Avast WEBforum
Consumer Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Topic started by: scrub on June 15, 2011, 08:54:30 PM
-
firewall is set to public/high risk zone since i am connected to a broadband/cable modem. upon looking to the logs, firewall blocked opendns incoming connection.
is there any way i could allow the said connection? if none, what are the problems i may encounter?
thanks
-
hellloooo????????? anybody there? ??? ??? ???
-
Does it change if you set the level to "Home"?
-
Don't know why there is an "incoming" connection from OpenDNS to your computer, it should be outbound only I would think.
However, it's usually best to setup your DNS server on your gateway (your router) instead of on individual computers. It's easier to manage that way, and you'll still have access to local resources (shared printers, folders, etc.).
Here's some information to setup OpenDNS on a router (hopefully you have one, otherwise I guess I'm wasting my breath): https://store.opendns.com/setup/device/router
More specific instructions might be available for your particular router here (if needed): https://store.opendns.com/setup/router/
-
Does it change if you set the level to "Home"?
it's used to set to "work" and everything is fine, no blockings.
-
Don't know why there is an "incoming" connection from OpenDNS to your computer, it should be outbound only I would think.
However, it's usually best to setup your DNS server on your gateway (your router) instead of on individual computers. It's easier to manage that way, and you'll still have access to local resources (shared printers, folders, etc.).
Here's some information to setup OpenDNS on a router (hopefully you have one, otherwise I guess I'm wasting my breath): https://store.opendns.com/setup/device/router
More specific instructions might be available for your particular router here (if needed): https://store.opendns.com/setup/router/
sorry but i do not have a router. but i've read it somewhere here that it is best to set the firewall to PUBLIC if you are directly connected to the internet through a cable modem/broadband.
I guess the outbound connection is for the opendns updater.
-
I have DNS set to 4.2.2.1 and4.2.2.2 I get inbound from them on port 53 that are blocked. Too weird.
-
I have DNS set to 4.2.2.1 and4.2.2.2 I get inbound from them on port 53 that are blocked. Too weird.
yup. and the remote addresses 208.67.222.222 and 208.67.220.220 inbound connections are blocked too!
-
Does it work if you put an exception for the two OpenDNS IP addresses in the Avast firewall?
-
where can i find that?
anyway, here's a screen cap of my firewall log:
(http://i56.tinypic.com/2a4r41l.jpg)
-
(http://i54.tinypic.com/2r3idfq.jpg)
-
Don't know where it is, as I don't use AIS but someone will surely be around to help you. It might be in the settings menu. Just poke around, the new GUI is pretty easy to navigate.
Otherwise, I'll google "Avast add firewall exception" and probably be able to find the answer for you.
-
Yep, first hit: http://support.avast.com/index.php?languageid=1&group=eng&_m=knowledgebase&_a=viewarticle&kbarticleid=482
-
I'm not sure that will work as there isn't a process as such for OpenDNS just the changes to the browser DNS server.
Just had a look at the avast Help Center, Firewall, Expert settings, Friends and that appears to mention the magic word networks, so I don't know if that would allow you to enter the network IP address (the ones required for OpenDNS) in the Friends Internet In and Out.
-
I'm not sure that will work as there isn't a process as such for OpenDNS just the changes to the browser DNS server.
Huh? What do you mean by that? The "just the changes to the browser DNS server" part.
I don't see why he couldn't add an entry to the two static IP's of OpenDNS. It's not just for the internet browser, I think the OP has the DNS entries hardcoded on his network adapter > TCP/IP properties.
Maybe I'm missing something here?
-
The reason for my comment was that the Knowledge base article sub-heading on;t mention 'application' this and 'application' that, I didn't scroll right down to where it mentions what I came up with the Friends Network, etc. where you can enter the IPs. There didn't seem to be any sub-heading for that at the top of the page.
I can't recall the procedure for using OpenDNS, I can't use it with BT Home Hub, but it is changing the DNS settings that are used as there is no OpenDNS application running (unless you use the Dashboard feature, which required IP discovery on your IP). Hence my confusion about how can you enter an application for OpenDNS.
-
Alright, that makes sense. Thanks for the clarification.
Hopefully he can enter the IP's and that will solve the problem.
-
if i'll include the opendns ips in my 'friends', what range of digits should i input?
-
I'd say just the two IP addresses that are listed on the OpenDNS home page (just look on the bottom of their site).
If you add them to the "trusted" networks, it shouldn't block any communications from them.
Again, I don't have the AIS product, so I might be wrong, but if I was in your situation I would do just that to see what happens.
Good luck, and I hope that works for you. I can't believe that more people aren't having the problem though, a lot of avast users on the forum use OpenDNS for their DNS queries, so I'd assume there would be more discussions about this.
-
calling all the evangelists!!!!!! help me. :( :( :(
-
There are only two IP addresses no range, so enter those as scythe994 suggests.
