Jump to content

Future changes to ESET Internet Security and ESET Smart Security Premium


Recommended Posts

  • ESET Insiders

Description: Non-default browser for Banking and Payment protection
Detail: It would be nice if we could set non-default browser to be used for banking protection when secure browser is run from main screen or using desktop shortcut. I use Firefox for day-to-day browsing (it's set as default) and Internet explorer for online banking and similar.

I can launch protected IE if I navigate to banking website from within IE and then switch to secure browser when asked. If I launch secure browser from desktop it will always launch Firefox and as it seems that there is no option to set non-default browser to be used as secure browser.

Link to post
Share on other sites
  • Replies 915
  • Created
  • Last Reply

Top Posters In This Topic

Top Posters In This Topic

Popular Posts

Actually advanced users love the ability to customize numerous settings. Common users don't need to go to the advanced setup at all since ESET products provide well-balanced protection out of the box.

Add - Dark Mode on ESET Nod32 would be great.

It is very simple. Use SetThreadExecutionState. See: link to Microsoft Windows Dev Center.

Posted Images

  • ESET Insiders

Description: FW option evaluate rules from Windows Firewall
Detail: In Advanced setup of Firewall set to Automatic mode there is an option Also evaluate rules from Windows firewall. As described this option will allow inbound traffic allowed by Windows firewall.

For me it would be useful to have an option that will also evaluate blocked outbound rules in Windows firewall. This way those rules wouldn't have to be recreated when migrating from Windows native firewall to ESET's.

I apologize if any of both suggestions have already been posted.

Link to post
Share on other sites
On 6/29/2020 at 11:22 AM, Minimalist said:

Description: Non-default browser for Banking and Payment protection
Detail: It would be nice if we could set non-default browser to be used for banking protection when secure browser is run from main screen or using desktop shortcut. I use Firefox for day-to-day browsing (it's set as default) and Internet explorer for online banking and similar.

I can launch protected IE if I navigate to banking website from within IE and then switch to secure browser when asked. If I launch secure browser from desktop it will always launch Firefox and as it seems that there is no option to set non-default browser to be used as secure browser.

This is usually accomplished the reverse of what you are doing.  In Win, the default browser would be set to IE11. The advantage of this is if your browsing in FF and then land on an Eset whitelisted banking site for example, Eset would auto open that site in IE11 using Banking and Payment Protection.

BTW - no one including Microsoft recommends using IE11 for anything anymore. Also as far as FireFox goes, Eset creates a separate profile used only for Banking and Payment Protection. The profile FireFox created for non-Banking and Payment Protection browsing activities is not used.

Edited by itman
Link to post
Share on other sites
  • ESET Insiders
7 hours ago, itman said:

This is usually accomplished the reverse of what you are doing.  In Win, the default browser would be set to IE11. The advantage of this is if your browsing in FF and then land on an Eset whitelisted banking site for example, Eset would auto open that site in IE11 using Banking and Payment Protection.

BTW - no one including Microsoft recommends using IE11 for anything anymore. Also as far as FireFox goes, Eset creates a separate profile used only for Banking and Payment Protection. The profile FireFox uses for non-Banking and Payment Protection browsing activities is not used.

Hm, I don't know how many people actually use IE as default browser. If so, they would also use it for browsing so there would be no separation of browsers.

Regarding IE - I just prefer to use it that way. Bank uses personal certificate for identification and I imported it to Windows certificate store and it's not accessible by Firefox. So using IE jthat way makes sense to me.

I've had option to select which browser will be protected in previous AV solution so I thought I'll give a suggestion here.

Link to post
Share on other sites
8 hours ago, Minimalist said:

Hm, I don't know how many people actually use IE as default browser. If so, they would also use it for browsing so there would be no separation of browsers.

What I was referring to was issuing IE11 as default browser and manually opening up FireFox, etc., for normal browsing activities. I ran this way for sometime until totally ditching IE11 and switching my default browser to FireFox.

Link to post
Share on other sites
  • ESET Insiders
14 hours ago, itman said:

What I was referring to was issuing IE11 as default browser and manually opening up FireFox, etc., for normal browsing activities. I ran this way for sometime until totally ditching IE11 and switching my default browser to FireFox.

I understand. This wouldn't work for me as I couldn't use IE as default (I would have to copy paste all links from email client instead of just clicking on them and similar)...

Link to post
Share on other sites
  • 5 weeks later...

