Jump to content
Aryeh Goretsky

Future changes to ESET Internet Security and ESET Smart Security Premium

Recommended Posts

No problem...if you make any changes to see how it affects things, keep in mind you can always reset it back to default settings (if that's the setting you are using).

Share this post


Link to post
Share on other sites
On 25. 11. 2013 at 8:33 AM, nishadrox said:

There are some features I'd like ESET to add to their suites :)

 

1. Less talkative HIPS

2. Sandbox with full virtualization

3. Non-explorer GUI

4. Ability to clean detected malware on scan completion windows without using the option "Scan and clean"

5. Sound alerts on detection

All features have been there for ages:
1, It's called Smart mode (can be set in the advanced HIPS setup).
2, ESET has employed advanced heuristic, an emulator for running code in a virtual environment for more than 10 years.
3, Set Strict cleaning mode for the appropriate on-demand scanner profile.
4, Available in the on-demand scanner setup since NODv1 if I remember well.

Share this post


Link to post
Share on other sites
2 hours ago, itman said:

Please compile Eset .dlls with CFG support ASAP so that they can't be exploited by a ROP bypass as noted here: https://improsec.com/blog//bypassing-control-flow-guard-on-windows-10-part-ii

It's enabled as of v10.1 and we will continue gradually enabling it for modules after making sure there's no adverse effect on performance.

Share this post


Link to post
Share on other sites
1 hour ago, Marcos said:

It's enabled as of v10.1 and we will continue gradually enabling it for modules after making sure there's no adverse effect on performance.

It is not enabled for Eset browser adds-ons/plug-ins; at least for IE11. I am on ver. 10.1.210. Suspect same applies to Outlook.

Will check other areas and report back if I find more.

-EDIT-

None of Eset program module .dlls i.e. em0xxx_64.dll are compiled with CFG. Granted they only exist in equi.exe I believe, but that is not a protected process like ekrn.exe. Additionally, none if Eset's drivers are complied with CFG.

Edited by itman

Share this post


Link to post
Share on other sites

Another suggestion: We all know that we can change the settings to predeterminated, but we are forced for do this for all the settings.

Ok, instead of this, Eset could add a button to do this in all sections of the settings (Antivirus, firewall, etc.).

Share this post


Link to post
Share on other sites
38 minutes ago, Wolf Igmc4 said:

Another suggestion: We all know that we can change the settings to predeterminated, but we are forced for do this for all the settings.

Ok, instead of this, Eset could add a button to do this in all sections of the settings (Antivirus, firewall, etc.).

It's possible to reset certain sections to default today. Click on reverse arrow. (I use ESS)

5.thumb.jpg.c597b04aaf296a8ec6b145b97d5367a6.jpg

Edited by TomFace

Share this post


Link to post
Share on other sites
58 minutes ago, TomFace said:

It's possible to reset certain sections to default today. Click on reverse arrow. (I use ESS)

5.thumb.jpg.c597b04aaf296a8ec6b145b97d5367a6.jpg

Oh thanks! I didn´t see it :D

Share this post


Link to post
Share on other sites
59 minutes ago, TomFace said:

It's possible to reset certain sections to default today.

Go into each sub-section. For example, real-time protection. The "curved arrow" default setting option is there for it in Smart Security.

Edited by itman

Share this post


Link to post
Share on other sites

Allowing user interface to be resized would be good...

Share this post


Link to post
Share on other sites

Dear ESET Team,

Following feature would be nice in a future version:

Description: Firewall rules cleanup of unnecessary / invalid entries
Detail: I've set my firewall filter setting to interactive mode, meaning that I can define for every program what the firewall should do. Over the time, you have entries in the firewall rule set about programs that are not existing on the computer anymore. A button for an automatic cleanup of those rules (delete all firewall rules that are pointing to applications that don't exist on the computer anymore) would make it easier to keep the firewall rule list tidy and it also benefits the administration of the rule set.

Share this post


Link to post
Share on other sites

I love ESET, but one thing I miss is a behavior blocker, AV in today's times without a behavior blocker gets very vulnerable to 0 day malware and ransomware. I hope the ESET team has plans for this, thank you.

