bEeReE 4 Posted November 16, 2021 Share Posted November 16, 2021 Hi there, Just noted that the com.eset.network process shows activities around 10% when opening Mac apps such as App Store or Music. Shouldn't it be restricted to "browsers" as per Help section: https://help.eset.com/ecs/6/de-DE/?ud_web_email.html ? If it scans App traffic, how can it be customized to scan Safari only? I've already excluded many applications under "General/Exclusions/Web and Email", but it doesn't seem to work.... Thanks! Link to comment Share on other sites More sharing options...
Administrators Marcos 4,707 Posted November 17, 2021 Administrators Share Posted November 17, 2021 On Mac it is not possible to exclude particular applications from protocol filtering. As for the performance / cpu utilization issue, please collect logs as per https://support.eset.com/en/kb3404 and raise a support ticket. Link to comment Share on other sites More sharing options...
bEeReE 4 Posted November 17, 2021 Author Share Posted November 17, 2021 6 hours ago, Marcos said: On Mac it is not possible to exclude particular applications from protocol filtering. Could you please shortly explain what you mean? General/Exclusions/Web and Email: "Applications or IP addresses removed from scanning" Further, is it desired that when I deactivate the "Enable HTTP protocol checking", but leave Web Access and anti spyware protection on, internet connection is blocked because the Network Protection Proxy can't connect any longer? I want only phishing protection.... Link to comment Share on other sites More sharing options...
Administrators Marcos 4,707 Posted November 17, 2021 Administrators Share Posted November 17, 2021 1, Unfortunately I have no clue why Safari doesn't appear in the list of applications. Please raise a support ticket. I'd expect you could leave only Safari in the list. 2, HTTP filtering is crucial for Antiphishing to work. Without scanning HTTP communication the scanner would not know what websites you open. Link to comment Share on other sites More sharing options...
bEeReE 4 Posted November 17, 2021 Author Share Posted November 17, 2021 16 minutes ago, Marcos said: 1, Unfortunately I have no clue why Safari doesn't appear in the list of applications. Because I have not listed it. The list is manually filled by me. It would better to allow defining which applications should be scanned rather than exclude everything that should not be scanned. I want to exclude everything except Safari. But as explained, even when entered in the list and thus excluded, it may be that ESET is still scanning the traffic as CPU goes up for com.eset.network when opening one of the applications. 17 minutes ago, Marcos said: 2, HTTP filtering is crucial for Antiphishing to work. Without scanning HTTP communication the scanner would not know what websites you open. Why is it then possible to enable/deactivate protocol filtering when it is a crucial part of Web Access Protection? Link to comment Share on other sites More sharing options...
Administrators Marcos 4,707 Posted November 17, 2021 Administrators Share Posted November 17, 2021 I can check with colleagues how it behaves on Mac but on Windows disabling HTTP scanning triggers a warning: Link to comment Share on other sites More sharing options...
Chas4 3 Posted November 19, 2021 Share Posted November 19, 2021 Not sure why you have port 443 as that is HTTPS not used by HTTP. The anti phishing in ESET uses the Web Access Antivirus and anti spyware protection, and on new macOS versions they added a proxy (ESET Network Protection Proxy) for it to be able to scan urls (due to recent macOS security requirements from Apple). Link to comment Share on other sites More sharing options...
Administrators Marcos 4,707 Posted November 19, 2021 Administrators Share Posted November 19, 2021 6 minutes ago, Chas4 said: Not sure why you have port 443 as that is HTTPS not used by HTTP. Port 443 must be in the list in order for domains accessed in https communication to be recognized and possibly filtered. Link to comment Share on other sites More sharing options...
Chas4 3 Posted November 19, 2021 Share Posted November 19, 2021 7 hours ago, Marcos said: Port 443 must be in the list in order for domains accessed in https communication to be recognized and possibly filtered. Last I knew ESET could not scan HTTPS on macOS and is not in the default ports, which are 80 and 8080 Link to comment Share on other sites More sharing options...
Administrators Marcos 4,707 Posted November 19, 2021 Administrators Share Posted November 19, 2021 11 minutes ago, Chas4 said: Last I knew ESET could not scan HTTPS on macOS and is not in the default ports, which are 80 and 8080 The HTTPS communication will not be scanned even with port 443 added in the list, however, it will enable the product to perform filtering by hostname. Link to comment Share on other sites More sharing options...
Recommended Posts