Jump to content

ktechno1

Techbench
  • Content Count

    51
  • Joined

  • Last visited

Posts posted by ktechno1

  1. On 3/27/2021 at 12:45 PM, Porthos said:

    My guess the issue here is how can you enforce a device limit license on a router. The VPN is sold for example 5 devices and you put it on the router then dozens of devices are protected without purchasing other licenses.

    Well, yes, when you install as a service on the router, there is no device limit.  That's the reason to put it on the router--to enable coverage for ALL clients on the network easily, as Fueler also referred to.

    I know that both ExpressVPN and NordVPN, two well-known competitors, both offer extensive support to enable this feature.  I would hope that licensing isn't the holdup here.

  2. On 11/12/2020 at 12:18 PM, gatortail said:

    No, our focus is on the WireGuard protocol.

    I realize this topic was started a few months ago, but I am also interested in using this Privacy service as a function of the router.  That way, it can cover all devices who connect seamlessly.

    Are there plans to add this support anytime soon?  The product has worked great thus far as a stand-alone application, but I want this router capability moving forward, and I know other VPN providers offer this.  The market for this capability will grow exponentially in the coming years ahead.

  3. My apologies, I didn't see that this question had already been asked after a quick search.

    As far as the answer, what does that mean--focus on the WireGuard protocol?  Does that imply that Privacy code will not support .OVPN file configuration? Or that it cannot support .OVPN while using that particular connection method?

    If these two threads need to be merged since the topic is the same, please do so.

  4. 7 hours ago, AdvancedSetup said:

    The Research Team says this  is not a False Positive

     

    Ok.  It finds this detection every night during the scan.  What do you advise to remove it if the program isn't doing that?  And why is it not able to remove it?

  5. On 10/28/2020 at 1:36 PM, exile360 said:

    Greetings,

    Please post the scan report, accessible by clicking the Scan Report link listed in the above dialog so that we may take a look.

    Thanks

    Scan Report: 11/03/2020  4:00:02 AMBack to Scan History
    Scan Log Details	
    Endpoint name:	xxxxx.xxxxx.com
    Scan date and time:	11/03/2020 4:00:02 AM
    Version:	3.8.5.2971
    Component package version:	1.0.652
    Protection update version:	1.0.18820
    OS:	Windows Server 2012
    CPU:	x64
    File system type:	NTFS
    Logged-in user:	xxxxx\xxxxx
    Scan Summary	
    Scan Type:	Threat
    Result:	Completed
    Objects scanned:	279969
    Time elapsed:	0h 14m 48s
    Processes:	0
    Modules:	0
    Registry keys:	1
    Registry values:	0
    Registry data:	0
    Folders:	0
    Files:	0
    Scan Options	
    Memory:	True
    Startup:	True
    File system:	True
    Rootkits:	True
    Heuristics:	True
    Archives:	True
    PUM:	True
    PUP:	True
    Threats Found
    Name	Type	Location	Action	ID
    Adware.Ghokswa	Registry Key	HKLM\SOFTWARE\WOW6432NODE\BIRDEYE	Quarantined	66f8770e-1dbb-11eb-a228-109836a0bf9f

    This is the same detection every night during the automated scan at 4 AM.

  6. Using the Endpoint Cloud Product here. I have an Endpoint which sends a report on the daily scan that it detects and removes something called "Adware.Ghokswa" Reg Key.  I have attached the email.

    This same detection occurs daily, and it cannot seem to completely eradicate it.  Any ideas why this is found every day?  Is a legitimate software installing this key and this is actually a false positive?

    Thanks for any input.

     

    EP_Detect_1.jpg

  7. 31 minutes ago, exile360 said:

    I can understand what you're saying, but at the same time, the usefulness of this feature for vanilla consumer users seems very limited.  I have no idea what it would cost to develop and roll out this kind of functionality, but I know they wouldn't want to devote the resources to it for all Premium users just to suit a handful of special use cases like this.  Putting cost aside for a moment, let's assume that the price would be the same, maybe slightly more; would it be acceptable if they provided a special build for MSP's that had this capability but not necessarily with all the cloud functionality and remote management stuff?  Basically just a special 'support provider' type version where it essentially just does what you said, notifying you via email any time there is a detection, maybe with something like a regular weekly or monthly report/summary just to check in on each of your clients and see how things have gone/make sure the product is still doing its job etc.?

    Yes, absolutely that would be wonderful.

  8. 13 minutes ago, exile360 said:

    I see, thanks for the additional details.  I will also suggest they provide some kind of managed offering for those kinds of situations where the number of endpoints is less than 10.  For someone in your business it would make sense to have the ability to manage multiple smaller clients in a single interface (assuming that would be acceptable from a security perspective, like having a separate group/section or tab for each client/group without having to login to a separate instance of the console/cloud platform for each one as that would be a lot of credentials for you to keep track of).

    If it were possible, would such a solution suit your needs?

    Yes, I think that would.  But that isn't really necessary.  I don't need to have the capability to manage any of all of these Premium-based clients in a single interface... I'd just like to see an email of their product (Premium in these scenarios) actually detects and quarantines.  You can always CC that notification from the client to the MSP, in this case, myself, to then remotely connect and charge PER INCIDENT if more remediation is required.  But aside from their investment for the Premium product, I (as the MSP provider) would not want to pay an additonal cost for a console solution for these types of clients, and I wouldn't be able to pass that cost on to them, obviously...

