itman 1,746 Posted June 30, 2018 Share Posted June 30, 2018 Add a column showing PID number in the following logs after the noted existing log column headings: 1. HIPS - Application 2. Network - Source This is necessary to properly identify the origin for multiple same process occurrences such as svchost.exe. persian-boy 1 Quote Link to comment Share on other sites More sharing options...
persian-boy 22 Posted July 8, 2018 Share Posted July 8, 2018 Add new option in the firewall to block all network connections when the screen saver is running. Quote Link to comment Share on other sites More sharing options...
Clark T 3 Posted July 10, 2018 Share Posted July 10, 2018 Description: A Quick-Scan to scan the most important files. Detail: A Quick-Scan to scan registry, startup files, rootkit scan etc. and the most threatened folders. I know this is done in the background of ESET Internet Security, but I would find it useful to have a Quick-Scan button for this. Quote Link to comment Share on other sites More sharing options...
Samet Chan 2 Posted July 13, 2018 Share Posted July 13, 2018 Add - Dark Mode on ESET Nod32 would be great. persian-boy and galaxy 2 Quote Link to comment Share on other sites More sharing options...
persian-boy 22 Posted July 15, 2018 Share Posted July 15, 2018 On 7/8/2018 at 5:40 PM, persian-boy said: block all network connections when the screen saver is running. Eset any feedback on this? isn't useful? pls. Quote Link to comment Share on other sites More sharing options...
Administrators Marcos 5,267 Posted July 15, 2018 Administrators Share Posted July 15, 2018 8 hours ago, persian-boy said: Quote block all network connections when the screen saver is running. Eset any feedback on this? isn't useful? pls. First of all, this topic serves for gathering various ideas from users and we normally do not confirm or deny whether a particular idea will be accepted and implemented. In this case, I for one, don't see any real use case for blocking network communication when the screen saver is active. Quote Link to comment Share on other sites More sharing options...
nexon 8 Posted July 15, 2018 Share Posted July 15, 2018 58 minutes ago, Marcos said: First of all, this topic serves for gathering various ideas from users and we normally do not confirm or deny whether a particular idea will be accepted and implemented. In this case, I for one, don't see any real use case for blocking network communication when the screen saver is active. I agree with Marcos... Quote Link to comment Share on other sites More sharing options...
itman 1,746 Posted July 15, 2018 Share Posted July 15, 2018 Add option to realtime scanner to block obfuscated Powershell scripts. Option would be dependent upon Win 10 AMSI option enabled in the Eset GUI. Justification Microsoft added a like mitigation in the form of a Windows Defender Exploit Guard ASR mitigation effective with Win 10 1709. ASR mitigations are only effective if Windows Defender is enabled as the realtime scan engine. Further justification is Eset's failure to detect malware in highly obfuscated PowerShell script in a Malware Research Group ad hoc test: https://www.mrg-effitas.com/research/current-state-of-malicious-powershell-script-blocking/ persian-boy and Azure Phoenix 2 Quote Link to comment Share on other sites More sharing options...
Guest Posted July 15, 2018 Share Posted July 15, 2018 (edited) Microsoft has patched Windows to check if there is a vulnerability in Intel MEI firmware. E.g. event id 1794 is for CVE-2017-15361 but windows in not notifying users to check for bios updates. The latest MEI issues are also logged in event viewer. I think it would be a nice feature for eset to read out these event ids and notice (advanced) users about such firmware vulnerabilities. Edited July 15, 2018 by timse201 Quote Link to comment Share on other sites More sharing options...
MaximilianoNah 1 Posted August 6, 2018 Share Posted August 6, 2018 Description: Running this app sandboxedDetail: Use sandbox technology to run applications that we decide, using contextual menu and list of "always run sandboxed" (just like Comodo Internet Security). nonamelab 1 Quote Link to comment Share on other sites More sharing options...
nonamelab 0 Posted August 17, 2018 Share Posted August 17, 2018 Description: Allow URL addresses beside IP/IP Ranges input in Firewall RulesDetail: Since Firewall Rules can only use IP/IP Ranges in Rules blocking for example this connections for privacy and GDRP listed in https://docs.microsoft.com/en-us/windows/privacy/windows-endpoints-1803-non-enterprise-editions it's not possible. The feature is already implemented in WEB AND EMAIL > Web access protection > URL ADDRESS MANAGEMENT but that works only for browser. Quote Link to comment Share on other sites More sharing options...
