Jump to content

EIS firewall problem

Recommended Posts

EIS 防火墙无法阻止 DLL 文件访问网络

Machine translation:

EIS firewall cannot prevent DLL files from accessing the network

Edited by Marcos
Machine translation added
Link to comment
  • Administrators

Since this is an English forum, we kindly ask you to post in English.

As for the question, dll files cannot be executed. Firewall rules are bound to executables or services. What would you like to achieve exactly?

Link to comment

As @Marcos noted, .dll files cannot directly access the Internet. They can only do so under some type of programmatic control. Posted below are references on some ways malware does so. You either have to rely on other Eset protection mechanisms to detect these malicious activities, or do so manually via the Eset HIPS. This is difficult to do without blocking legit system activities since the HIPS doesn't allow for monitoring of process command line parameters. The best way to do so is via monitoring of child process startup activities from these exploited processes as noted in this Eset KB article in regards to ramsomware firewall rules: https://support.eset.com/en/kb6132-configure-firewall-rules-for-eset-endpoint-security-to-protect-against-ransomware






Edited by itman
Link to comment
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...