Other applications besides FireFox and IE browsers are in control of the firewall. So no app checks for updates or sends info out, etc. without my acceptance.
I have no problem that Firefox don't get asked from the firewall. I would allow it anyways. It does get asked though with other ports than TCP 80.
That is not so. You have allowed all the client remote tcp and udp ports by default. When Firefox first gets asked for connection, you permit it to use all those ports. You have also allowed the whole IP range in your browser application rule. That is why you dont get asked again.
So no app checks for updates or sends info out, etc. without my acceptance.
This is unfortunately not true in the free version (in my current understanding) if those apps do it through IE or Firefox; even if you set-up an advanced rule to make the browsers ask for permission - once they do and it’s granted, then another program has free access through that browser without the browser having to ask for permission again (unless you reboot). To substantiate this, I made a rule, made sure Firefox and Web Shield were flagged to ask for permission, fired-up Firefox and it asked for permission (through the Web Shield asking to get on the 'net); I then updated CCleaner (nice freeware for cleaning the registry among other things, which was also marked to “ask” for permission), and it went right to its website through Firefox without ever being flagged for rights.
For those with the free version of the firewall wanting to experiment with this procedure, try it via:
· Right-click on the Sygate System Tray Icon.
· Click on Advanced Rules.
· Click on the OK to acknowledge the message.
· Click Add.
· Type a description of what the rule will do.
· Click on the Ports and Protocols Tab.
· Select UDP.
· Type 53 in the Remote Window.
· Click OK.
· Click OK.
Make sure you have the Web Shield marked to “ask” for permission as well as your browser and whatever programs you’re going to experiment with.
I think this needs to be done in conjunction with:
· Click on Start in the “Start Bar”.
· Select Control Panel.
· Select Administrative Tools.
· Select Services.
· Right click on DNS Client.
· Click on Stop.
· In the pull-down window above that, make sure that Disabled is selected.
· Click on Apply.
· Click on OK.
· X (close) out of Services.
· X (close) out of Administrative Tools.
The problem with this is and Sygate in general (at my current knowledge level) - it’s only a one-shot approach: once the program is granted permission, it doesn’t have to do it again for the current runtime (if you will) of the computer. Given that, it would be far better if Sygate updated their permission granting to provide the ability to grant or deny program access for:
· Every time it asks
· Until reboot
· Always
If anyone knows how to write a rule to make sure a give program asks every time it wants the ‘net during the current session, would you please list that procedure here point-by-point? That way Avast/Sygate users will have an excellent, stable, non-resource hogging, somewhat user-friendly mechanism for protecting them on a much more assured level.
Regards,
=AirCeej=