Administrators Marcos 5,267 Posted August 17, 2018 Administrators Share Posted August 17, 2018 1 hour ago, nonamelab said: Description: Allow URL addresses beside IP/IP Ranges input in Firewall Rules This is not possible since only IP addresses are known to the firewall. Unlike firewall, web access protection works at the highest application level in the OSI model and has information about hostnames as well. You can try enabling SSL/TLS filtering for all applications under Web and email -> SSL/TLS -> Filtering mode: Policy mode. In case of any issues with SSL/TLS filtering in certain applications, you can adjust SSL/TLS scan mode for particular applications: Peter Randziak 1 Quote Link to comment Share on other sites More sharing options...
persian-boy 22 Posted August 19, 2018 Share Posted August 19, 2018 (edited) Hi, Enable parental control --> block the uncategorized website (for having robust web filtering)then open a website that has now category so Eset block it but you may want to allow this URL fast. It Would be good if Eset provides an option to unblock websites by password from the browser(or from the parental control log), not Eset parental control settings. its easier to manage, Also, Eset hips show the loaded drivers but it doesn't show the digital signature for them.I like to see the signature. Edited August 19, 2018 by persian-boy galaxy and MasterTB 2 Quote Link to comment Share on other sites More sharing options...
galaxy 11 Posted August 20, 2018 Share Posted August 20, 2018 If the theme was dark it would look even better persian-boy 1 Quote Link to comment Share on other sites More sharing options...
nexon 8 Posted August 20, 2018 Share Posted August 20, 2018 8 minutes ago, galaxy said: If the theme was dark it would look even better Please no. Instead, simplify advanced settings... Quote Link to comment Share on other sites More sharing options...
Administrators Marcos 5,267 Posted August 20, 2018 Administrators Share Posted August 20, 2018 17 minutes ago, nexon said: Instead, simplify advanced settings... Actually advanced users love the ability to customize numerous settings. Common users don't need to go to the advanced setup at all since ESET products provide well-balanced protection out of the box. persian-boy, Azure Phoenix and galaxy 3 Quote Link to comment Share on other sites More sharing options...
nexon 8 Posted August 20, 2018 Share Posted August 20, 2018 19 minutes ago, Marcos said: Actually advanced users love the ability to customize numerous settings. Common users don't need to go to the advanced setup at all since ESET products provide well-balanced protection out of the box. I understand but i mean in older version like 3 or 4 is much better and easier advanced settings. Now i must finding few minutes or simply must search in search box. Quote Link to comment Share on other sites More sharing options...
galaxy 11 Posted August 20, 2018 Share Posted August 20, 2018 Please give and yet the possibility to put the theme dark Quote Link to comment Share on other sites More sharing options...
nonamelab 0 Posted August 20, 2018 Share Posted August 20, 2018 (edited) On 8/17/2018 at 1:09 PM, Marcos said: This is not possible since only IP addresses are known to the firewall. Unlike firewall, web access protection works at the highest application level in the OSI model and has information about hostnames as well. You can try enabling SSL/TLS filtering for all applications under Web and email -> SSL/TLS -> Filtering mode: Policy mode. In case of any issues with SSL/TLS filtering in certain applications, you can adjust SSL/TLS scan mode for particular applications: I understand this but those domain names still have to be resolved by the DNS before becoming IP addresses. I want a more granular access customization since Microsoft doesn't also display the processes names that access those domains so i can't be sure what i allow or deny. Does ESET Command Line allows adding/removing/updating only of Firewall Rules ? Edited August 20, 2018 by nonamelab Quote Link to comment Share on other sites More sharing options...
galaxy 11 Posted August 20, 2018 Share Posted August 20, 2018 The hips can be put on automatically, but these do not bring anything, a behavioral analysis is very important Quote Link to comment Share on other sites More sharing options...
Guest Posted August 20, 2018 Share Posted August 20, 2018 10 hours ago, nonamelab said: I understand this but those domain names still have to be resolved by the DNS before becoming IP addresses. I want a more granular access customization since Microsoft doesn't also display the processes names that access those domains so i can't be sure what i allow or deny. Does ESET Command Line allows adding/removing/updating only of Firewall Rules ? I think it can be done via "internet protection / web access protection / URL address management" https://help.eset.com/essp/11.2/en-US/idh_config_epfw_scan_http_address_list.html Quote Link to comment Share on other sites More sharing options...
nonamelab 0 Posted August 22, 2018 Share Posted August 22, 2018 (edited) Never mind fixed with a DNS proxy cache software that accept regular expressions as inputs for block rules. What i asked can be made possible if ESET would integrate a DNS module to replace Windows one , this way no more unwanted connections and very granular control over what domains can and cannot access programs that already have a allow rule in ESET Firewall. Next step is a home made cheap pc with linux to act as a router, firewall etc for all my network. Guess buying a 3 years ESET Security subscription was a mistake for my current needs Edited August 22, 2018 by nonamelab Quote Link to comment Share on other sites More sharing options...
MasterTB 8 Posted August 27, 2018 Share Posted August 27, 2018 I honestly don't know if this has been asked before BUT, given the fact that you now have an online service that accounts for all the licenses and installations of Eset products for every user, (In my case, for example, I have a 6 device license and manage then all through the manager) wouldn't it be possible to add some sort of sync option that would allow the home users to deploy the installs with the same settings across devices??? I mean I have Eset Internet Security on all my pc's and I have to go one by one setting them up and making sure they all run the same settings, if you could automate this process it would be awesome. Azure Phoenix 1 Quote Link to comment Share on other sites More sharing options...
galaxy 11 Posted September 7, 2018 Share Posted September 7, 2018 Rollback still missing Quote Link to comment Share on other sites More sharing options...
Administrators Marcos 5,267 Posted September 7, 2018 Administrators Share Posted September 7, 2018 36 minutes ago, galaxy said: Rollback still missing It's been there for a couple of years already: Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.