Eero Plus - View Devices/Sites that Triggered "Threat"

I love eero Plus and the fact that it is protecting our network. What would be nice is under the Activity log where it shows Threat Blocks for Botnet, Malware, Phising, Spyware (and ditto for Content Filters), it would be nice to be able to click on what was blocked and see the following:

- Device that was the source of the block (Was it my TV, my laptop or my iPhone)
- Site that was visited 
- What the threat was that was blocked, if it's a known threat

Obviously there are privacy concerns so you should be able to toggle the above feature on or off. 

108 replies

    • euphbriggs
    • 8 mths ago
    • Reported - view

    I'm getting malware threats on three devices on my network. I ran antivirus and antimalware on all of them without any hits. I factory reset the tablet and only reinstalled Disney+, Hulu, and Peacock, but I'm still getting the warnings. Unless one of those apps is the underlying cause (which I strongly doubt), it's either a false positive or something else in my network is trying to spread to other devices.

    If eero isn't willing to tell me what is triggering the alerts, I will have to look for other options. Telling me that you know someone is trying to break into my house but not telling me how you know or where you detected a problem isn't constructive. I still have to do all the work myself to identify (and eventually fix) the problem, except that now I'm annoyed that the security system isn't sharing the information it has about it.

      • cmarinas
      • 8 mths ago
      • Reported - view

      euphbriggs for me it was clearly a false positive triggered by the Disney+ app. I did some debugging (details above in this thread) and eventually found that media.dssott.com (and its subdomains) was incorrectly flagged as phishing. I have since canceled eero Secure, too many problems and no logs to debug. If you don't care about setting up profiles at the router level, NextDNS is a good option.

    • ypsiscoot
    • 7 mths ago
    • Reported - view

    Like so many others, signed up for this. It's useless without data. Will be single starring as much as possible. 

    • cputrdoc
    • 3 mths ago
    • Reported - view

    I just renewed my Eero Plus subscription on the off chance that it might actually do something... but at present I honestly can't tell.  When I learned that malware like Mirai is being used to commandeer IoT cameras to create botnets, I figured I would lock down my devices as much as I could, e.g. a doorbell camera should not need access to eBay, Tinder, or Halo, so I go down the list of content filters for every device and only allow what I know it will need. 

    All of my smart speakers belong to one profile, and they all get the same rules.  Likewise I have groups for for streaming devices, kids' devices, and IoT appliances like my thermostat and sprinkler timer.  ...and I'm honestly probably setting up rules that will never be hit, but since I don't know what's going on, I feel like I need to protect my devices myself. 

    Ever so often I get surprised, and find that an Eero Plus content filter is not configured right, it's blocking something legitimate which causes something to stop working.  But with no visibility into what rule is being hit, I can only fix it with trial-and-error.

    If I tell the Eero app that a device is a sprinkler timer or a thermostat, Eero should realize that sprinkler timers should probably only talk to one domain, and if it suddenly starts doing other things, that should be flagged as suspicious.

    I like the simplicity of Eero, but some transparency would make me an enthusiastic subscriber. The solution doesn't even need to be technical, it could be as simple as notifying the user if a device is doing something unusual, like a credit card company would tell you of a suspicious charge.

    • Headshaker
    • 3 mths ago
    • Reported - view

    Voting UP, as well, I'm web developer and having some visibility on what's blocked for would be really helpful.

    • Organizer
    • 1 mth ago
    • Reported - view

    Being given the option to see some more details would be greatly appreciated.

    • HotFix
    • 1 mth ago
    • Reported - view

    Like others, I created a community account just to upvote this.

    I am a 25+ year IT Engineer veteran. I have a Windows Server 2016 Domain Controller on my home/lab network that has no unusual applications installed on it, and no one is ever logged into it. I have run full anti-malware scans on it that come up with nothing on that server.. However, I got a report of 154 alerts for this box server (and only this server for some strange reason), where 124 were "Phishing & Deception" and 30 were "Malware". I can't even tell what direction the traffic was in that caused these alerts (if Eero is trying to report a connection to this server or from this server)...

    I'm seriously disappointed that after 4+ years of customer requests, this hasn't been addressed. I guess I too will be turning off this feature in Eero as it appears to be worthless. I hope Firewalla has a black Friday sale and that the transparent bridge mode works well. It's a shame you have to augment something like Eero's "network security" with a third party product...

    • BAC
    • 1 mth ago
    • Reported - view

    +1 for feature request. 30 years in IT, CISM certified, and this is extremely frustrating to me. If I have known, I would have stuck with a different system. While I like the simplicity of setup, give us the tools to manage the system like every other solution out there. I realize you are trying to reduce support calls but this is a crucial function in today's age of threats. I suspect that the number of threats is grossly exaggerated but I want to make that determination myself.

    • Kekelou
    • 1 mth ago
    • Reported - view

    I have noticed that only my devices on my home network encounter malware and phishing attacks. I have no idea why or what action triggers the detection. It's very concerning because obviously if I knew what it was I would be more mindful to avoid it. Please implement this feature request eero.

Content aside

  • 219 Votes
  • 1 mth agoLast active
  • 108Replies
  • 5217Views
  • 107 Following