Avast WEBforum
Consumer Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Topic started by: Mike098 on September 03, 2008, 09:11:46 PM
-
Why is there a Network Shield with avast! 4.8 Home Edition when installed on Windows NT,2K,XP,Vista? Because without the Network Shield I can install a more complete third party Firewall and have for 100% sure no conflicts with this Network Shield of avast!. I am afraid that when I install a third party Firewall next to avast! 4.8 Home Edition on my Windows XP I get conflicts. Is there a way of deactivate the Network Shield of avast! 4.8 Home Edition? Or can I expect a more complete Firewall build in the future avast! Home Edition?
Thanks in advance, Mike098.
-
I did read that two firewalls, in this case the Network Shield (also lightweight firewall) of avast! 4.8 Home Edition on Windows NT,2K,XP,Vista and a third party Firewall give conflicts.
-
I have both a firewall and network shield running no problem for nearly a year now on Windows XP. The network shield is only lightweight (only deals with specific infections etc) and shouldn't conflict with your own firewall
-
Network shield is not a firewall
-
I have both a firewall and network shield running no problem for nearly a year now on Windows XP.
Same setup here...I have no problem at all, everything is working just fine!
-
The network shield as has been said isn't a firewall, but monitors known ports used for exploits. It should have no impact on your firewall.
-
The network shield as has been said isn't a firewall, but monitors known ports used for exploits. It should have no impact on your firewall.
I'm very sorry for the necromantic stunt here but reading this thread made me wonder about one thing: what's the difference between the Network Shield and the Web Shield?
I mean, by the quote above, Network Shield monitors traffic going through certain ports and so I suppose HTTP ports are included in this bunch. Since the job of the Web Shield is to filter all the HTTP traffic, does it means both Network Shield and Web Shield are doing the same thing when it comes to HTTP traffic? Is HTTP traffic being double-filtered all the time? ???
Alas, can you please clarify what are the specific jobs of the Network Shield and the Web Shield?
Thanks very very much in advance!
-
Network Shield filters traffic coming from all applications (not only browsers), and on all ports. For performance reasons, though, it tries a bit harder in case of the well-known HTTP ports.
Network Shield works on both DNS and HTTP level, i.e., blocks domains on DNS level, but in no way it's limited to whole domains only. The plan is to actually only block malicious URLs unless they're 100% certain there's no useful stuff hosted on the domain (in which case they will block it altogether). It can also block by IP's.
Also, Network Shield is a protection against known Internet worms/attacks. It analyses all network traffic and scans it for malicious contents. It can be also taken as a lightweight firewall (or more precisely, an IDS (Intrusion Detection System).
Network Shield protects you from internet worms that spread themselves via various security holes in your system. Typicaly these kind of viruses don't infect files but instead they attack running processes on your PC (either Windows components or some server programs like SQL Server, IIS etc.). These kind of attacks are not easily catched by ordinary antivirus during file or mail scanning. It is not a duplicate work with Standard Shield.
Basically, it covers all Internet worms. Such as Win32.CodeRed, Win32.SQLSlammer, Win32.Blaster, in32.Welchia (Nachi) and Win32.Sasser.
WebShield scans only http traffic on redirected ports (generally, 80 only). It stops the connection to malware even before the file is saved to the computer.
-
Check also other limits of WebShield (compared to Script Blocker).
http://forum.avast.com/index.php?topic=45438.msg380636#msg380636
-
Network Shield filters traffic coming from all applications (not only browsers), and on all ports. For performance reasons, though, it tries a bit harder in case of the well-known HTTP ports.
WebShield scans only http traffic on redirected ports (generally, 80 only). It stops the connection to malware even before the file is saved to the computer.
So based on the above quotes, the HTTP traffic gets indeed scanned by both Network Shield and Web Shield, right?
-
Actually Network Shield isn't bound to any port specifically. It simly checks traffic on all ports. However on HTTP it also checks links with its blacklist to see if the visited site is bad or not.
-
So based on the above quotes, the HTTP traffic gets indeed scanned by both Network Shield and Web Shield, right?
No, as RejZor said.
-
Ok, thanks all for your answers!
-
From the above comments, it seems the Web Shield is therefore useless if one uses the Network Shield.
Is that right?
-
From the above comments, it seems the Web Shield is therefore useless if one uses the Network Shield.
Is that right?
Hmmm, the way I understood it is not useless because although they both scan HTTP traffic, they search for different things (NS searches for Internet worms/specific TCP packets and WS searches for malicious/spyware code inside HTTP traffic content) :)
But I might have understood wrong, ofc 8)
-
No. Web Shield serves a different purpose. While Network Shield is checking malicious packets (like Sasser or MSBlast generated TCP traffic) and checking of webpage addresses, Web Shield is scanning the actual transfered data. So anytime you view a webpage, pretty much entire content of that webpage is scanned by avast! even before it actually enters the browsers and also all downloaded files that come through HTTP protocol are also scanned. This way you can prevent known exploits from affecting possibly still vulnerable browser.
It also prevents known bad downloads (files) from even reaching your hard drive.
Thats why it's almost critical to run at least Standard Shield, Network Shield and Web Shield providers together (not just one or another alone), because only together they fully cover wider range of possible security holes to your system and provide maximum security.
All other providers are not exactly necessary but they also provide additional protection layer depending on what programs you are using (email clients, P2P software, IM etc).
-
From the above comments, it seems the Web Shield is therefore useless if one uses the Network Shield.
Is that right?
Sorry, totally wrong as they are looking at totally different things.
-
Thanks for the more detailed information.
I was running the Standard Shield alone, but will now enable both the Network and Web ones.
Nice day,
François