Hi Aryer Goretsky, thanks for the initiative to find out from users the needs for the security program.

1a. If something can be done in ESET to "kick out" foreign devices in home network, that would be great!  That may be the function of the router. But if we can have something in ESET that can do this, that would be good, as I don't really trust the privacy of my router that much. Maybe this is a tall order.

1b. OR if there is any help to prevent the scenarios below from happening on the part of the security program. I understand some of these situations could be due to infected router or laptops that have given a foothold to foreign devices.

For a particular reason, my private network seems to be infiltrated by devices in the past and present (but now better managed with restrictions in router settings).

Since two years back, some infiltration stared appearing in "home" network setting.  I also started seeing  large cars of different models with skylight, always with man waiting inside parked close to where I stay.

Out of fear of foreign devices snooping around home devices, I set the network was set to "public". 

Suspicious scenarios happen as follows:

- Devices with foreign MAC addresses remaining active ("just now") in the network. The MAC address of these foreign devices kept changing when I tried to filter them out by the router using blacklist. Finally one intruder assumed the same MAC address as a home computer, and it couldn't be filtered out. Currently, I have managed to contain the problem.

- Some of these foreign devices assuming names or portions of names (sometimes confused) of devices at home, or acronyms of persons at home. It appears computer data has been leaked for them to know names, and even the names of users.  

-Foreign device remaining active in the network once they get a foothold, possibly through another home device. They normally appear in the other network  (such as 5G) when the home device logs into a network (such as 2G). The foreign device remains there even after that home device is removed from network, or taken away from home. These foreign devices somehow managed to enter the other home network without knowing the password

1c. If ESET can detect man in the middle attack or DDoS attack, that would be great. Not sure if cars with devices in proximity can enact such attacks on the network or induce the laptop to tap on some network.

- Computer keeps being kicked out of home network.

- It was observed that when using hidden network, networks called up by the home devices can be copies of the home network ABC, such as ABC1, ABC2, etc.

2. Have user friendly instructions to help tech novices like me to operate the settings in the ESET security. So that I can minimize network infiltration and attacks and keep each home device totally cut off from others. Better still, have in-built systems of settings that I can select from to achieve a certain security aims, having inputted  what I hope to do (or not to do) in the home network (whether there is file sharing or not). In this way, I won't have to need to understand the technical jargon to operate the current settings in ESET, which are difficult to grasp.

Thank you.

 

 

 

 

Link to post
Share on other sites
  • 1 month later...

Hi Eset team and especially your product manager! I have been using Eset not so long ago, but I already really like it and I actively defend it on the Internet forums. I have some ideas that I would like to offer you for implementation, so that the product becomes even better and more popular. :)

Description: Add the ability to block any hosts for applications in the firewall rules
Details: Eset has one of the most flexible and powerful firewalls on the market, but sorely lacks a feature to block a specific host for a specific application. For example, I would like to block access to google-analytics [dot] com for the program, but this host has a huge number of ip addresses, and url address control in Internet access protection works only for applications similar to browsers, as I understand it, and it simply does not allow point-blocking.

Description: More information in the network connection monitor and the ability to create rules there
Details: Add geolocation data of remote servers to the monitor of network connections, the ability to view detailed information in some WhoIs service and create blocking rules directly from this interface. This will make it possible to flexibly, conveniently and intuitively control Internet traffic on computer. For example, it will be easy to block Chinese telemetry servers for those who care.

Description: Protection against microphone use
Details: At the moment, Eset IS only offers protection for the webcam. To be honest, the activation of the camera scares me much less, especially since it has a corresponding LED, than the ability to eavesdrop on me. I see microphone protection as a much more valuable function, but at the moment, even with the rules for controlling devices, it is impossible, as I understand it, to do something with a microphone. 

Description: Protection against trackers in browsers
Details: You can add a list of spy servers to block in the web filter - it's easy, but it provides valuable functionality that many users will appreciate. Move it out as a separate setting in the Internet Protection section.

I think that in the conditions of an abundance of free antiviruses and firewalls, Eset needs to take steps towards introducing additional features and functions in the field of protecting privacy in order to remain in demand for a comprehensive product for Internet security.

