Jump to content

packet inspection bug


Recommended Posts

Packet inspection- Deny opening of executable files on a server outside the Trusted zone in SMB protocol:

​Should this rule deny just an opening or also copy paste from server outside of the Trusted zone? I am using a VPN connection to a one of my work servers and I am not able to copy a file form the server unless I disable this protection.

 

Link to comment
Share on other sites

  • 4 weeks later...
  • ESET Moderators

Hello Ondrej,

 

the feature works that way, that it drops the connection when first folder with .exe file is opened.

So you are not able to copy the file (the user would be able to run it from his machine after copying it).

Link to comment
Share on other sites

Thank you for your response.

It means that it involves opening the folder with an exe or dll file in contrary to instructions provided for ESET Smart Security?  ...(Drops connection when you are trying to open an executable file (.exe, .dll, ...) from a shared folder on the server that does not belong to the Trusted zone in Personal firewall. Note that copying executable files from trusted sources can be legitimate. On the other hand, this detection should mitigate risks from unwanted opening a file on a malicious server, for example caused by clicking a user on a link to a shared malicious executable file.)

Just to clarify the trusted source does not must mean or entail a trusted zone or it does ? I may have a server that I am using infrequently or rarely so I don't want to add it to a trusted zone..

Edited by Ondrej Lovász
Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...