Distinguish Web-Traffic by IP Adress

[Spoony]

Hey,

since the last avast Update my firewall (Comodo) cannot longer distinguish outgoing connections by ip adress because all is routed through 127.0.0.1 (AvastSvc.exe).

Only way around is by disabling the web protection, which really cannot be an option...is there any other way, so it is possible to detect to which IP Adress the programm is connecting?

I can specifiy the IP adress for AvastSvc.exe but this gets quite confusing by an increasing number of ip adresses...


Thanks,

Spoony

[ady4um]

Besides rebuilding the firewall rule, try

Web shield -> expert settings -> "scan traffic from well known browser processes only".

Reboot, test and report back.

[Spoony]

Well, I guess with this option only webtraffic by firefox & ie or such will be scanned by avast?

But shouldn't be such a problem... for all other traffic there are other modules like IM/file

Thank you very much.

[ady4um]

Well, I guess with this option only webtraffic by firefox & ie or such will be scanned by avast?

Web shield scanning "well known web browser traffic only" was the default state of things in the previous version of Avast. By checking only this type of traffic, web shield reduces (a little, little bit) the security barriers, but leaves you with the prior compatibility situation.

And you are correct; other shields and security barriers are still there to assist too.

[Spoony]

Apparently OrbitDownloader still uses localhost and is not affected by "well known..."

[sded]

Don't know how Comodo is configured for local proxies these days, but all the connections generated when you use Avast are visible in OA, TCPview, etc.  One is a set of localhost connections between your browser and avastsvc at 127.0.0.1:12080 .  The other is a set of connections from avastsvc to the actual internet IP addresses.  So, for example, if you want to block an IP address, you should be able to block it for avastsvc instead of your browser.  What are you trying to do?