Author Topic: Sygate and webshield...  (Read 35678 times)

0 Members and 1 Guest are viewing this topic.

Offline DukeNukem

  • Sr. Member
  • ****
  • Posts: 335
Sygate and webshield...
« on: March 17, 2005, 11:06:39 PM »
Hello.

Am I right in saying that with sygate + webshield, If I set IE or FF to ask, sygate wont ask me to allow them to access the internet?

Or if i block IE and FF they can still access the internet?



Offline Vlk

  • Avast CEO
  • Serious Graphoman
  • *
  • Posts: 11664
  • Please don't send me IM's. Email only. Thx.
    • ALWIL Software
Re: Sygate and webshield...
« Reply #1 on: March 17, 2005, 11:15:29 PM »
Yes that is correct.

For 4.6.603, this was the case not only for say IE or FF but also for VeryUglyTrojanSendingOutTheContentsOfYourHarddriveViaHttp. This has changed in 4.6.623 though...

The reason is tha Sygate works on NDIS level and therefore doesn't see any communication that doesn't actually hit the wire (i.e. is localhost only).
If at first you don't succeed, then skydiving's not for you.

Offline DukeNukem

  • Sr. Member
  • ****
  • Posts: 335
Re: Sygate and webshield...
« Reply #2 on: March 17, 2005, 11:52:33 PM »
I have been using sygate since the beta version of the webshield and sygate has always asked my if I want to allow FF or IE to access the internet when set to ask.

And when I set them to block, they are blocked,.

However I did a reinstall of windows xp today, put sygate back and noticed that IE and FF were able to access the internet without sygate asking me. Furthermore when I blocked them both they could still access the internet.

Anyway I think I know why.

Before my reinstall I have always had this option unticked,

Enable smart DNS

It is located @ Tools > options > security > Enable Smart DNS.

I also have smart dhcp unticked but I find its the dns one thats causing the problem.

With smart DNS unticked sygate will always ask me to allow FF or IE to access the internet when I set to to ask :)
And when i block them they do not work .

Is this a cure for the local proxy issue with sygate and webshield?

« Last Edit: March 18, 2005, 12:03:00 AM by DukeNukem »

Offline Jarmo P

  • Sr. Member
  • ****
  • Posts: 365
    • My Sygate firewall webpage guide
Re: Sygate and webshield...
« Reply #3 on: March 17, 2005, 11:57:21 PM »
As Vlk told you, Sygate wont ask you for browser access. And there is nothing you can do about it. But is that such a big problem?
It is Sygate issue and Avast's webshield don't pass trojans and like without asking, so it should be ok.
XP Home, Antivir PE Classic,  kerio 2.1.5 or Sygate 5.5.2710, SSM 2.0.8.583 free, SpywareBlaster, CCleaner, Firefox through webshield and running NoScript extension or in Sandboxie
http://www.kotiposti.net/string/SPF_eng/SPFGuide.html

Offline DukeNukem

  • Sr. Member
  • ****
  • Posts: 335
Re: Sygate and webshield...
« Reply #4 on: March 18, 2005, 12:00:20 AM »
As Vlk told you, Sygate wont ask you for browser access. And there is nothing you can do about it. But is that such a big problem?
It is Sygate issue and Avast's webshield don't pass trojans and like without asking, so it should be ok.

Please read my post above yours

Offline Jarmo P

  • Sr. Member
  • ****
  • Posts: 365
    • My Sygate firewall webpage guide
Re: Sygate and webshield...
« Reply #5 on: March 18, 2005, 12:05:04 AM »
Sygate will ask you for other applications!!!

Really wonder how you got asked for browsers before?
Maybe your webShield was not turned on then.
XP Home, Antivir PE Classic,  kerio 2.1.5 or Sygate 5.5.2710, SSM 2.0.8.583 free, SpywareBlaster, CCleaner, Firefox through webshield and running NoScript extension or in Sandboxie
http://www.kotiposti.net/string/SPF_eng/SPFGuide.html

Offline DukeNukem

  • Sr. Member
  • ****
  • Posts: 335
Re: Sygate and webshield...
« Reply #6 on: March 18, 2005, 12:06:42 AM »
Jarmo.p

I am not an idiot.

