
ESET Moderators Peter Randziak 1,152 Posted May 19, 2014 ESET Moderators Share Posted May 19, 2014 Hello Ondrej, the feature works that way, that it drops the connection when first folder with .exe file is opened. So you are not able to copy the file (the user would be able to run it from his machine after copying it). Link to comment Share on other sites More sharing options...
Ondrej Lovász 0 Posted May 22, 2014 Author Share Posted May 22, 2014 (edited) Thank you for your response. It means that it involves opening the folder with an exe or dll file in contrary to instructions provided for ESET Smart Security? ...(Drops connection when you are trying to open an executable file (.exe, .dll, ...) from a shared folder on the server that does not belong to the Trusted zone in Personal firewall. Note that copying executable files from trusted sources can be legitimate. On the other hand, this detection should mitigate risks from unwanted opening a file on a malicious server, for example caused by clicking a user on a link to a shared malicious executable file.) Just to clarify the trusted source does not must mean or entail a trusted zone or it does ? I may have a server that I am using infrequently or rarely so I don't want to add it to a trusted zone.. Edited May 22, 2014 by Ondrej Lovász Link to comment Share on other sites More sharing options...
.thumb.jpg.d0dae4df7d520793aba4b217c88691a6.jpg)
Recommended Posts