Avast WEBforum

Consumer Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Topic started by: scrub on June 15, 2011, 08:54:30 PM

Title: opendns incoming connection blocked
Post by: scrub on June 15, 2011, 08:54:30 PM
firewall is set to public/high risk zone since i am connected to a broadband/cable modem. upon looking to the logs, firewall blocked opendns incoming connection.

is there any way i could allow the said connection? if none, what are the problems i may encounter?

thanks
Title: Re: opendns incoming connection blocked
Post by: scrub on June 16, 2011, 01:05:12 PM
hellloooo????????? anybody there?  ??? ??? ???
Title: Re: opendns incoming connection blocked
Post by: Lisandro on June 16, 2011, 02:38:58 PM
Does it change if you set the level to "Home"?
Title: Re: opendns incoming connection blocked
Post by: scythe944 on June 16, 2011, 05:40:54 PM
Don't know why there is an "incoming" connection from OpenDNS to your computer, it should be outbound only I would think.

However, it's usually best to setup your DNS server on your gateway (your router) instead of on individual computers.  It's easier to manage that way, and you'll still have access to local resources (shared printers, folders, etc.).

Here's some information to setup OpenDNS on a router (hopefully you have one, otherwise I guess I'm wasting my breath): https://store.opendns.com/setup/device/router

More specific instructions might be available for your particular router here (if needed): https://store.opendns.com/setup/router/
Title: Re: opendns incoming connection blocked
Post by: scrub on June 16, 2011, 05:54:06 PM
Does it change if you set the level to "Home"?

it's used to set to "work" and everything is fine, no blockings.
Title: Re: opendns incoming connection blocked
Post by: scrub on June 16, 2011, 05:57:10 PM
Don't know why there is an "incoming" connection from OpenDNS to your computer, it should be outbound only I would think.

However, it's usually best to setup your DNS server on your gateway (your router) instead of on individual computers.  It's easier to manage that way, and you'll still have access to local resources (shared printers, folders, etc.).

Here's some information to setup OpenDNS on a router (hopefully you have one, otherwise I guess I'm wasting my breath): https://store.opendns.com/setup/device/router

More specific instructions might be available for your particular router here (if needed): https://store.opendns.com/setup/router/

sorry but i do not have a router. but i've read it somewhere here that it is best to set the firewall to PUBLIC if you are directly connected to the internet through a cable modem/broadband.

I guess the outbound connection is for the opendns updater.
Title: Re: opendns incoming connection blocked
Post by: beck on June 16, 2011, 06:11:40 PM
I have DNS set to 4.2.2.1 and4.2.2.2 I get inbound from them on port 53 that are blocked. Too weird.
Title: Re: opendns incoming connection blocked
Post by: scrub on June 16, 2011, 06:19:46 PM
I have DNS set to 4.2.2.1 and4.2.2.2 I get inbound from them on port 53 that are blocked. Too weird.

yup. and the remote addresses 208.67.222.222 and 208.67.220.220 inbound connections are blocked too!
Title: Re: opendns incoming connection blocked
Post by: scythe944 on June 16, 2011, 06:25:09 PM
Does it work if you put an exception for the two OpenDNS IP addresses in the Avast firewall?

Title: Re: opendns incoming connection blocked
Post by: scrub on June 16, 2011, 06:29:26 PM
where can i find that?

anyway, here's a screen cap of my firewall log:

(http://i56.tinypic.com/2a4r41l.jpg)
Title: Re: opendns incoming connection blocked
Post by: scrub on June 16, 2011, 06:31:45 PM
(http://i54.tinypic.com/2r3idfq.jpg)
Title: Re: opendns incoming connection blocked
Post by: scythe944 on June 16, 2011, 06:49:33 PM
Don't know where it is, as I don't use AIS but someone will surely be around to help you.  It might be in the settings menu. Just poke around, the new GUI is pretty easy to navigate.

Otherwise, I'll google "Avast add firewall exception" and probably be able to find the answer for you.
Title: Re: opendns incoming connection blocked
Post by: scythe944 on June 16, 2011, 06:50:26 PM
Yep, first hit: http://support.avast.com/index.php?languageid=1&group=eng&_m=knowledgebase&_a=viewarticle&kbarticleid=482
Title: Re: opendns incoming connection blocked
Post by: DavidR on June 16, 2011, 07:05:12 PM
I'm not sure that will work as there isn't a process as such for OpenDNS just the changes to the browser DNS server.

