Author Topic: avast! & Outpost Firewall  (Read 11061 times)

0 Members and 1 Guest are viewing this topic.

Offline Sido

  • Newbie
  • *
  • Posts: 5
avast! & Outpost Firewall
« on: February 25, 2005, 03:07:44 PM »
Hi all, sorry for raising this ugly beast again but I'm still having troubles. I have searched the forums and I think I have got information overload on this topic  ???

My software versions:

avast 4.6.603
Outpost 2.5.375.4822 (374)

Can someone confirm if the following Outpost rule is correct and do I need any others?

Partially Allowed Programs:

ASHWEBSV.EXE - TCP, Outbound, Remote Port 80 (HTTP), Allow.

The problem I have is that every program that accesses the net then needs a rule like:

Internet Explorer - TCP, Outbound, Remote Host: localhost (127.0.0.1), Remote Port: 12080, Allow.

Firstly, are these rule sets correct for Oupost and secondly, is this the "normal" behaviour (ie. in relation to creating a localhost allow rule for each program that accesses the net)?

Thanks heaps in advance ...... I'm down to my last couple of strands of hair  :'(

Cheers,
Sido.

Offline lukor

  • Avast team
  • Super Poster
  • *
  • Posts: 1885
    • AVAST Software
Re: avast! & Outpost Firewall
« Reply #1 on: February 25, 2005, 03:12:07 PM »
Yes, it seems correct - if it works for you. Additionally you may also need the rule for ashWebSv.exe: TCP, Inbound, local port: 12080, but I am not sure right now if outpost requires this kind of rules or if it controlls localhost listen by some other (global) option.

Offline BanziBaby

  • Full Member
  • ***
  • Posts: 138
  • Zeppelin Fanatic
Re: avast! & Outpost Firewall
« Reply #2 on: February 25, 2005, 03:13:59 PM »
Hi :)

I use Outpost Pro 2.5 as well & that rule U have is the same as one i have for it, the reason U are being asked for localhost access is because the webscanner kinda acts like a proxy, so U will get TCP, Outbound, Remote Host: localhost (127.0.0.1), Remote Port: 12080, Allow. popups for most of Ur net apps, it perfectly ok to allow this, if U dont then they wont be able to connect.

U must have the global Allow loopback rule unchecked if U are gettin these prompts.

Hope it helps :)

BaNzI

Offline Sido

  • Newbie
  • *
  • Posts: 5
Re: avast! & Outpost Firewall
« Reply #3 on: February 25, 2005, 04:11:53 PM »
Thanks heaps BaNzI & lukor, greatly appreciated!! I may not go bald after all  ;D

BaNzI, I have the global Allow loopback rule checked, that ok?

Would it be possible to set a global rule (as follows) instead of a localhost rule for each app. that accesses the net, or would that be opening a can of worms?

Custom Global Loopback Rule

TCP
Outbound and Packet Type: Local
Remote Host: localhost (127.0.0.1)
Remote Port: 12080
Allow

Thanks again.  ;)

Sido.

Offline BanziBaby

  • Full Member
  • ***
  • Posts: 138
  • Zeppelin Fanatic
Re: avast! & Outpost Firewall
« Reply #4 on: February 25, 2005, 06:28:10 PM »
Hi Sido :)

Strange, if U have the global Allow Loopback rule checked then u shouldnt be prompted for the localhost rules if memory serves me right, unticking the Allow Loopback is recommended at the outpost forum by the guru's there (never really been sure why) & thats the setup i have.

It can be annoying allowing or creating rules for these localhost connections, but luckily Avast makers limited it to the one port, so when a prompt to allow appears on mine, i just leave everything in the custom rule & only tick Allow & call the rule Appsname Avast.

It sure is a great firewall, but i still find it a bit buggy sometimes (ie the constant freezing of firefox due to a my address (127.0.0.1) attack, this can be stopped by unticking My address attacks in the attack detection'splugin (advanced tab\Edit list at top of advanced tab)

As for Ur custom rule, it might be better to post about it here along with any outpost probs U have :)

http://www.outpostfirewall.com/forum/

BaNzI ;D

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 85616
  • No support PMs thanks
Re: avast! & Outpost Firewall
« Reply #5 on: February 25, 2005, 08:14:12 PM »
Quote
Partially Allowed Programs:

ASHWEBSV.EXE - TCP, Outbound, Remote Port 80 (HTTP), Allow.
@ Sido
All I did was to add ashWebSv.exe to the Trusted Applications list (no rules applied) and no prompts for other programs.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 21.8.2487 (build 21.8.6586.691) UI 1.0.666/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline Sido

  • Newbie
  • *
  • Posts: 5
Re: avast! & Outpost Firewall
« Reply #6 on: February 26, 2005, 02:58:31 AM »
BaNzI

Strange, if U have the global Allow Loopback rule checked then u shouldnt be prompted for the localhost rules if memory serves me right, unticking the Allow Loopback is recommended at the outpost forum by the guru's there (never really been sure why) & thats the setup i have.

