Jump to content
Network communication blocked after upgrade to macOS 15 (Sequoia) ×

Future changes to ESET NOD32 Antivirus, ESET Internet Security, ESET Smart Security Premium and ESET Ultimate Security

Aryeh Goretsky
 Share

Recommended Posts

itman

itman 1,746

Posted
Posted (edited)

 

I would also like to see SSL protocol scanning decoupled from e-mail scanning. I very much need this feature to scan my Thunderbird encrypted e-mail received from my e-mail ISP. I don't want to turn it on for browser use however.

 

 

It's already implemented:

 

First activate SSL scanning, after that you can deactivate https-scanning under

Web and E-Mail -> Web protection -> HTTP, HTTPS

 

If you do that, then no port 443 scanning will be done. Note that there can be web traffic that uses port 443 that is not encrypted. That is why by default, Eset scans port 443 with SSL protocol scanning disabled; it just ignores encrypted traffic. Also the Eset cert. remains in the Windows root CA using your suggestion which I consider a security risk. Eset should only use the like cert. installed in Thunderbird's root CA. 

 

The e-mail SSL protocol scanning options should override globally setting off SSL protocol scanning for everything which currently is the case.

Edited by itman
Link to comment
Share on other sites
User

User 13

Posted
Posted (edited)

 

If you do that, then no port 443 scanning will be done.

 

 

There is no information in the help files or context menu that says so, also it would be illogical.

Edited by User
Link to comment
Share on other sites
itman

itman 1,746

Posted
Posted (edited)

 

 

If you do that, then no port 443 scanning will be done.

 

 

There is no information in the help files or context menu that says so, also it would be illogical.

 

From the Smart Security ver. 8 user manual:

 

Use HTTPS protocol checking for selected ports – The program will only check those applications that are specified in

the Web and email clients section and that use ports defined in Ports used by HTTPS protocol. Port 443 is set by

default.

 

Encrypted communication will be not scanned. To enable the scanning of encrypted communication and view the

scanner setup, navigate to SSL protocol checking in Advanced setup section, click Web and email > Protocol filtering

> SSL and enable the Always scan SSL protocol option.

 

To me this means disable that option and HTTPS traffic will not be scanned. What is unclear is if port 443 was added to the HTTP port list, would it be scanned?

Edited by itman
Link to comment
Share on other sites
User

User 13

Posted
Posted (edited)

My opinion is the following:

 

You can add port 443 in the http-port list, then http-traffic will be scanned on port 443.

 

In standard configuration only ports 80, 8080, 3128 are scanned for http-traffic. So this has nothing to do with the second https-port list.

 

So if you don't add 443 to the http-port list, http-traffic on port 443 will not be scanned even if https-scanning for port 443 is activated.

 

 

 

Maybe someone from ESET can post here if that's correct.

Edited by User
Link to comment
Share on other sites
itman

itman 1,746

Posted
Posted

My opinion is the following:

 

You can add port 443 in the http-port list, then http-traffic will be scanned on port 443.

 

In standard configuration only ports 80, 8080, 3128 are scanned for http-traffic. So this has nothing to do with the second https-port list.

 

So if you don't add 443 to the http-port list, http-traffic on port 443 will not be scanned even if https-scanning for port 443 is activated.

 

 

 

Maybe someone from ESET can post here if that's correct.

 

 

My opinion is the following:

 

You can add port 443 in the http-port list, then http-traffic will be scanned on port 443.

 

In standard configuration only ports 80, 8080, 3128 are scanned for http-traffic. So this has nothing to do with the second https-port list.

 

So if you don't add 443 to the http-port list, http-traffic on port 443 will not be scanned even if https-scanning for port 443 is activated.

 

 

 

Maybe someone from ESET can post here if that's correct.

Found a copy of pre-release ver. 9 user manual on the web yesterday. Just describes features w/o specific settings and the like. From what was stated there, ver. 9 will include an option to selectively turn on/off SSL protocol scanning by application. So I will just have to wait until it's released to determine if this issue is a moot point.

Link to comment
Share on other sites
Octopuss

Octopuss 5

Posted
Posted (edited)

Kakashi please stop spamming and stop posting utterly stupid nonsenses. It would be much better if you invested your time in english lessons instead of all this.

Edited by Octopuss
Link to comment
Share on other sites
  • 2 weeks later...
hqsec

hqsec 12

Posted
Posted (edited)

Description: add read file option to available HIPS target files operations

Detail: right now HIPS allows to control delete file and write to file operations. It would be great to have an option to control read file also. Some malware might not try to encrypt or destroy data. Sometimes stealing it might be even more dangerous.

Edited by hqsec
Link to comment
Share on other sites
  • 2 weeks later...
elc

elc 1

Posted
Posted

Hello,

 

I would like to investigate on IP adresses which appear in Smart Security 8 / Tools / Connexions / Distant IPs. It would save time if it was possible to copy IPs from ESET to a search engine. So far the page is just an "image" without select/copy function. This has a common point with post 149 (15062 not found). Is the development of this function planned?

