Jump to content

Ver. 9 Dropped Eset connections


Recommended Posts

Win 7 SP1, x64 and Eset Smart Security 9.0.377.0

 

Reinstalled ver. 9 last night to see if issues fixed from the initial release. Having HIPS issues but will post those in a separate reply one I shake down things for a while.

 

One thing that caught my eye immediately is the number of dropped incoming connections from Eset's U.S. server. See the below screen shot.

 

I suspect this is related to Eset's SSL protocol scanning for cert. pinning? Question is why are these un-statefull inbound connections from Eset occurring and is this normal behavior? I am sure these connections are from browsing activity since the number increases whenever a browsing session is initiated. Also, Eset sig. updating so far appears to be fine.

 

post-6784-0-74600400-1462127400_thumb.png

Edited by itman
Link to comment
Share on other sites

  • Administrators

Click Details for more information about the blocked communication. It has nothing to do with protocol filtering.

Link to comment
Share on other sites

I did.

 

It stated something to the effect that unsolicited inbound TCP packets were blocked which to me means that these were not a result of any outbound initiated communication i.e. they were not statefull responses. Makes me wonder if a firewall rule is needed to allow all inbound traffic for ekrn.exe. And still doesn't explain why the traffic is occurring?

 

Doesn't matter now since I reverted back again ............... to ver. 8 due to numerous ver. 9 HIPS issues that still exist.

Link to comment
Share on other sites

  • Administrators

Hard to say, haven't seen it. I've had 0 blocked connections so it's not a general problem, especially that you didn't run into issues because of that block. If somebody can reproduce it easily, enable diagnostic logging verbosity, reproduce the block and eventually provide me with pcapng files from C:\ProgramData\ESET\ESET Smart Security\Diagnostics.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...