Description: Protecting document folders with HIPS
Details: I would like the setting for additional protection of user folders to be more intuitive for home users. I often have to explain to people how to configure HIPS in Eset for additional protection of directories with important documents, while many other security products offer this feature from the settings in a few clicks. I would suggest two modes of protecting the selected directories - 1.automatic based on reputation from the Live Grid, 2.completely manual with requests for any access to files

Description: Control over startup, scheduled tasks and new services using HIPS
Details: It's still about usability. Yes, now i can create a rule that will perform these functions, but I believe that there should be a preset HIPS mode, which gives these opportunities out of the box, without unnecessary manipulation by the user. Controlling startup is not such a frequent occurrence for hundreds of notifications, but it is an important element for protection and simply for monitoring your own system.

Description: Ability to specify applications to launch game mode and system optimization
Details: Add the ability to specify applications at startup which Eset will switch to game mode. Add options, such as disabling notifications and Windows updates, disabling "unnecessary" services, possibly changing the process priority for the specified application. Eset is now quite popular with gamers for its amazing lightness and decent level of protection, but it really lacks some extra gaming features to gain a foothold in this part of the market, pushing back Webroot and Bullguard.

Description: Protection against keylogging and screenshots for specified applications
Details: It would be very interesting to see a function in the spirit of protected mode for the browser, but for any application. For example, I use the Bitwarden password manager and Authy for two-factor authentication. It would be very convenient to be able to enable enhanced protection for these applications against data theft. There is something similar in Webroot, for example, although I'm not sure that it works fine there, I could not verify it. It might be cool to add system-wide keystroke encryption altogether, but I think it's too heavy resource task.

Description: Column sorting in firewall rules
Details: This just suggests itself based on usability and the rules of a good interface. It is enough to add a priority column and make the other columns clickable for sorting, which will increase visibility.

P.S. I am looking for a job in the field of technical support, product management or something else in the field of a junior specialist. :))

Link to post
Share on other sites
15 hours ago, Twersky said:

Description: Protection against microphone use
Details: At the moment, Eset IS only offers protection for the webcam. To be honest, the activation of the camera scares me much less, especially since it has a corresponding LED, than the ability to eavesdrop on me. I see microphone protection as a much more valuable function, but at the moment, even with the rules for controlling devices, it is impossible, as I understand it, to do something with a microphone. 

 

actually this is a really good idea. if it's possible, i'd love to see it implemented in the future.

 

Edited by shocked
Link to post
Share on other sites

Description: Configure manual firewall rule for applications in a folder, instead of a specific executable

Details: I have my firewall in manual modus so I get a notification that a specific executable/program is connecting to outside the computer, or when an incoming connection is detected which is handled by a specific executable/program.
I use this practice so I feel I am in charge what is going on in my computer. However, the rule is configured for a specific executable in a specific folder on my computer. In most cases this is no problem, but for programs that install updates in a new folder each time, this brings up notifications after the program update is installed, because the existing rules don't match the new executable location. This also creates many many rules in the firewall rules list which are unnecessary because only the most recent created rule is used and the other (old) rules for that application are not effective anymore because it points to an executable that is not used anymore.

So for example: Slack

Slack is an application to chat with others. Slack is often updated. Each Slack update is installed in a different folder. My latest version is installed in: C:\Users\myName\AppData\Local\slack\app-4.9.0

The previous version was installed in C:\Users\myName\AppData\Local\slack\app-4.8.0
I don't control the installation location myself, so I cannot change the folder where it's installed in.
After an update of Slack, I get several notifications that Slack in the new application folder, needs permission to make internet connections. This is annoying. I'd rather see that the firewall permission rule can be set on a folder, so whatever application version is running in that folder, it uses the same rule. For example in Slack, I want to set the rule for a folder: C:\Users\myName\AppData\Local\slack
I don't want to omit the executable setting in the rule itself, because then ALL application may connect to that specific IP address+port, or may handle the incoming connection on a specific port. I think that's less secure.

Another example is an application called: OfficeClickToRun.exe
It is situated in folder: C:\Program Files\Common Files\microsoft shared\ClickToRun\Updates\16.0.13231.20200
The application wants to access Microsoft servers, which I allow. But each update I have to re-allow this. If I can set the rule for folder C:\Program Files\Common Files\microsoft shared\ClickToRun\ than I am done for every update which will be published.

Another example is: Discord
It is situated in folder: C:\Users\myName\AppData\Local\Discord\app-0.0.308

I think I have given enough examples to explain the problem.

I hope you can do something with this feature request.