Yeah, that is one of the things that is confusing the heck out of me. Everything I am reading says exactly that, but in my case I have it checked/switched on cause it causes problems if it isn't.

As for Ur custom rule, it might be better to post about it here along with any outpost probs U have :)

Thanks for that, I am going to head over there now and see if I can get some help. ::)

DavidR

All I did was to add ashWebSv.exe to the Trusted Applications list (no rules applied) and no prompts for other programs.

Thanks DavidR. Is that a safe ruleset to apply? I thought that it may effectively allow any program to access the web without you knowing (ie. trojans, etc.). I also remember reading that it should be a Partially Allowed rule in the Outpost forums (somewhere  ???). Back to the Outpost forums for me.

Thanks again guys.

Cheers,
Sido.

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 85616
  • No support PMs thanks
Re: avast! & Outpost Firewall
« Reply #7 on: February 26, 2005, 02:27:49 PM »
It might not be the safest (outpost should still recognise a different program, using the web shield localhost loopback), but first get it working, and then you can tweak it if required. If you have it as partially allowed, you will obviously get more queries from Outpost, you might try the grc.com leak test and see if it gets through. I tried a while ago and it didn't get through, so it was being checked by outpost. The problem is I can't remember if I was using the beta version of ashwebsv.exe.

I haven't seen anything on the outpost forum recently, if you have a link I would be interested to see what it is about and if this would relate to web shield.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 21.8.2487 (build 21.8.6586.691) UI 1.0.666/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline Sido

  • Newbie
  • *
  • Posts: 5
Re: avast! & Outpost Firewall
« Reply #8 on: February 26, 2005, 04:36:01 PM »
I haven't seen anything on the outpost forum recently, if you have a link I would be interested to see what it is about and if this would relate to web shield.

Sorry DavidR, upon checking the Outpost Forums it was in relation to avast! beta:

http://outpostfirewall.com/forum/showthread.php?t=12937 (see post #6 - minoka)

But I guess it still has some merit for the final release.

My Outpost rules seem to work:

avast! Web Scanner
(TCP, Outbound, Remote Port: 80, Allow)

All Other Porgrams that Access Net (ie. localhost rule)
(TCP, Outbound, Remote Host: 127.0.0.1, Remote Port: 12080, Allow)

Global System Rule
(TCP, Inbound, Remote Host: 127.0.0.1, Allow)

However, I am not sure how secure they are. I am also wondering if the following rule could be applied without "opening" my system up too much  ???

Global System Rule
(TCP, Outbound, Remote Host: 127.0.0.1, Remote Port: 12080, Allow)

I'll try the Outpost Forums as well. Thanks again for your help, greatly appreciated.

Offline Vlk

  • Avast CEO
  • Serious Graphoman
  • *
  • Posts: 11664
  • Please don't send me IM's. Email only. Thx.
    • ALWIL Software
Re: avast! & Outpost Firewall
« Reply #9 on: February 26, 2005, 05:01:20 PM »
Why would you create a global

(TCP, Outbound, Remote Host: 127.0.0.1, Remote Port: 12080, Allow)

rule? You should simply allow to connect to 127.0.0.1:12080 only to those apps that you'd normally allow to connect to the Internet on port 80.
If at first you don't succeed, then skydiving's not for you.

Offline Sido

  • Newbie
  • *
  • Posts: 5
Re: avast! & Outpost Firewall
« Reply #10 on: February 26, 2005, 05:05:27 PM »
True true. Thanks for that Vlk ..... I think I have it under control finally  :o

Thanks all.

Sido.

Offline horbar

  • Jr. Member
  • **
  • Posts: 89
  • I'm a llama!
Re: avast! & Outpost Firewall
« Reply #11 on: February 27, 2005, 12:31:55 PM »
......is it correct : " the only System-Rule has to be
       the Global System Rule
 >(TCP, Inbound, Remote Host: 127.0.0.1, Allow) < ::)
and All Other Porgrams that Access Net (ie.FireFox ect.)
(TCP, Outbound, Remote Host: 127.0.0.1, Remote Port: 12080, Allow) ?
regards   horbar
« Last Edit: February 27, 2005, 12:37:37 PM by horbar »
Windows-XP.pro-SP3, Avast-Home, OP-7,5, FireFox