Results 1 to 10 of 13

Thread: Eset Smart Security 5 firewall and HIPS questions

Threaded View

Previous Post Previous Post   Next Post Next Post
  1. #1
    Join Date
    Mar 2011
    Posts
    73

    Eset Smart Security 5 firewall and HIPS questions

    Hello, Been out way way too long... Hope you guys can help me and shed some light on a GRC Shields UP fail I am having and problems with the HIPS function. Recently I installed Eset Smart Security ver5 in a Windows 7 x32 pc. When finished I got a, "Ping Reply: RECEIVED (FAILED) — Your system REPLIED to our Ping (ICMP Echo) requests, making it visible on the Internet. Most personal firewalls can be configured to block, drop, and ignore such ping requests in order to better hide systems from hackers. This is highly recommended since "Ping" is among the oldest and most common methods used to locate systems prior to further exploitation." The browser I am running this test is FF 11 inside Sandboxie. Without SBIE the result is the same. With Google Chrome, the same also with/without the use of SBIE. The test was on a wired connection(not behind a router --I hooked it on a dial-up connection). On a router it was all good and TrueStealth. But that's because of the router. Now I need to be safe while using the wired connection/dial-up as I use both. Anyone familiar with the Eset firewall....? What settings can I adjust in the firewall to pass this ping fail...? What settings should be checked...? Kindly see the settings. Do you guys know what I can check in the settings or something....? First time I got that "Ping Reply: RECEIVED (FAILED)" and frankly I don't know what to do. I always got a TrueStealth from GRC with CIS, Outpost, Online Armor, even the Avira IS 2012 firewall. To check I loaded a clean system image without AV/firewall only MalwarebytesPro, installed Avast IS Build 1426(default settings). Connected to the same conditions as what I try --dial-up connection/wired. It passed GRC. Did the same thing again and installed just Outpost Firewall Pro. There was no "Ping Reply: RECEIVED (FAILED)". Settings were at default. Now I seem to have read somewhere that the "Ping Reply: RECEIVED (FAILED)" is connected to ICMP. I see a setting there (see image) "ICMP protocol message checking" and "Covet data in ICMP protocol detection". I checked and un-checked both but the results were the same. How does ICMP affect that..? What may be the ill effects of that "Ping Reply: RECEIVED (FAILED)"..? What should be a good setting for it or remedy for it..? On the HIPS, I cannot seem to block a link that can be launched in an application window. By experience with Comodo and Online Armor I can block that in the HIPS portion to "not start an application". ESS has this also one, like for example: Source application : C:\Program Files\CCleaner\CCleaner.exe Action: Block Target Application: Start new application Over these applications: C:\Program Files\Mozilla Firefox\firefox.exe Now for other applications like for example a game that I have downloaded not so long ago that connects to the internet after exiting. I place that same rule and the browser will not launch and the HIPS blocks it. I seem to see that CCleaner and TheKMPlayer has he same behavior. Placing that rule is invalid. The browsers launches. Same rule for KMPLayer but instead of FF it's IE. I placed the IE folder there in the "Over these application" but it still launches. Now I saw in Comodo forums, that KMPlayer behavior can be blocked by denying access to protected COM interface in D+. Maybe CCleaner is the same...Problem is I do not know where/how can I do that in Eset HIPS. Where is that COM interface located...? Anyone know how to do this stuff...? How can I make a rule in Eset about blocking shell links or "links" that are set to launch browsers onced clicked...? First time using Eset and I'd like to use this license that I got but this is bugging me...do I need to panic or something... HELP. Thank you
    Last edited by jason7619; 11-04-12 at 11:39 PM. Reason: posted sentences overlap..

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •