Avast WEBforum
Consumer Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Topic started by: sded on February 20, 2005, 08:33:49 PM
-
There have been some previous messages on the problems using Sygate Personal Firewall with Webshield. SPF has a flaw in that it does not recognize local proxies. So if you turn on Webshield, everything going out or in as http:// has a source of Webshield and is allowed by Sygate. If you want to avoid unknown programs accessing the web, set up your browser(s) to use an http:// proxy of 127.0.0.1, port 12080, and set up 12080 as the redirected http port in Webshield. Then all traffic from your trusted browsers will go through Webshield and show up in the Sygate log with a Webshield source, all https, ftp and other will go though Sygate normally,and any new program requesting http access will be challenged by Sygate as usual.
-
It shouldn't be necessary to set the redirect port to 12080. Just disable redirection in general (by leaving the redirected ports field empty).
It's pointless to redirect communication on port 12080 if you manually reconfigure your web browser to use proxy on this port.
Anyway, thanks for sharing with our forum users. I've been monitoring your discussion on the DSLReport forum as well. :)
Thanks
Vlk
-
Just a reminder of what you put in the proxies if you enter it. :)
-
so adding this to IE connection settings proxy server fixes it:
address 127.0.0.1 port 12080
do I leave bypass proxy server for local addesses unticked?
in advanced button should secure, ftp, gopher protocols be left blank?
I assume avast4.ini doesnt need to be edited for this?
-
That's right. You want to leave https, ftp, gopher blank because Webshield can't scan them and you want Sygate to check for programs using those protocols as well as http not going through the proxy.
You can see in Sygate Traffic log before and after to verify setup.
-
This is my first time using Avast and well I have a sygate firewall. Okay what does this setting proxy 127.0.0.1 do? To whom or what is that proxy related to? Anyways I already set it under IE > Tools > Internet Connection > Lan Settings and also the port 12080 leaving the check box under it blank. Where do you set the other HTTPS, HTP etc setting you are talking about above? Anything else I am mssing? How do I check if this is working right?
dja2k
-
The 127.0.0.1 is just your localhost, saying to do it within your computer. Under LAN/Proxy Server/Advanced you enter these for http. Leave the others blank, since you don't want them to go through Avast! To check to see if it is working, look under the Traffic Log in Sygate. With the Proxy box unchecked, the log should show IE accessing the web. With it checked, it should show ashWebSv.exe accessing the web.
-
Okay I am all set here, thanks for the help. It does show avast accessing the web with the checkmark and ie without it.
dja2k
-
I got a friend to try Avast and if I am correct, he doesn't have to do any of the above stuff for Outpost firewall. This proxy stuff is only for the issue with Sygate right? Or are there issuse with other firewalls including Outpost?
dja2k
-
No, it's basically (imperfect but still OK) work around for a Sygate bug (that has been known for years but Sygate keeps ignoring it :-\).
-
So your saying ? Does he need it also even if he doesn't use Sygate?
dja2k
-
Since it's a work around to a Sygate bug, the answer is NO, it is not needed if you're not using Sygate.
-
Mine still lets everything through... I tested it with realplayer update, thats set to "ask" permission and the log shows "allow" remote port 80 webshield...
I rebooted before trying aswell (IE proxy settings correct, avast redirect blank)
I re-logged into adsl and it worked, so I guess its just sygate, its done this before where it doesnt bother to ask
for permission or asks after I've actually accessed. Might try outpost or something now...
-
Hi,
I'm getting the same problem.
Sygate thinks eg Realplayer is Avast's scanner and lets it access the internet without checking with me.
I'm using W98.
I've set Firefox and IE to proxy 127.0.0.1 port 12080 for http only.
Is there a way to get other programs to access the web directly, as before, so Sygate will recognise them?
John
-
From the log it looks like Real Player is using IE services as its way of connecting to the Internet. Which of course shows up as Webshield in the log. When I turn off Webshield, with the proxy in IE, Real Player can't connect anymore. Don't know how to get around programs that use IE as a tool to connect to the internet-they look just like IE to the Sygate firewall because of the proxy problem.
-
I installed ZoneAlarm, all works ok, all programs inc. realplayer have asked for access. I might go back to Sygate if they fix their problems ie proxy and error at startup on new build for many people, just see their forums, its manic. I have no confidence in a (big) company like Sygate that doesn't fix big issues after several months/years, what else is wrong that we don't know about..
;D Thats why Avast is superior as a company, they address any issues almost instantly, have an un-rivalled tech support forum, a sure sign of a company that cares, in a world where many don't.
-
Unfortunately, using proxies for the browsers doesn't do anything to fix the Sygate local proxy problems-it just keeps Webshield from adding to them significantly. I am also trying out Kerio PF 4.1, and so far it seems pretty good too, if a little more complex to set up (but no proxies necessary). Don't know what the pitfalls are with it. ZoneAlarm just didn't give me enough insight into what was happening to solve problems, although it worked very well as a firewall.
-
Till the end of last year I was using Zone Alarm and AVG, but the latest AVG version caused all kinds of trouble with W98.
Thinking a firewall incompatibility might be the problem, I switched from ZA to Kerio but their latest version seems to cause freezing/crashes with W98 too, so then to Sygate but problems seemed to remain, so finally dropped AVG for Avast! which so far looks pretty good.
However this proxy issue seems to call for yet another firewall change (getting tired of all this "system" stuff :()
So- back to Zone Alarm or try Outpost?
(oldish computer- 192MB/266MHz W98)
Any advice much appreciated.
-
Well you can always disable WebShield (in fact it's not used in win9x unless you specifically configure it in your browser) and have the functionality equivalent to avast 4.5...
-
Well, I have set Firefox and IE to use the webshield, and it seems to be going nicely.
The only problem is this proxy thing with Sygate.
I can (1) put up with other applications sneaking their way onto the net,(2) do without webshield, or (3) switch firewalls I guess.
If (3) , do Zone Alarm and Outpost both work nicely with Avast! on W98?
-
There's one option that you didn't mention (4) bug alwil to make to create a work around for sygate users.
The point is, I can imagine creating a webshield plugin for sygate users that would actually act as a firewall - asking you if this or that process is allowed or not... The problem is, it's not a 2-hour work (more like 2-weeks+testing) and we don't have enough resources for this (unplanned) task at the moment... Maybe in the future. ;)
As about firewall alternatives, I like Kerio 2.x because of its simplicity but it's more designed for advanced users.
Thanks
Vlk
-
PS. I'd love to visit your restaurant!! ;D Oh God, Yummy!
-
Sure, I wasn't thinking of asking you to spend weeks to put a firewall function into a nice antivirus program.
Unfortunately Kerio didn't work well on this machine.
Maybe I'll go back to Zone Alarm, although it gets a lot of criticsm here and there.
Thanks for the kind words about our place- Prague's a long way from Nagoya, but if your in the area, please drop in!
btw is it OK to put an image and link to my website as a signature, and if so where can I read how to do it? Tried plain html and it doesn't seem to work.
-
There's one option that you didn't mention (4) bug alwil to make to create a work around for sygate users.
The point is, I can imagine creating a webshield plugin for sygate users that would actually act as a firewall - asking you if this or that process is allowed or not... The problem is, it's not a 2-hour work (more like 2-weeks+testing) and we don't have enough resources for this (unplanned) task at the moment... Maybe in the future. Wink
I rather wish you won't do that. I live with Sygate fw using sded's advice in making webShields redirection port blank and having my Firefox using a local proxy connection through 12080 local host address, blanking the other protocols. That way other apps (who are not configured to use that local proxy) do get asked from Sygate.
Leave the firewall thing to SPF.
I do how now a local proxy, that could be used with some baddies to sneak out, but not so bad really. I can always disable WebShield from paranoid timed :)
Vlk, instead of a blank redirector port field, can i put there some other high numbered one in the webshield? And same into my browser?
That is only if Avast gets too popular and those crackers want to use it.
-
Well you can always disable WebShield (in fact it's not used in win9x unless you specifically configure it in your browser) and have the functionality equivalent to avast 4.5...
OK that's what I've finally done, as the easiest way out.
The standard shield still catches viruses I guess, and I can leave Sygate as it is.
Actually I'm using an old Sygate (5.5) as the newest one messes up with W98 too! (these updates can be such a pain...)
Anyway thanks for your advice.
-
In case you guys need an alternative to Sygate, check out Jetico at http://www.jetico.com/index.htm
It is free and works nicely with Avast Web Scanner, supports ICS and has the lowest resource consumption very much on the lines of the original Kerio 2.15 Its interface could do with some improvement but then the resource needs might go up as well so works nicely for me.
-
Thanks Arup, I'll have a look at that and maybe try it out next week.
-
It is quite good but has a steep learning curve like Kerio 2.15, keep us updated.