- Sep 26, 2014
- 2,973
@Mahesh Sudula you last 2 lines of your latest post summits it all 
MalwareTips - ESET Report - March 2017
- Thread starter BoraMurdar
- Start date
- Feb 24, 2017
- 1,661
i would love to see a detailed guide on how to tune it to maximum protection and hell even test it with those settings.
- Sep 26, 2014
- 2,973
Totally agree i also wish to see a guide especially for Policy Mode.
The best way to learn about a product, is to utilize their manuals. This copy was revised 9/11/2017
Eset User Manual
Eset User Manual
- Sep 26, 2014
- 2,973
@PathFinder i did take a look into it but at Policy Mode it just say "Operations are blocked".
On another thread you mentioned that you block vulnerable processes of Windows.
I would like to know how to achieve that.
Maybe by adding a rule to Eset HIPS?
On another thread you mentioned that you block vulnerable processes of Windows.
I would like to know how to achieve that.
Maybe by adding a rule to Eset HIPS?
Yes, you have to manually enter the rules. In Advanced you can also enable "log all blocked operations" so that the blocked operations will be written to the HIPS log.
- Apr 1, 2017
- 1,782
What about bouncer list? an ask/block rule for these processes/places:
https://excubits.com/content/files/blacklist.txt
I don't know much about registry!there are registry keys that we need to protect them! which one? i don't know
https://excubits.com/content/files/blacklist.txt
I don't know much about registry!there are registry keys that we need to protect them! which one? i don't know
Any time you use restriction policies, you need to be careful what you are adding. It is a trial and error with each different system and its applications.What about bouncer list? an ask/block rule for these processes/places:
https://excubits.com/content/files/blacklist.txt
I don't know much about registry!there are registry keys that we need to protect them! which one? i don't know
I spent months in a VM with a copy of Eset learning it. I fully advise anyone wanting to learn it, to do the same before modifying their main Host.
I disagree with "set up for testing guides" because all these accomplish is showing user what to tick and what not to, they do not learn about the product and what the changes they are making to the default set up are actually doing with their systems.
A point has been made here though, that there are very few in this forum that actually understand how to fully utilize Eset, and instead of just admitting this, bash it.
- Apr 1, 2017
- 1,782
I don't use policy mode because I believe it generates errors and crashes(learning mode is also broken cuz it auto allow everything for a process).I prefer interactive mode which is much better than policy mode.but there is a bug in Eset hips that auto allows the operation if you don't answer the alert fast(around 45 sec).they also don't want to change the way it works!Btw Eset Hips can work as an Anti-Exe (or other executable formats).There were a lot of bugs in this hips but they fixed it and still fixing.
Eset hips is very powerfull
Eset hips is very powerfull
I do not use Policy mode either, as I am on a shared system. It is the only system we have and maintain. Even if this was not a shared system, I would like you, use interactive mode for the same reasons. I was merely pointing out that interactive mode is not the strongest HIPS setting, and that you could seriously limit what is crawling around on your machine with it.I don't use policy mode because I believe it generates errors and crashes(learning mode is also broken cuz it auto allow everything for a process).I prefer interactive mode which is much better than policy mode.but there is a bug in Eset hips that auto allows the operation if you don't answer the alert fast(around 45 sec).they also don't want to change the way it works!Btw Eset Hips can work as an Anti-Exe (or other executable formats).There were a lot of bugs in this hips but they fixed it and still fixing.
Eset hips is very powerfull
As for our home system, I actually use Smart Mode for HIPS and supplement with Appguard Business, as it was easier to teach my significant other how to re-enable a service such as "cmd" when an operation that is legit requires it by opening Appguard, clicking "customize" and going to the "guarded apps" tab, and ticking it, hitting apply to enable it, then unticking and hitting apply to block it again as opposed to teaching her how to respond to HIPS alerts.
You are quite correct, Eset HIPS is very strong.
- Jul 2, 2014
- 1,722
Unless you are testing malware on your system for the heck of it, any of these antivirus products will be good for you and has 99.9% chance of protecting you under any given condition in a real-world scenario.
If the tests tell that a product scored 70-90% against malware samples, it's still not a bad score at all, because it was specifically asking for trouble when it was testing the malware samples on their system.
Forget what reviews say, just stick to the one you like. All these BB, System Watcher, Signatures, Heuristics, Dynamic tests etc are to be taken with a grain of salt if you practice safe browsing habits.
If the tests tell that a product scored 70-90% against malware samples, it's still not a bad score at all, because it was specifically asking for trouble when it was testing the malware samples on their system.
Forget what reviews say, just stick to the one you like. All these BB, System Watcher, Signatures, Heuristics, Dynamic tests etc are to be taken with a grain of salt if you practice safe browsing habits.
Similar threads
