skydagger 0 Posted May 8, 2021 Posted May 8, 2021 (edited) Been reading about HTTPS Inspection and honestly it's the first time I've even noticed that it's included in ESET after years of using the different offerings. If I understand it correctly is that ESET inserts itself in the middle of your connection and scans it as it's passing through. Basically no different than a MITM attack except that it's from your AV. Now, are the sites included in ESET's whitelist not experience this MITM move from the AV? Such as when I view a site such as Paypal, I can clearly see that it's the site's certificate that is being used and not the one by ESET. I'm asking this because I want to add some sites to my whitelist to increase my privacy a little bit even from my own AV. I think it will give me a peace of mind knowing that it's only me and the website knowing whatever I'm doing/inputting there. Please don't recommend to disable the feature as I can clearly see how helpful it can be just by a simple test of the EICAR website. Malicious files are already detected before it even reaches your download folder. I want to keep this functionality except for some few websites. I'm not really an expert on PC security so hope someone can help me on this. Edited May 8, 2021 by skydagger
Solution itman 1,790 Posted May 8, 2021 Solution Posted May 8, 2021 Eset maintains an internal whitelist of URLs it does not perform SSL/TLS protocol scanning. Any scanned web site can be excluded from SSL/TLS protocol scanning by adding its certificate to List of know certificates and setting its Scan setting to Ignore. The easiest way to do this is by URL method.
skydagger 0 Posted May 9, 2021 Author Posted May 9, 2021 8 hours ago, itman said: Eset maintains an internal whitelist of URLs it does not perform SSL/TLS protocol scanning. Any scanned web site can be excluded from SSL/TLS protocol scanning by adding its certificate to List of know certificates and setting its Scan setting to Ignore. The easiest way to do this is by URL method. Found the option, thanks. Just to clarify, if you put a website's certificate in this list then ESET completely doesn't do anything with it? No MITM?
Administrators Marcos 5,408 Posted May 9, 2021 Administrators Posted May 9, 2021 Correct. You can temporarily switch SSL filtering to interactive mode so that you are asked about certificates. Selecting Ignore will exclude the SSL communication that uses the certificate from protocol filtering.
skydagger 0 Posted May 9, 2021 Author Posted May 9, 2021 24 minutes ago, Marcos said: Correct. You can temporarily switch SSL filtering to interactive mode so that you are asked about certificates. Selecting Ignore will exclude the SSL communication that uses the certificate from protocol filtering. Alright thank you!
Recommended Posts