mutley
August 11th, 2009, 07:24 AM
Hi all,
I have recently upgraded to v4 of ESET AV as a fresh install on a fresh install of XP Pro SP3 with latest patches. I have been going through the advanced config tree following blackspears v3 tutorial as guidance which I would like to thank for spending the time to produce a nice clear piece of work. I'm happy to have some additional processor overhead to increase the chances of blocking an infection. I'm a bit perplexed as to why the SSL filtering isn't turned on by default but that aside I think it would be of great benefit especially as I use Gmail in SSL mode and Thunderbird with IMAP Gmail SSL ports.
The thing is, I'm confused by how this is working and whether the result i'm getting is correct. I have looked through this forum and the help file and am still confused over the correct way to set this up.
Advanced Setup Tree > Antivirus and antispyware > Protocol filtering > SSL
I have "Alway scan SSL protocol" and "Block encrypted communication utilizing the obsolete protocol v2" enabled.
Advanced Setup Tree > Antivirus and antispyware > Protocol filtering > SSL > Certificates
I have "Add the root certificate to known browsers" enabled.
Under "If the certificate cannot be verified using the TRCA certificate store" I have "Ask about certificate validity".
Under "If the certificate is invalid or corrupt" I have "Block communication that uses the certificate".
I am using Firefox v3.5.2 and when I visit a https address I get an "Untrusted Connection" page. It appears not to like the ESET certificate. If I click on the Firefox "Add Exception..." button on this page it reports "Unknown Identity: Certificate is not trusted, because it hasn't been verified by a recognised authority."
Please help as I think this is important new functionality to get working right.
Kind regards
Justin
I have recently upgraded to v4 of ESET AV as a fresh install on a fresh install of XP Pro SP3 with latest patches. I have been going through the advanced config tree following blackspears v3 tutorial as guidance which I would like to thank for spending the time to produce a nice clear piece of work. I'm happy to have some additional processor overhead to increase the chances of blocking an infection. I'm a bit perplexed as to why the SSL filtering isn't turned on by default but that aside I think it would be of great benefit especially as I use Gmail in SSL mode and Thunderbird with IMAP Gmail SSL ports.
The thing is, I'm confused by how this is working and whether the result i'm getting is correct. I have looked through this forum and the help file and am still confused over the correct way to set this up.
Advanced Setup Tree > Antivirus and antispyware > Protocol filtering > SSL
I have "Alway scan SSL protocol" and "Block encrypted communication utilizing the obsolete protocol v2" enabled.
Advanced Setup Tree > Antivirus and antispyware > Protocol filtering > SSL > Certificates
I have "Add the root certificate to known browsers" enabled.
Under "If the certificate cannot be verified using the TRCA certificate store" I have "Ask about certificate validity".
Under "If the certificate is invalid or corrupt" I have "Block communication that uses the certificate".
I am using Firefox v3.5.2 and when I visit a https address I get an "Untrusted Connection" page. It appears not to like the ESET certificate. If I click on the Firefox "Add Exception..." button on this page it reports "Unknown Identity: Certificate is not trusted, because it hasn't been verified by a recognised authority."
Please help as I think this is important new functionality to get working right.
Kind regards
Justin