[Solved] nsanedown blocked by ESET!!!!

[Holmes]

I upgraded ESET to ten and I remember posting on a post or thread about allowing ESET to allow this website an I have allowed it the problem it finds favicon and sixteen items from nsanedown to block and nsanedown doesnt load properly if anybody has any ideas please share and I apologize in advance if this has been posted then just show me the thread where its posted and lock this topic or send me a pm thank you in advance.

[Holmes]

That worked I forgot the star at the end of each one.  Thank you very much I would like my ocd doesnt like that Im going to put this information on my computer and if I see a topic in the future that asks this question I can give them this information.

[Holmes]

I dont know why I didnt think of it (I have alot on my mind) I could have just went here):

 

https://www.nsaneforums.com/topic/244752-nsanedown-blocked-by-eset/

 

My bad you can mark this as solved.  The last item that got blocked in those sixteen items was favicon.ico I dont know why.  ESET marks sites they dont like as malicious.  Its really stupid.

[Holmes]

As long as you add *.nsanedown.com* it should be fine I dont think the forward slash is necessary it doesnt matter as long as it works.

[lurch234]

Next time just export your settings before upgrading or downgrading. Saves both grief and time.

[neofita]

well done ESET, because nsane is a very dangerous place  

[DKT27]

Topic marked as solved.

[KRS]

According to @0bin, the security of the pages to navigate, according to the browsers and the extensions of the secure pages vary, by http and https, unlike are false emergencies since sites with http can be secure in any way. So put exclusions on the site with these symbols * immediately the page. * www.world.wide *

 

I froze the key, I wanted to make mention. corrected.

[DKT27]

27 minutes ago, 0bin said:

Who is oooo?

Insane has one real vulnerability and is XSS.

 

 

https://urlscan.io/result/1207a43e-7f4b-4517-a702-6fc3d30907b8#secheaders

 

https://wiki.mozilla.org/Security/Guidelines/Web_Security#X-XSS-Protection

X-XSS-Protection

X-XSS-Protection is a feature of Internet Explorer and Chrome that stops pages from loading when they detect reflected cross-site scripting (XSS) attacks. Although these protections are largely unnecessary in modern browsers when sites implement a strong Content Security Policy that disables the use of inline JavaScript ('unsafe-inline'), they can still provide protections for users of older web browsers that don't yet support CSP.

New websites should use this header, but given the small risk of false positives, it is only recommended for existing sites. This header is unnecessary for APIs, which should instead simply return a restrictive Content Security Policy header.

Examples

# Block pages from loading when they detect reflected XSS attacks
X-XSS-Protection: 1; mode=block

 

I believe it needs to be done by IPB, a lot these things are taken care by them. I can be wrong though, if so, then Lite or shought will need to look into it.

 

Also, this is potential vulnerability, while security is a priority, it does not mean it is possible to easily exploit it.

[KRS]

no, I do not really belong to that team that mentions me.

[DKT27]

5 minutes ago, 0bin said:

1 BTC.

Just reporting, I don't know if is really a vulnerability or not.

@UmbraEmsisoft could give more answers about it 

 

I see.

 

Well, a lot of sites like to jump onto things without knowing about it. Like, I used to remember members posting site which showed how much nsane.down or nsane.forums is worth. Complete crap those things. They give some sort of impression that we are earning anything for it. If that were the case then we would have been asking for any donations here.

[UmbraEmsisoft]

0 means the XSS protection/filtering is disabled,  doesn't mean the site is forcibly vulnerable.  Maybe the admin can enable it. 

[DKT27]

15 minutes ago, 0bin said:

I remember only one post about worth, and was on piratebay.

For me has its value both the content and the game.

 

The fact that is public means I am transparent to that, like I did with anonymz.

Eset story is another chapter, is internal blacklisting, because of old times, not releated to security of the site or xss, just because they want the site blocked.

 

Also I have something to say about Malwaretips and the canvas that display right here:

 

Calling file: https://malwaretips.com/js/audentio/material/functions.min.js?_v=c2a82046_1.5.14.0_1 line 4 column 4718

 

6 minutes ago, 0bin said:

What is Audentio JS?

This is not promising: @@||forums.macg.co/js/audentio/funbox/advertisement.js

 

Those just look like scripts, I do not notice any issue with them.

[Kyle_Katarn]

On 09/09/2017 at 6:37 PM, 0bin said:

Sure, store the image too if you find useful. These rules will change, at least the one for VodooShield, for Nsane I don't think.

The same is true for SUMo, if want create exclusion to avoid alarm.

 

I'm interested to know, favicon.ico is a generic term they use or is something more complex?

 

I'm struggling to get them whitelisting SUMo :-(

[Holmes]

I have noticed after upgrading to eset nodthirtytwo ten and malwarebytes three browsing is slower and I dont like that.

[hacker7]

I'm facing the same problem when install eset now

even thought i excluded website like i always do

but now it's not working and specialy software update section .?

any body facing this problem .?

 

[BALTAGY]

Just now, hacker7 said:

I'm facing the same problem when install eset now

even thought i excluded website like i always do

but now it's not working and specialy software update section .?

any body facing this problem .?

 

Add this exclude to the List of allowed addresses

*nsanedown.com*
*nsaneforums.com*

[hacker7]

I was breaking the syntax doing this way /.com*  as 0din said

Thank you Guys

 

Edit  problem not solved still blocking

[hacker7]

1 minute ago, 0bin said:

Another common name used is Obin, Like Odal.

Edit  problem not solved still blocking

[hacker7]

15 minutes ago, BALTAGY said:

Add this exclude to the List of allowed addresses

*nsanedown.com*
*nsaneforums.com*

 

Added new rule and  included those lines and it's working now

3 minutes ago, 0bin said:

I am rebuilding Nyx, give me some time and I will test too

No need now thanks bro

[BALTAGY]

2 minutes ago, hacker7 said:

 

Added new rule and  included those lines and it's working now

No need now thanks bro

If you want to make it more specific you can try *nsanedown.com/* and *nsaneforums.com/* it should work also

[hacker7]

1 minute ago, BALTAGY said:

If you want to make it more specific you can try *nsanedown.com/* and *nsaneforums.com/* it should work also

yes that's what i did !

created two rules and it's working like before and better

Thank for the help

[wakker]

On 10/6/2017 at 2:41 PM, hacker7 said:

yes that's what i did !

created two rules and it's working like before and better

Thank for the help

Still not working :/ ESET keeps on blocking Nsane

[hacker7]

9 hours ago, wakker said:

Still not working :/ ESET keeps on blocking Nsane

 

On 10/6/2017 at 5:39 AM, BALTAGY said:

If you want to make it more specific you can try *nsanedown.com/* and *nsaneforums.com/* it should work also

 

[wakker]

2 minutes ago, hacker7 said:

 

 

It is working I didn't put it in the right place.