Jump to content

vanroy

Members
  • Posts

    118
  • Joined

About vanroy

  • Rank
    Newbie
    Newbie

Profile Information

  • Gender
    Not Telling
  • Location
    Costa Rica

Recent Profile Visitors

2,114 profile views
  1. Hi, Is posible Block all streaming websites but one specific video (e.g. Youtube)? Thanks.
  2. Hi, 1.How does inspect generate the hash of an executable? 2. Why in some case the executable have is an unknown hash? best.
  3. ok thanks, This is limitation of EIC should release and improve the Relationship graph
  4. Hello, It is possible to see the URL or IP from site not listed as malicious and the endpoint downloaded malware from this site. ESET Inspect only see the executions. With other XDR this is possible. thank you.
  5. Hi, James thanks for your time.\ Best
  6. @JamesR can you help me please?
  7. Hello, what is bad? <definition> <parentprocess> <operator type="AND"> <operator type="OR"> <condition component="FileItem" property="FileName" condition="is" value="php-cgi.exe" /> <condition component="FileItem" property="FileName" condition="is" value="php.exe" /> </operator> <condition component="FileItem" property="Path" condition="starts" value="c:\php\" /> </operator> </parentprocess> <process> <operator type="AND"> <condition component="Module" property="SignatureType" condition="greaterOrEqual" value="90" /> <operator type="OR"> <condition component="FileItem" property="FileName" condition="is" value="cmd.exe" /> <condition component="FileItem" property="FileName" condition="is" value="conhost.exe" /> </operator> <operator type="OR"> <condition component="FileItem" property="Path" condition="starts" value="%SYSTEM%" /> <condition component="FileItem" property="Path" condition="starts" value="%WINDIR%\syswow64\" /> </operator> <condition component="Module" property="SignerName" condition="is" value="Microsoft Windows" /> </operator> </process> <operations> <operation type="CreateProcess"> <operator type="and"> <condition component="FileItem" property="FullPath" condition="is" value="c:\php\php.exe" /> <condition component="FileItem" property="FullPath" condition="is" value="c:\php\php-cgi.exe" /> </operator> </operation> </operations> </definition>
  8. Hi, Slow loading pages, user's module, This causes the browser example message (see attach) when work assigning a policy to users. Firefox, Chrome same in mode incognito regards.
  9. Hello, Why ECOS load slow on tenant with 100k of users? Datacenter on USA, some else present this issues?
  10. Hello @Lockbits@JamesR Thanks, Some other tips for optimization or make exclusion and rules. it's very appreciated. Best
  11. Hello, How have you resolved this? "Detected by ESET Endpoint Security product" alerts best.
×
×
  • Create New...