- Apr 13, 2012
- 421
I just installed Eset Smart Security 7 Beta and I'd like to share a sort of a follow-up or supplement to my previous old post when I tried out ESS ver5 and have encountered issues specifically:
1) Ping fail
HERE
2) I can't stop a application from launching a browser triggered from the applications GUI.
HERE
The first I noticed that the ping fail was gone. Personal firewall setting was at at default "Interactive Mode". Both tested on a dial-up connection and a mobile dsl connection.
Please see comparison:
IDS setting ESS ver5
IDS setting ESS 7 Beta
On the blocking a browser launch, I used the same applications as that of my previous test which was CCleaner and KMplayer. In the previous test I did with ESS ver5 it took me quite a while because at start ESS was in trouble blocking any browser launch through it's HIPS. Tried in "Learning mode" and "Interactive Mode".
Now in ESS 7 Beta "Interactive Mode" the HIPS reminded me of Comodo ver4 and Online Armor Premium 4. Noisy HIPS nearly blocked anything I tried to launch and for a moment seemed not to memorize what I allow/deny. Something that I remember was not when I tried ESS ver5. But to my surprise it successfully blocked any launch of a browser from the gui of CCleaner as seen in the logs.
For KMplayer though a browser was not launched there was no entry in the logs that the HIPS has blocked it. When I tried to click a link in KMplayer an error showed --- "Acess violation at address xxx etc etc". No browser was launched.
With ESS 7 Beta block rule is:
Observation:
- ESS 7 Beta Interactive mode with block rule >Acess violation error (no browser launch)
- ESS 7 Beta Learning mode with block rule (no pop-up) (no browser launch)
With Learning mode there was no pop-up but there was no browser launch. That maybe because of the block rule placed. With Interactive Mode there are a lot of pop-ups but I will settle for "Interactive Mode" for a while, save the config, and then try the either Automatic mode with rules or Policy-based mode.
So it seems that there is an improvement in ESS on my side and perhaps in the test I made on the specific issues I encountered during my test of ESS ver5. Now I am interested in ESS 7 Beta.
A couple of questions on ESS settings if I may,
I always do manual Windows Updates. Based on experience of getting the system borked after quite a number of fluke Windows updates I now do wait a while before updating and select what I want to update. My settings on Windows Update is "Never", if I wanted to set a rule for Windows Updates to be blocked in ESS firewall how can I do that there?
Never did have to do that using Outpost / Comodo / Online Armor but just for the sake of learning how can I do that in ESS..?
What is Device Control in Advanced setup>Device Control..?
What maybe the best setting for the IDS and advanced options..?
Thanks
1) Ping fail
HERE
2) I can't stop a application from launching a browser triggered from the applications GUI.
HERE
The first I noticed that the ping fail was gone. Personal firewall setting was at at default "Interactive Mode". Both tested on a dial-up connection and a mobile dsl connection.
Please see comparison:
IDS setting ESS ver5
IDS setting ESS 7 Beta
On the blocking a browser launch, I used the same applications as that of my previous test which was CCleaner and KMplayer. In the previous test I did with ESS ver5 it took me quite a while because at start ESS was in trouble blocking any browser launch through it's HIPS. Tried in "Learning mode" and "Interactive Mode".
Now in ESS 7 Beta "Interactive Mode" the HIPS reminded me of Comodo ver4 and Online Armor Premium 4. Noisy HIPS nearly blocked anything I tried to launch and for a moment seemed not to memorize what I allow/deny. Something that I remember was not when I tried ESS ver5. But to my surprise it successfully blocked any launch of a browser from the gui of CCleaner as seen in the logs.
For KMplayer though a browser was not launched there was no entry in the logs that the HIPS has blocked it. When I tried to click a link in KMplayer an error showed --- "Acess violation at address xxx etc etc". No browser was launched.
With ESS 7 Beta block rule is:
Observation:
- ESS 7 Beta Interactive mode with block rule >Acess violation error (no browser launch)
- ESS 7 Beta Learning mode with block rule (no pop-up) (no browser launch)
With Learning mode there was no pop-up but there was no browser launch. That maybe because of the block rule placed. With Interactive Mode there are a lot of pop-ups but I will settle for "Interactive Mode" for a while, save the config, and then try the either Automatic mode with rules or Policy-based mode.
So it seems that there is an improvement in ESS on my side and perhaps in the test I made on the specific issues I encountered during my test of ESS ver5. Now I am interested in ESS 7 Beta.
A couple of questions on ESS settings if I may,
I always do manual Windows Updates. Based on experience of getting the system borked after quite a number of fluke Windows updates I now do wait a while before updating and select what I want to update. My settings on Windows Update is "Never", if I wanted to set a rule for Windows Updates to be blocked in ESS firewall how can I do that there?
Never did have to do that using Outpost / Comodo / Online Armor but just for the sake of learning how can I do that in ESS..?
What is Device Control in Advanced setup>Device Control..?
What maybe the best setting for the IDS and advanced options..?
Thanks