A google search for OpenDNS IP addresses found this in seconds http://www.google.co.uk/search?q=OpenDNS+IP+addresses (http://www.google.co.uk/search?q=OpenDNS+IP+addresses) and this is in the first hit, 208.67.220.220 and 208.67.222.222 displayed in the retrieved search info you didn't even have to visit the web page.
-
There are only two IP addresses no range, so enter those as scythe994 suggests.
A google search for OpenDNS IP addresses found this in seconds http://www.google.co.uk/search?q=OpenDNS+IP+addresses (http://www.google.co.uk/search?q=OpenDNS+IP+addresses) and this is in the first hit, 208.67.220.220 and 208.67.222.222 displayed in the retrieved search info you didn't even have to visit the web page.
i already swithced to Outpost Pro 7.5 and I am loving it so far. better than OA, CFW and AIS firewall in my opinion. Thanks anyway. ;D ;D ;D
-
I have been using Outpost Firewall Pro in different versions for many years and I like it for its configurability and flexibility. It also depends on the Firewall Policy chosen I use the Rules Wizard setting.
But the Outpost firewall really can't be directly compared with the AIS firewall as that seeks to be less noisy for the user not constantly popping up decision dialogues.
-
I have been using Outpost Firewall Pro in different versions for many years and I like it for its configurability and flexibility. It also depends on the Firewall Policy chosen I use the Rules Wizard setting.
But the Outpost firewall really can't be directly compared with the AIS firewall as that seeks to be less noisy for the user not constantly popping up decision dialogues.
yup i know, but I am not that confident with AIS firewall. less popups compared to CFW.
by the way, i read somewhere that it is recommended to swith from rules wizard to block most after a week? your advise?
-
I can't see the reason for that, I have had it on rules wizard right from the very start, I feel that is more likely to generate permissions pop-ups than block most or allow most. I like to know what is going on within my system.
I don't believe this is like a learning mode which would be fine for a week or so to get an idea of what you are running on your system.
Running in Auto-Learn Mode
To reduce the number of Rules Wizard prompts during the initial stage of Outpost Firewall Pro operation, you can set it to memorize (auto-learn) typical activities performed by a system by enabling the Auto-Learn mode.
In this mode, Outpost Firewall Pro assumes all new activity of applications rated as trusted and normal is legitimate and consequently allows network access and process interaction to such programs. As such programs access the Internet and interact with other software for the first time, Outpost Firewall Pro memorizes their identities and creates allowing rules for all the requested connections. The created rules will remain in effect after the auto-learn period expires and the computer is switched back to normal monitoring mode. If the rule exists for the requested connection, the connection is managed according to these created rules, so your programs will continue to be able to access the Internet without triggering a "new connection" prompt.
To enable the Auto-Learn mode, right-click the Outpost Firewall Pro system tray icon and select Enter Auto-Learn Mode. Specify the period of time you want Outpost Firewall Pro to be trained and click OK.
After the specified period, the software automatically enables rules autocreation and updates so the network traffic is processed according to rules created during the auto-learn period and any rules based on the factory presets.
To switch back to normal mode before the specified period is over, right-click the Outpost Firewall Pro system tray icon and select Leave Auto-Learn Mode.
-
I can't see the reason for that, I have had it on rules wizard right from the very start, I feel that is more likely to generate permissions pop-ups than block most or allow most. I like to know what is going on within my system.
I don't believe this is like a learning mode which would be fine for a week or so to get an idea of what you are running on your system.
Running in Auto-Learn Mode
To reduce the number of Rules Wizard prompts during the initial stage of Outpost Firewall Pro operation, you can set it to memorize (auto-learn) typical activities performed by a system by enabling the Auto-Learn mode.
In this mode, Outpost Firewall Pro assumes all new activity of applications rated as trusted and normal is legitimate and consequently allows network access and process interaction to such programs. As such programs access the Internet and interact with other software for the first time, Outpost Firewall Pro memorizes their identities and creates allowing rules for all the requested connections. The created rules will remain in effect after the auto-learn period expires and the computer is switched back to normal monitoring mode. If the rule exists for the requested connection, the connection is managed according to these created rules, so your programs will continue to be able to access the Internet without triggering a "new connection" prompt.
To enable the Auto-Learn mode, right-click the Outpost Firewall Pro system tray icon and select Enter Auto-Learn Mode. Specify the period of time you want Outpost Firewall Pro to be trained and click OK.
After the specified period, the software automatically enables rules autocreation and updates so the network traffic is processed according to rules created during the auto-learn period and any rules based on the factory presets.
To switch back to normal mode before the specified period is over, right-click the Outpost Firewall Pro system tray icon and select Leave Auto-Learn Mode.
thank you sir. i'll be looking for you if i have questions. would that be okay? lol
-
I'll be hiding ;D
-
I'll be hiding ;D
i'll hunt you down! lol xoxo
-
I think that you will find AIS safezone and sandbox wont work correctly with outpost,unless you make system wide rules in outpost,which possibly might be compromising.Ive contacted agnitum via ticket and am awaiting a reply.