Share this post


Link to post
Share on other sites
59 minutes ago, Claudiano said:

I love ESET, but one thing I miss is a behavior blocker, AV in today's times without a behavior blocker gets very vulnerable to 0 day malware and ransomware. I hope the ESET team has plans for this, thank you.

A behavior blocker would cause quite a lot of false positives or would bother the user to make a decision him/herself every while and then. Our aim is to keep ESET install-and-forget, without asking the users for an action. The more questions, the higher probability of wrong decisions and subsequent infection. ESET leverages a handful of advanced technologies explained at https://www.eset.com/int/about/technology/ to achieve maximum protection without nagging the user or causing false positives.

Share this post


Link to post
Share on other sites
26 minutes ago, Marcos said:

A behavior blocker would cause quite a lot of false positives or would bother the user to make a decision him/herself every while and then. Our aim is to keep ESET install-and-forget, without asking the users for an action. The more questions, the higher probability of wrong decisions and subsequent infection. ESET leverages a handful of advanced technologies explained at https://www.eset.com/int/about/technology/ to achieve maximum protection without nagging the user or causing false positives.

Eset Live Grid know lot of programs to avoid false positives, so a behavior blocker isn´t a bad idea...

Share this post


Link to post
Share on other sites
9 minutes ago, Wolf Igmc4 said:

Eset Live Grid know lot of programs to avoid false positives, so a behavior blocker isn´t a bad idea...

There are tons of legitimate files that would appear suspicious to LiveGrid because of low age or count. It could be custom applications made for and used by particular companies or new versions of legitimate software after the release.

Share this post


Link to post
Share on other sites
33 minutes ago, Marcos said:

There are tons of legitimate files that would appear suspicious to LiveGrid because of low age or count. It could be custom applications made for and used by particular companies or new versions of legitimate software after the release.

In my opinion, I'd rather sacrifice usability for security, but you are right

Share this post


Link to post
Share on other sites
2 hours ago, Marcos said:

Um bloqueador de comportamento causaria muitos falsos positivos ou incomodaria o usuário tomar uma decisão a si mesmo a cada momento e depois. Nosso objetivo é manter ESET instalar e esquecer, sem pedir aos usuários uma ação. Quanto mais perguntas, maior probabilidade de decisões erradas e infecção subseqüente. O ESET aproveita um punhado de tecnologias avançadas explicadas em https://www.eset.com/int/about/technology/ para obter a máxima proteção sem irritar o usuário ou causar falsos positivos.

It was proved then then we will not see a behavior blocker in ESET products, since the idea is to preserve usability without user intervention so. We only have to respect and trust ESET so, since you know better than us about security, thank you very much for the attention, Marcos, here is one of the few forums that reassess the customer is treated with respect, of the taste participate here , Since the doubts are always clarified, thanks again and always success for our dear ESET. :)

Share this post


Link to post
Share on other sites
20 hours ago, Wolf Igmc4 said:

In my opinion, I'd rather sacrifice usability for security, but you are right

It's the tricky part of security. Balancing security with ease of use. Make something too sensitive and you end up blocking too much and causing issues for non technical users

Share this post


Link to post
Share on other sites

 You don't know to allow or block the connection When the IDS system alerts you for an internet connection.
Can we have this ability to trace the IP with Eset?
I mean Eset design an option to trace the IP and show me the IP location and the isp.

 

Share this post


Link to post
Share on other sites
On 7/28/2017 at 1:01 AM, JoMos said:

Description: Firewall rules cleanup of unnecessary / invalid entries

Good suggestion, same for the Hips rules list.

Share this post


Link to post
Share on other sites

Eset needs to update the Hips module and make it work like this:
If a command wants to run via the cmd then Hips(in interactive mode)must show that command line for the user.
I mean not only show an access alert for the cmd also show the command itself and let the user see the command and then ask to allow or block it.
Also, provide an option to add our safe command lines to the Hips rules.
Im sorry for my bad English but I guess you know what I mean.
 

Edited by persian-boy

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...