itman 1,727 Posted August 16, 2023 Share Posted August 16, 2023 This activity just started with ver. 16.2. Refer to the below screen shot. Highlighted in black is my legit IPv4 DNS server address assigned via gateway DHCPv4 processing. Highlighted in red is a DNS connection to Google's public IPv4 DNS server address. This activity also appears to be related to Eset's use of Cloudflare's Comodo crl download. How do I stop Eset's download from Cloudflare? Link to comment Share on other sites More sharing options...
Administrators Marcos 5,189 Posted August 16, 2023 Administrators Share Posted August 16, 2023 You could try disabling SSL filtering if you don't want to check CRLs. SSL filtering has always checked certificates against CRLs since SSL filtering was first implemented years ago. Link to comment Share on other sites More sharing options...
itman 1,727 Posted August 16, 2023 Author Share Posted August 16, 2023 Just now, Marcos said: Try disabling SSL filtering if you don't want to check CRLs. Obviously, I don't want to disable SSL/TLS protocol filtering and weaken my security protection. I just don't want my DNS processing hijacked. Further, my ISP prohibits use of DNS servers other than its own and will most likely block the DNS traffic on its relay DNS servers. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,189 Posted August 16, 2023 Administrators Share Posted August 16, 2023 Google DNS is used as a fallback when the primary and secondary DNS fail. If you can reproduce it (ideally after a reboot), carry on as follows: Enable advanced logging under Help and support -> Technical support Reboot the machine (if it happens at the system startup or shortly after) Reproduce the issue Stop logging Collect logs with ESET Log Collector and upload the generated archive here. Link to comment Share on other sites More sharing options...
Recommended Posts