Just had a look at the avast Help Center, Firewall, Expert settings, Friends and that appears to mention the magic word networks, so I don't know if that would allow you to enter the network IP address (the ones required for OpenDNS) in the Friends Internet In and Out.
Title: Re: opendns incoming connection blocked
Post by: scythe944 on June 16, 2011, 07:35:49 PM
I'm not sure that will work as there isn't a process as such for OpenDNS just the changes to the browser DNS server.

Huh?  What do you mean by that? The "just the changes to the browser DNS server" part.

I don't see why he couldn't add an entry to the two static IP's of OpenDNS.  It's not just for the internet browser, I think the OP has the DNS entries hardcoded on his network adapter > TCP/IP properties.

Maybe I'm missing something here?
Title: Re: opendns incoming connection blocked
Post by: DavidR on June 16, 2011, 08:14:47 PM
The reason for my comment was that the Knowledge base article sub-heading on;t mention 'application' this and 'application' that, I didn't scroll right down to where it mentions what I came up with the Friends Network, etc. where you can enter the IPs. There didn't seem to be any sub-heading for that at the top of the page.

I can't recall the procedure for using OpenDNS, I can't use it with BT Home Hub, but it is changing the DNS settings that are used as there is no OpenDNS application running (unless you use the Dashboard feature, which required IP discovery on your IP). Hence my confusion about how can you enter an application for OpenDNS.
Title: Re: opendns incoming connection blocked
Post by: scythe944 on June 16, 2011, 08:24:06 PM
Alright, that makes sense.  Thanks for the clarification.

Hopefully he can enter the IP's and that will solve the problem.
Title: Re: opendns incoming connection blocked
Post by: scrub on June 17, 2011, 04:42:09 AM
if i'll include the opendns ips in my 'friends', what range of digits should i input?
Title: Re: opendns incoming connection blocked
Post by: scythe944 on June 17, 2011, 07:05:28 AM
I'd say just the two IP addresses that are listed on the OpenDNS home page (just look on the bottom of their site).

If you add them to the "trusted" networks, it shouldn't block any communications from them.

Again, I don't have the AIS product, so I might be wrong, but if I was in your situation I would do just that to see what happens.

Good luck, and I hope that works for you.  I can't believe that more people aren't having the problem though, a lot of avast users on the forum use OpenDNS for their DNS queries, so I'd assume there would be more discussions about this.
Title: Re: opendns incoming connection blocked
Post by: scrub on June 17, 2011, 11:42:13 AM
calling all the evangelists!!!!!! help me.  :( :( :(
Title: Re: opendns incoming connection blocked
Post by: DavidR on June 17, 2011, 02:24:42 PM
There are only two IP addresses no range, so enter those as scythe994 suggests.

A google search for OpenDNS IP addresses found this in seconds http://www.google.co.uk/search?q=OpenDNS+IP+addresses (http://www.google.co.uk/search?q=OpenDNS+IP+addresses) and this is in the first hit, 208.67.220.220 and 208.67.222.222 displayed in the retrieved search info you didn't even have to visit the web page.
Title: Re: opendns incoming connection blocked
Post by: scrub on June 17, 2011, 04:12:10 PM
There are only two IP addresses no range, so enter those as scythe994 suggests.

A google search for OpenDNS IP addresses found this in seconds http://www.google.co.uk/search?q=OpenDNS+IP+addresses (http://www.google.co.uk/search?q=OpenDNS+IP+addresses) and this is in the first hit, 208.67.220.220 and 208.67.222.222 displayed in the retrieved search info you didn't even have to visit the web page.

i already swithced to Outpost Pro 7.5 and I am loving it so far. better than OA, CFW and AIS firewall in my opinion. Thanks anyway.  ;D ;D ;D
Title: Re: opendns incoming connection blocked
Post by: DavidR on June 17, 2011, 04:33:34 PM
I have been using Outpost Firewall Pro in different versions for many years and I like it for its configurability and flexibility. It also depends on the Firewall Policy chosen I use the Rules Wizard setting.

But the Outpost firewall really can't be directly compared with the AIS firewall as that seeks to be less noisy for the user not constantly popping up decision dialogues.
Title: Re: opendns incoming connection blocked
Post by: scrub on June 17, 2011, 06:22:10 PM
I have been using Outpost Firewall Pro in different versions for many years and I like it for its configurability and flexibility. It also depends on the Firewall Policy chosen I use the Rules Wizard setting.