  9. I appreciate the feedback, @exile360 and @AlexSmith

    First, with Endpoint Protection, it **requires** a minimum of 10 licenses, and for most SOHO type end clients, that is just too many.  Most of these small businesses run with less than 10 (and sometimes just 2 or 3) employees on PCs, so that makes the EP product with the cloud console out of reach from a financial standpoint.  Don't get me wrong--I absolutely LOVE the EP product itself, along with the Cloud Console aspect.  But there are a ton of small-needs "business/office" grade clients who simply do not want to spend $700 ($70 MSRP x 10 seats) for the software alone, and I understand that.

    Secondly, with the new OneView product, if I understand correctly, will only integrate using one of the other business-grade products such as EP or Incident Response--but NOT the Premium product.  If that is accurate, then that still leaves those clients whose budget is < $100 to cover their all their office PCs using a MWB product, without email notifications...

    If there is a product that is similar to Premium in cost, where you can purchase license quantities below 10, that has email notificiations, I'd love to learn more.

    Thanks for your time and open discourse.

     

  10. 4 hours ago, exile360 said:

    Greetings,

    Unfortunately this functionality is not available or planned for the consumer product to my knowledge, however if you are an MSP dealing with business clients then I do believe this option is available.  I will submit a request for this feature in the consumer version, however I doubt they will add it given the fact that the user is alerted whenever anything is detected by real-time protection or scans (including scheduled scans) within the client software itself.

    I had a user at a client office that did not get any real-time notification during normal daily use, but when I checked the scan reports on that installation, I could see that night when the scheduled scan ran, that Trojan files and folders were detected and removed.  But again, I had to manually get on that PC, and LOOK inside the program to find that report... It would be nice if it would email me post-scan and removal when it occurs.  I understand that the Endpoint Protection suite does this, but again, this client only has a few systems, and does not run a dedicated Server-level OS that requires the business-grade products.

  11. I would like to request the feature in Premium for email notifications.  In the event that a daily scan detects or quarantines something, I'd like to get an email notfication of that report, similar to the Endpoint Protection product.

    Is this a feature that Premium could add?  Daily automatic definition updates and system scans are great, but it would be nice to know if and when those scans actually yield a positive result that would re-enforce the value that the product is providing.  All my clients ask about it, and it would be great to be able to point to those timestamped email reports.

  12. As of now, for the scheduled reporting I can choose daily, once per week on Saturday, and once per month...

    I would really like the option to get the schedule on Sunday rather than Saturday.  Reason being, Sunday is the only "off" day at our business, and I'd like to have Saturday night's scans included in the weekly generated Reports.

    As of right now, the Report shows the prior Saturday night's activity, but I'd rather the Report show with Saturday being the "end" of the week's activity.

    Is this possible?

  13. 9 minutes ago, Porthos said:

    There is but it is private for current Techbench subscribers. The old USB program is completely different from the NEW program and toolset.. https://www.malwarebytes.com/techbench/

    I'm a current member of Techbench, but I didn't know another private forum existed.  And, I can't find it at the link provided.  Maybe I'm blind, but can you PM me the direct link?

  14. I notice that there was a dedicated sub-forum for the older, now-obsolete legacy version of Techbench HERE.  But is there not a current sub-forum for users of the Techbench program?

    The reason I ask, some users here might benefit from others inside the program sharing their configuration/custom scripts in the "MyTools" section. 😉

  15. On 2/11/2019 at 11:47 AM, ktechno1 said:

    I am experiencing this same error when I attempt to run a Scan with the Endpoint Protection Cloud product, but this is using Server 2008.

    After reading your other thread, andylee321, I was able to get the Server 2008 to register as a node in the Cloud Console (I had to install the KB update for TLS) but whether I trigger a Scan from the console, or manually on the system, it gives the same error above.  It gets to the "File Scanning" portion, then abruptly stops.

    I was looking at the documentation to run the Malwarebytes Breach Remediation Tool, like you mentioned, hoping to resolve this issue.  But in the MBBR Guide that I have here, dated 30 October 2018, it states the tool only supports OS versions Server 2008 R2 64bit and above.  My system is Server 2008 32bit... The tool that I have here is MBBRv2, dated 11/5/2018, file version 2.7.2.1655.

    How did you get the MBBR tool to run successfully on Server 2003?  Did you use an older version of this tool?  Is that version still available for pre-2008R2 systems, such as mine?

    Thanks in advance.

    Bump-- Anyone?  I need to get this protection running on this Server system...

  16. I am experiencing this same error when I attempt to run a Scan with the Endpoint Protection Cloud product, but this is using Server 2008.

    After reading your other thread, andylee321, I was able to get the Server 2008 to register as a node in the Cloud Console (I had to install the KB update for TLS) but whether I trigger a Scan from the console, or manually on the system, it gives the same error above.  It gets to the "File Scanning" portion, then abruptly stops.

    I was looking at the documentation to run the Malwarebytes Breach Remediation Tool, like you mentioned, hoping to resolve this issue.  But in the MBBR Guide that I have here, dated 30 October 2018, it states the tool only supports OS versions Server 2008 R2 64bit and above.  My system is Server 2008 32bit... The tool that I have here is MBBRv2, dated 11/5/2018, file version 2.7.2.1655.

    How did you get the MBBR tool to run successfully on Server 2003?  Did you use an older version of this tool?  Is that version still available for pre-2008R2 systems, such as mine?

    Thanks in advance.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.