itman 1,746 Posted June 15, 2015 Share Posted June 15, 2015 (edited) I would also like to see SSL protocol scanning decoupled from e-mail scanning. I very much need this feature to scan my Thunderbird encrypted e-mail received from my e-mail ISP. I don't want to turn it on for browser use however. It's already implemented: First activate SSL scanning, after that you can deactivate https-scanning under Web and E-Mail -> Web protection -> HTTP, HTTPS If you do that, then no port 443 scanning will be done. Note that there can be web traffic that uses port 443 that is not encrypted. That is why by default, Eset scans port 443 with SSL protocol scanning disabled; it just ignores encrypted traffic. Also the Eset cert. remains in the Windows root CA using your suggestion which I consider a security risk. Eset should only use the like cert. installed in Thunderbird's root CA. The e-mail SSL protocol scanning options should override globally setting off SSL protocol scanning for everything which currently is the case. Edited June 15, 2015 by itman Quote Link to comment Share on other sites More sharing options...
User 13 Posted June 15, 2015 Share Posted June 15, 2015 (edited) If you do that, then no port 443 scanning will be done. There is no information in the help files or context menu that says so, also it would be illogical. Edited June 15, 2015 by User Quote Link to comment Share on other sites More sharing options...
itman 1,746 Posted June 15, 2015 Share Posted June 15, 2015 (edited) If you do that, then no port 443 scanning will be done. There is no information in the help files or context menu that says so, also it would be illogical. From the Smart Security ver. 8 user manual: Use HTTPS protocol checking for selected ports – The program will only check those applications that are specified in the Web and email clients section and that use ports defined in Ports used by HTTPS protocol. Port 443 is set by default. Encrypted communication will be not scanned. To enable the scanning of encrypted communication and view the scanner setup, navigate to SSL protocol checking in Advanced setup section, click Web and email > Protocol filtering > SSL and enable the Always scan SSL protocol option. To me this means disable that option and HTTPS traffic will not be scanned. What is unclear is if port 443 was added to the HTTP port list, would it be scanned? Edited June 15, 2015 by itman Quote Link to comment Share on other sites More sharing options...
User 13 Posted June 15, 2015 Share Posted June 15, 2015 (edited) My opinion is the following: You can add port 443 in the http-port list, then http-traffic will be scanned on port 443. In standard configuration only ports 80, 8080, 3128 are scanned for http-traffic. So this has nothing to do with the second https-port list. So if you don't add 443 to the http-port list, http-traffic on port 443 will not be scanned even if https-scanning for port 443 is activated. Maybe someone from ESET can post here if that's correct. Edited June 15, 2015 by User Quote Link to comment Share on other sites More sharing options...
itman 1,746 Posted June 16, 2015 Share Posted June 16, 2015 My opinion is the following: You can add port 443 in the http-port list, then http-traffic will be scanned on port 443. In standard configuration only ports 80, 8080, 3128 are scanned for http-traffic. So this has nothing to do with the second https-port list. So if you don't add 443 to the http-port list, http-traffic on port 443 will not be scanned even if https-scanning for port 443 is activated. Maybe someone from ESET can post here if that's correct. My opinion is the following: You can add port 443 in the http-port list, then http-traffic will be scanned on port 443. In standard configuration only ports 80, 8080, 3128 are scanned for http-traffic. So this has nothing to do with the second https-port list. So if you don't add 443 to the http-port list, http-traffic on port 443 will not be scanned even if https-scanning for port 443 is activated. Maybe someone from ESET can post here if that's correct. Found a copy of pre-release ver. 9 user manual on the web yesterday. Just describes features w/o specific settings and the like. From what was stated there, ver. 9 will include an option to selectively turn on/off SSL protocol scanning by application. So I will just have to wait until it's released to determine if this issue is a moot point. Quote Link to comment Share on other sites More sharing options...
Octopuss 5 Posted June 18, 2015 Share Posted June 18, 2015 (edited) Kakashi please stop spamming and stop posting utterly stupid nonsenses. It would be much better if you invested your time in english lessons instead of all this. Edited June 18, 2015 by Octopuss Quote Link to comment Share on other sites More sharing options...
hqsec 12 Posted June 26, 2015 Share Posted June 26, 2015 (edited) Description: add read file option to available HIPS target files operations Detail: right now HIPS allows to control delete file and write to file operations. It would be great to have an option to control read file also. Some malware might not try to encrypt or destroy data. Sometimes stealing it might be even more dangerous. Edited June 26, 2015 by hqsec Foobar 1 Quote Link to comment Share on other sites More sharing options...
elc 1 Posted July 9, 2015 Share Posted July 9, 2015 Hello, I would like to investigate on IP adresses which appear in Smart Security 8 / Tools / Connexions / Distant IPs. It would save time if it was possible to copy IPs from ESET to a search engine. So far the page is just an "image" without select/copy function. This has a common point with post 149 (15062 not found). Is the development of this function planned? Best regards Quote Link to comment Share on other sites More sharing options...
TheNightGallery 0 Posted July 12, 2015 Share Posted July 12, 2015 I'd like to see it work with Windows and not cause issues with sleep mode. I posted about this problem earlier, but Admin never approved the message. Since installing the latest version, my computer will no longer stay in sleep mode. Is there any fix for this? Quote Link to comment Share on other sites More sharing options...
rugk 397 Posted July 12, 2015 Share Posted July 12, 2015 This has a common point with post 149 (15062 not found). Yes, it is. Here is a direct link: https://forum.eset.com/topic/51-future-changes-to-eset-smart-security/page-8#entry15062 Quote Link to comment Share on other sites More sharing options...
nhesetnod32 0 Posted July 22, 2015 Share Posted July 22, 2015 Description: Eset Remote Administrator 6 Columns enhancementDetail: Currently the list of columns to display for devices in the remote console is wonderful but can a User Name column option be added? At least to show the last logged on user of a device? I could not find a future enhancements option in the Remote Administrator forum and thought I would place this here for now. Quote Link to comment Share on other sites More sharing options...
itman 1,746 Posted August 10, 2015 Share Posted August 10, 2015 Emsisoft will be terminating Online Armor support in the near future since it no longer fits into their business development model. Would suggest Eset explore purchasing software licensing rites to it. Then incorporate it into NOD32 and Smart Security; at least the HIPS portion of it as replacement to the existing featureless HIPS Eset has in these two products. Or, offer it as an extra cost option. Quote Link to comment Share on other sites More sharing options...
