Jump to content

Need explanation on SSL/TLS Filtering and how to add to whitelist


Go to solution Solved by itman,

Recommended Posts

Posted (edited)

Been reading about HTTPS Inspection and honestly it's the first time I've even noticed that it's included in ESET after years of using the different offerings. If I understand it correctly is that ESET inserts itself in the middle of your connection and scans it as it's passing through. Basically no different than a MITM attack except that it's from your AV.

Now, are the sites included in ESET's whitelist not experience this MITM move from the AV? Such as when I view a site such as Paypal, I can clearly see that it's the site's certificate that is being used and not the one by ESET. I'm asking this because I want to add some sites to my whitelist to increase my privacy a little bit even from my own AV. I think it will give me a peace of mind knowing that it's only me and the website knowing whatever I'm doing/inputting there.

Please don't recommend to disable the feature as I can clearly see how helpful it can be just by a simple test of the EICAR website. Malicious files are already detected before it even reaches your download folder. I want to keep this functionality except for some few websites. I'm not really an expert on PC security so hope someone can help me on this.

Edited by skydagger
Link to post
Share on other sites
  • Solution

Eset maintains an internal whitelist of URLs it does not perform SSL/TLS protocol scanning. Any scanned web site can be excluded from SSL/TLS protocol scanning by adding its certificate to List of  know certificates and setting its Scan setting to Ignore. The easiest way to do this is by URL method.

Link to post
Share on other sites
8 hours ago, itman said:

Eset maintains an internal whitelist of URLs it does not perform SSL/TLS protocol scanning. Any scanned web site can be excluded from SSL/TLS protocol scanning by adding its certificate to List of  know certificates and setting its Scan setting to Ignore. The easiest way to do this is by URL method.

Found the option, thanks. Just to clarify, if you put a website's certificate in this list then ESET completely doesn't do anything with it? No MITM?

Link to post
Share on other sites
  • Administrators

Correct. You can temporarily switch SSL filtering to interactive mode so that you are asked about certificates. Selecting Ignore will exclude the SSL communication that uses the certificate from protocol filtering.

Link to post
Share on other sites
24 minutes ago, Marcos said:

Correct. You can temporarily switch SSL filtering to interactive mode so that you are asked about certificates. Selecting Ignore will exclude the SSL communication that uses the certificate from protocol filtering.

Alright thank you!

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...