NOD32 deployed by Group Policy cfg.xml contains extra data? is it safe? how 2 remove?

[t0mmyr]

I'm testing a new GPO and followed the directions instructed from here. and so far my 1st two tests have been excellent! however in order to deploy this via msi + cfg.xml I placed the files in a shared namespace all domain users/systems can read and am concerned about the data inside the cfg.xml file I created.

I created the original cfg.xml by using my workstations current configuration as a base, downloaded/saved it through ERA and modified it with ESET Configuration Editor, saved a new .xml file and it works...but when I opened the xml file by itself I found 2-3 sections I was slightly concerned about:

1: Our EAV-12345678 volume license Username is visible in plain text & our Password is a string of numbers and digits such as: "A1bj9w9wiwjfIFJASFASF8sXXx7skjdkw44w=", if everyone has read access to this file and manages to locate it on our network and opens it can they decode and walk off with our companys username and password?




2: There is a plugin id:
-<PLUGIN ID="1000101"> -<PROFILES> -<NODE TYPE="SUBNODE" NAME="@My profile">
section that looks specific to my computer systems hardware? Do I really need my towers current USB device info on all my computer systems? Can I just remove the <plugin 1000101> section from the xml with no bad repercussions?




3: There is another plugin id:
-<PLUGIN ID="1000200"> -<PROFILES> -<NODE TYPE="SUBNODE" NAME="@My profile">
that contains a bunch of trusted untrusted toggles I don't recognize looks http related but what spotted my attention was my own windows 7 username directory listing a ton of .exe's I've ran or had installed in my the past/currently on my computer system found under this node:
-<NODE TYPE="XML" NAME="EPFWDATA" XML_VERSION="1"> -<BROWSERS>
I don't want everyone at my company being able to see a list of executable applications on my computer for any non necessary reason, how can I remove this info?

[Marcos]

Quote:

Originally Posted by t0mmyr

I'm testing a new GPO and followed the directions instructed from here. and so far my 1st two tests have been excellent! however in order to deploy this via msi + cfg.xml I placed the files in a shared namespace all domain users/systems can read and am concerned about the data inside the cfg.xml file I created.

It is not necessary to put a configuration xml containing your username and password to a shared folder. Just push installation with the desired configuration directly from ERA without using a separate xml file.

Quote:

2: There is a plugin id:
-<PLUGIN ID="1000101"> -<PROFILES> -<NODE TYPE="SUBNODE" NAME="@My profile">
section that looks specific to my computer systems hardware? Do I really need my towers current USB device info on all my computer systems? Can I just remove the <plugin 1000101> section from the xml with no bad repercussions?

The "Plugin 1000101" node belongs to real-time protection. By removing this node completely, you'll remove all real-time protection settings. Not sure what USB device information you mean as the Device control plugin has ID 1000E00.

Quote:

3: There is another plugin id:
-<PLUGIN ID="1000200"> -<PROFILES> -<NODE TYPE="SUBNODE" NAME="@My profile">
that contains a bunch of trusted untrusted toggles I don't recognize looks http related but what spotted my attention was my own windows 7 username directory listing a ton of .exe's I've ran or had installed in my the past/currently on my computer system found under this node:
-<NODE TYPE="XML" NAME="EPFWDATA" XML_VERSION="1"> -<BROWSERS>
I don't want everyone at my company being able to see a list of executable applications on my computer for any non necessary reason, how can I remove this info?

You can remove particular nodes according to your likings. However, when deploying a configuration to network clients I would use an xml only with specific settings set / adjusted. To accomplish this, use the Configuration editor and set / adjust only the desired settings while marking them (the little square will turn blue when marked, e.g. by pressing space).