 

Best regards

Link to comment
Share on other sites
TheNightGallery

TheNightGallery 0

Posted
Posted

I'd like to see it work with Windows and not cause issues with sleep mode. I posted about this problem earlier, but Admin never approved the message. Since installing the latest version, my computer will no longer stay in sleep mode. Is there any fix for this? 

 

Link to comment
Share on other sites
  • 2 weeks later...
nhesetnod32

nhesetnod32 0

Posted
Posted

Description: Eset Remote Administrator 6 Columns enhancement
Detail: Currently the list of columns to display for devices in the remote console is wonderful but can a User Name column option be added?  At least to show the last logged on user of a device?  I could not find a future enhancements option in the Remote Administrator forum and thought I would place this here for now.

Link to comment
Share on other sites
  • 3 weeks later...
itman

itman 1,746

Posted
Posted

Emsisoft will be terminating Online Armor support in the near future since it no longer fits into their business development model.

 

Would suggest Eset explore purchasing software licensing rites to it. Then incorporate it into NOD32 and Smart Security; at least the HIPS portion of it as replacement to the existing featureless HIPS Eset has in these two products. Or, offer it as an extra cost option. 

Link to comment
Share on other sites
Pentode

Pentode 13

Posted
Posted (edited)

Just keep Nod 7 rolling and I'll be happy...... I like the Nod32 signature when sending Emails, that is a must for me on my outgoing Emails, plus it's good for business by self advertising have you forgot?

 

No, no don't tell me I should be using the latest version - I don't wanna hear or be knowing because it does not display the 'checked by.. Nod 32 signature' so if this could be included then I'll be happy to update... but alas not only has the browser war gone crazy the operating system has too.

 

Sooo, I'm happy and no complaints yet. ESET you doing a great job, nice and clean, no slow down, no BSOD's and certainly no pop-up ads like the other rogue of an AV I had.... and that was a paid version!

 

So I'll keep nodding all the way..... until?

 

Dave

Edited by Pentode
Link to comment
Share on other sites
  • 4 weeks later...
itman

itman 1,746

Posted
Posted

Just started using the firewall in interactive mode. I do wish that Eset would either store the URL versus the IP address in the generated outbound firewall rule. Or, at least provide an option to store either one.  

 

This would be most beneficial for rules covering svchost.exe, rundll32.exe, and the like that connect to Microsoft using many different servers and IP addresses. Also these processes are frequently targeted by malware. Creating rules that allow all outbound activity for these processes is not very secure. Creating a separate firewall rule for every IP address svchost.exe uses when connecting to Microsoft will result in dozens of rules being generated.

 

I also believe this would not be a major issue to implement since the Eset firewall alert already displays the URL used for the connection. As such, the URL is available to be stored in the resultant generated outbound firewall rule.

Link to comment
Share on other sites
itman

itman 1,746

Posted
Posted

Just FYI: As for svchost.exe you can choose the service which a rule should cover in v9 of ESS and NOD32.

That is good to know.

 

Question though is if it will be of any benefit. I have played with third party Win firewall add-ons in the past that tried to do the same. Most didn't work right due to the fact that there are hidden services that are not shown via Admin -> Services that Win uses. Many of these are triggered by BITS.

 

However, restricting svchost.exe access to MS servers or its proxies e.g. Akamai gives very good protection.  

Link to comment
Share on other sites
  • 2 weeks later...
khairulaizat92

khairulaizat92 9

Posted
Posted

Microsoft has implement p2p function on their windows update, im just wondering if ESET able to do the same? 

 

The idea are so that when ESET user are using the same network for online, the update can be distributed much more faster and better among them.

 

Honestly, Im thinking about this because, in my shop we are doing services for the pc and laptop and also some cyber cafe activities, and all of our pc are using eset. so when customer want to reset their pc, we will install eset trial on their pc while offering them a full license products, but the 1st time update sometimes take longer time eventhough my internet speed are 20Mbps.

 

Well of course i understand that the 1st time update are large and slow, it just that theres might be a way to make it download faster or something like that ;) 

Link to comment
Share on other sites
rugk

rugk 397

Posted
Posted (edited)

Personally I don't really like the P2P updates...

 

However in your situation you could use the business products from ESET where you can make an update mirror on one PC in your network.

However the PCs with ESET Endpoint Protection have to belong to you of course.

 

The only thing you can currently do for other computers is using the latest version of the installer, which also has all VSD updates included (at the time where it was released).

(And also use the offline installer so it doesn't have to download the installer file every time)

Edited by rugk
Link to comment
Share on other sites
aranud

aranud 0

Posted
Posted

Hi,

 

I hope :

Add stream update

On my.eset.com see logs of the computers (or others actions), i have a family with 6 computers...

On my.eset.com add a form for samples

 

Thank you.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...