But the Outpost firewall really can't be directly compared with the AIS firewall as that seeks to be less noisy for the user not constantly popping up decision dialogues.

yup i know, but I am not that confident with AIS firewall. less popups compared to CFW.

by the way, i read somewhere that it is recommended to swith from rules wizard to block most after a week? your advise?
Title: Re: opendns incoming connection blocked
Post by: DavidR on June 17, 2011, 07:36:17 PM
I can't see the reason for that, I have had it on rules wizard right from the very start, I feel that is more likely to generate permissions pop-ups than block most or allow most. I like to know what is going on within my system.

I don't believe this is like a learning mode which would be fine for a week or so to get an idea of what you are running on your system.

Quote
Running in Auto-Learn Mode
To reduce the number of Rules Wizard prompts during the initial stage of Outpost Firewall Pro operation, you can set it to memorize (auto-learn) typical activities performed by a system by enabling the Auto-Learn mode.

In this mode, Outpost Firewall Pro assumes all new activity of applications rated as trusted and normal is legitimate and consequently allows network access and process interaction to such programs. As such programs access the Internet and interact with other software for the first time, Outpost Firewall Pro memorizes their identities and creates allowing rules for all the requested connections. The created rules will remain in effect after the auto-learn period expires and the computer is switched back to normal monitoring mode. If the rule exists for the requested connection, the connection is managed according to these created rules, so your programs will continue to be able to access the Internet without triggering a "new connection" prompt.

To enable the Auto-Learn mode, right-click the Outpost Firewall Pro system tray icon and select Enter Auto-Learn Mode. Specify the period of time you want Outpost Firewall Pro to be trained and click OK.

After the specified period, the software automatically enables rules autocreation and updates so the network traffic is processed according to rules created during the auto-learn period and any rules based on the factory presets.

To switch back to normal mode before the specified period is over, right-click the Outpost Firewall Pro system tray icon and select Leave Auto-Learn Mode.
Title: Re: opendns incoming connection blocked
Post by: scrub on June 17, 2011, 07:48:15 PM
I can't see the reason for that, I have had it on rules wizard right from the very start, I feel that is more likely to generate permissions pop-ups than block most or allow most. I like to know what is going on within my system.

I don't believe this is like a learning mode which would be fine for a week or so to get an idea of what you are running on your system.

Quote
Running in Auto-Learn Mode
To reduce the number of Rules Wizard prompts during the initial stage of Outpost Firewall Pro operation, you can set it to memorize (auto-learn) typical activities performed by a system by enabling the Auto-Learn mode.

In this mode, Outpost Firewall Pro assumes all new activity of applications rated as trusted and normal is legitimate and consequently allows network access and process interaction to such programs. As such programs access the Internet and interact with other software for the first time, Outpost Firewall Pro memorizes their identities and creates allowing rules for all the requested connections. The created rules will remain in effect after the auto-learn period expires and the computer is switched back to normal monitoring mode. If the rule exists for the requested connection, the connection is managed according to these created rules, so your programs will continue to be able to access the Internet without triggering a "new connection" prompt.

To enable the Auto-Learn mode, right-click the Outpost Firewall Pro system tray icon and select Enter Auto-Learn Mode. Specify the period of time you want Outpost Firewall Pro to be trained and click OK.

After the specified period, the software automatically enables rules autocreation and updates so the network traffic is processed according to rules created during the auto-learn period and any rules based on the factory presets.

To switch back to normal mode before the specified period is over, right-click the Outpost Firewall Pro system tray icon and select Leave Auto-Learn Mode.

thank you sir. i'll be looking for you if i have questions. would that be okay? lol
Title: Re: opendns incoming connection blocked
Post by: DavidR on June 17, 2011, 07:59:18 PM
I'll be hiding ;D
Title: Re: opendns incoming connection blocked
Post by: scrub on June 18, 2011, 03:09:26 PM
I'll be hiding ;D

i'll hunt you down! lol xoxo
Title: Re: opendns incoming connection blocked
Post by: miscreant on June 18, 2011, 04:57:31 PM
I think that you will find AIS safezone and sandbox wont work correctly with outpost,unless you make system wide rules in outpost,which possibly might be compromising.Ive contacted agnitum via ticket and am awaiting a reply.