Link to post
Share on other sites
  • Most Valued Members
9 hours ago, Cheater said:

Description: Configure manual firewall rule for applications in a folder, instead of a specific executable

Details: I have my firewall in manual modus so I get a notification that a specific executable/program is connecting to outside the computer, or when an incoming connection is detected which is handled by a specific executable/program.
I use this practice so I feel I am in charge what is going on in my computer. However, the rule is configured for a specific executable in a specific folder on my computer. In most cases this is no problem, but for programs that install updates in a new folder each time, this brings up notifications after the program update is installed, because the existing rules don't match the new executable location. This also creates many many rules in the firewall rules list which are unnecessary because only the most recent created rule is used and the other (old) rules for that application are not effective anymore because it points to an executable that is not used anymore.

So for example: Slack

Slack is an application to chat with others. Slack is often updated. Each Slack update is installed in a different folder. My latest version is installed in: C:\Users\myName\AppData\Local\slack\app-4.9.0

The previous version was installed in C:\Users\myName\AppData\Local\slack\app-4.8.0
I don't control the installation location myself, so I cannot change the folder where it's installed in.
After an update of Slack, I get several notifications that Slack in the new application folder, needs permission to make internet connections. This is annoying. I'd rather see that the firewall permission rule can be set on a folder, so whatever application version is running in that folder, it uses the same rule. For example in Slack, I want to set the rule for a folder: C:\Users\myName\AppData\Local\slack
I don't want to omit the executable setting in the rule itself, because then ALL application may connect to that specific IP address+port, or may handle the incoming connection on a specific port. I think that's less secure.

Another example is an application called: OfficeClickToRun.exe
It is situated in folder: C:\Program Files\Common Files\microsoft shared\ClickToRun\Updates\16.0.13231.20200
The application wants to access Microsoft servers, which I allow. But each update I have to re-allow this. If I can set the rule for folder C:\Program Files\Common Files\microsoft shared\ClickToRun\ than I am done for every update which will be published.

Another example is: Discord
It is situated in folder: C:\Users\myName\AppData\Local\Discord\app-0.0.308

I think I have given enough examples to explain the problem.

I hope you can do something with this feature request.

Hi this has been requested a few times but there is no solution currently as far as I'm aware. I don't work for Eset but it doesn't look like something eset will add anytime soon. I know Windows store apps cause problems with this

Link to post
Share on other sites
10 hours ago, Cheater said:

Another example is an application called: OfficeClickToRun.exe
It is situated in folder: C:\Program Files\Common Files\microsoft shared\ClickToRun\Updates\16.0.13231.20200

Using the above as an example, try this as the program path name in the Eset firewall rule:

C:\Program Files\Common Files\microsoft shared\ClickToRun\Updates\\OfficeClickToRun.exe

I known the "\\" path notation works for an Eset HIPS rule. It basically tells Eset to ignore the next sub-directory in the path and look for the specified .exe in the sub-directory after the one ignored.

Edited by itman
Link to post
Share on other sites
  • 4 weeks later...

Description: Protecting bank payment mode in modern browsers without IE using

Details: If Eset does not support the default browser for the protected mode, then it first must searches for the installed Edge, Firefox or Google Chrome, and IE is used only when there are no alternatives at all.

Real life example: I have Vivaldi installed as the default browser, but Eset in this case launches protected banking mode in Internet Explorer, which has long been outdated and can hardly be called a safe browser. The system also has the new Edge and Firefox. After removing IE from the system, Eset began to use Firefox, but this is a little inconvenient, since IE is needed in the system for some toolkits and old applications.

P.S. I really hope for Vivaldi support in future versions, including the mobile version. It is a very good, modern browser with a great development team. Support them. :)

Link to post
Share on other sites
2 minutes ago, Twersky said:

P.S. I really hope for Vivaldi support in future versions, including the mobile version. It is a very good, modern browser with a great development team. Support them. :)

as stated in another post by a moderator, for a new browser to be supported there must be quite high demand from users.
i assume it takes time for a new browser to be added to the list and those browsers are among the most popular.

Link to post
Share on other sites
  • Administrators
13 minutes ago, shocked said:

as stated in another post by a moderator, for a new browser to be supported there must be quite high demand from users.

Correct. A browser must be popular enough and have symbols made available for developers. Since ESET makes commercial software, the cost of updating the module to acomodate it to new browser versions must pay off from the commercial point of view.

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    No registered users viewing this page.


×
×
  • Create New...