Pentode 13 Posted August 17, 2015 Share Posted August 17, 2015 (edited) Just keep Nod 7 rolling and I'll be happy...... I like the Nod32 signature when sending Emails, that is a must for me on my outgoing Emails, plus it's good for business by self advertising have you forgot? No, no don't tell me I should be using the latest version - I don't wanna hear or be knowing because it does not display the 'checked by.. Nod 32 signature' so if this could be included then I'll be happy to update... but alas not only has the browser war gone crazy the operating system has too. Sooo, I'm happy and no complaints yet. ESET you doing a great job, nice and clean, no slow down, no BSOD's and certainly no pop-up ads like the other rogue of an AV I had.... and that was a paid version! So I'll keep nodding all the way..... until? Dave Edited August 17, 2015 by Pentode Quote Link to comment Share on other sites More sharing options...
itman 1,746 Posted September 9, 2015 Share Posted September 9, 2015 Just started using the firewall in interactive mode. I do wish that Eset would either store the URL versus the IP address in the generated outbound firewall rule. Or, at least provide an option to store either one. This would be most beneficial for rules covering svchost.exe, rundll32.exe, and the like that connect to Microsoft using many different servers and IP addresses. Also these processes are frequently targeted by malware. Creating rules that allow all outbound activity for these processes is not very secure. Creating a separate firewall rule for every IP address svchost.exe uses when connecting to Microsoft will result in dozens of rules being generated. I also believe this would not be a major issue to implement since the Eset firewall alert already displays the URL used for the connection. As such, the URL is available to be stored in the resultant generated outbound firewall rule. Quote Link to comment Share on other sites More sharing options...
rugk 397 Posted September 9, 2015 Share Posted September 9, 2015 Just FYI: As for svchost.exe you can choose the service which a rule should cover in v9 of ESS and NOD32. Quote Link to comment Share on other sites More sharing options...
itman 1,746 Posted September 9, 2015 Share Posted September 9, 2015 Just FYI: As for svchost.exe you can choose the service which a rule should cover in v9 of ESS and NOD32. That is good to know. Question though is if it will be of any benefit. I have played with third party Win firewall add-ons in the past that tried to do the same. Most didn't work right due to the fact that there are hidden services that are not shown via Admin -> Services that Win uses. Many of these are triggered by BITS. However, restricting svchost.exe access to MS servers or its proxies e.g. Akamai gives very good protection. Quote Link to comment Share on other sites More sharing options...
V3.Firewall 2 Posted September 19, 2015 Share Posted September 19, 2015 ESET should focus on firewall to provide protection against strong flood and ddos attack And when someone gives you flood the internet will be detected and stopped automatically without you doing anything Quote Link to comment Share on other sites More sharing options...
rugk 397 Posted September 20, 2015 Share Posted September 20, 2015 ESET already has a DDOS protection included in the firewall. Quote Link to comment Share on other sites More sharing options...
V3.Firewall 2 Posted September 20, 2015 Share Posted September 20, 2015 ESET already has a DDOS protection included in the firewall. lol where ? Quote Link to comment Share on other sites More sharing options...
rugk 397 Posted September 20, 2015 Share Posted September 20, 2015 Quote Link to comment Share on other sites More sharing options...
V3.Firewall 2 Posted September 20, 2015 Share Posted September 20, 2015 thanks man for replay Quote Link to comment Share on other sites More sharing options...
khairulaizat92 9 Posted September 27, 2015 Share Posted September 27, 2015 Microsoft has implement p2p function on their windows update, im just wondering if ESET able to do the same? The idea are so that when ESET user are using the same network for online, the update can be distributed much more faster and better among them. Honestly, Im thinking about this because, in my shop we are doing services for the pc and laptop and also some cyber cafe activities, and all of our pc are using eset. so when customer want to reset their pc, we will install eset trial on their pc while offering them a full license products, but the 1st time update sometimes take longer time eventhough my internet speed are 20Mbps. Well of course i understand that the 1st time update are large and slow, it just that theres might be a way to make it download faster or something like that Quote Link to comment Share on other sites More sharing options...
rugk 397 Posted September 27, 2015 Share Posted September 27, 2015 (edited) Personally I don't really like the P2P updates... However in your situation you could use the business products from ESET where you can make an update mirror on one PC in your network. However the PCs with ESET Endpoint Protection have to belong to you of course. The only thing you can currently do for other computers is using the latest version of the installer, which also has all VSD updates included (at the time where it was released). (And also use the offline installer so it doesn't have to download the installer file every time) Edited September 27, 2015 by rugk Quote Link to comment Share on other sites More sharing options...
mantra 1 Posted September 30, 2015 Share Posted September 30, 2015 hi will consider eset to add an ads block ? i mean not only for the browser but for the operation system thanks Quote Link to comment Share on other sites More sharing options...
aranud 0 Posted September 30, 2015 Share Posted September 30, 2015 Hi, I hope : Add stream update On my.eset.com see logs of the computers (or others actions), i have a family with 6 computers... On my.eset.com add a form for samples Thank you. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.