I suggest you try it yourself.

Offline Jarmo P

  • Sr. Member
  • ****
  • Posts: 365
    • My Sygate firewall webpage guide
Re: Sygate and webshield...
« Reply #7 on: March 18, 2005, 12:11:23 AM »
Sorry if I sounded rude. I cannot do that cause I don't have pro version of the firewall. Just I have never heard that Sygate proxy could be fixed with that smart dns or any other setting. I might be wrong and you are right.
XP Home, Antivir PE Classic,  kerio 2.1.5 or Sygate 5.5.2710, SSM 2.0.8.583 free, SpywareBlaster, CCleaner, Firefox through webshield and running NoScript extension or in Sandboxie
http://www.kotiposti.net/string/SPF_eng/SPFGuide.html

Offline DukeNukem

  • Sr. Member
  • ****
  • Posts: 335
Re: Sygate and webshield...
« Reply #8 on: March 18, 2005, 12:17:29 AM »
I should have said that I am using the Pro version.

If there is anyone with the pro version, can you please give my solution a try?



Offline AirCeej

  • Jr. Member
  • **
  • Posts: 26
Re: Sygate and webshield...
« Reply #9 on: March 18, 2005, 12:17:45 AM »
DukeNukem,

You're not alone with this problem, check out my posts here: http://forum.avast.com/index.php?topic=11662.0...


Regards,
=AirCeej=



Offline DukeNukem

  • Sr. Member
  • ****
  • Posts: 335
Re: Sygate and webshield...
« Reply #10 on: March 18, 2005, 12:34:22 AM »
AirCeej, i do not have any problems :)

I do however have a possible fix for sygate 5.5 Pro and webshield problem whereby internet explorer and FireFox can access the internet even if they are blocked or if set to ask sygate does not ask you to allow them access.




Offline stevejrc

  • Full Member
  • ***
  • Posts: 187
Re: Sygate and webshield...
« Reply #11 on: March 18, 2005, 12:43:08 AM »
in the free sygate version, smart dns and dhcp are enabled by default and cant be disabled (in free version only). so it seems its normal to keep them enabled.

Ive re-installed sygate free and all works fine with latest avast. It didnt with previous avast, so I was using zonealarm..

NB I dont have proxy server checked in IE connections. Webshield redirected port is the default    80.
« Last Edit: March 18, 2005, 01:00:38 AM by stevejrc »
Steve

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67255
Re: Sygate and webshield...
« Reply #12 on: March 18, 2005, 03:19:25 AM »
I cannot do that cause I don't have pro version of the firewall. Just I have never heard that Sygate proxy could be fixed with that smart dns or any other setting. I might be wrong and you are right.

Jarmo, I don't have the Pro version too.
The Smart DNS cannot be unchecked in the free version (as all other users posted here).
But I do have a local proxy and, sorry Vlk, but this is still present in the 4.6.623 version and the OptIn=0 (avast4.ini file setting).

As Vlk told you, Sygate wont ask you for browser access. And there is nothing you can do about it. But is that such a big problem?
It is Sygate issue and Avast's webshield don't pass trojans and like without asking, so it should be ok.

For it's not good to have allowed all outbound HTTP traffic through the proxy without asking for permition  :( :'(
Privacy and security issues or, like Vlk joked (maybe because it's not his computer  ;D): VeryUglyTrojanSendingOutTheContentsOfYourHarddriveViaHttp will be allowed to connect.
The best things in life are free.

Offline AirCeej

  • Jr. Member
  • **
  • Posts: 26
Re: Sygate and webshield...
« Reply #13 on: March 18, 2005, 04:06:35 AM »
Stevejrc,

Unless something’s been changed in the latest version of Sygate Free PF (I’m using 5.5 build 2710 – as there are allegedly too many bugs with 5.6), then the problem with 80 as the Web Shield’s redirected port is: programs are no longer checked by Sygate PFF before gaining access to the ‘net – which means (at least in my version) you now have a mostly one-way firewall (see the various entries here: http://forum.avast.com/index.php?topic=11925.0).  You can test this by configuring programs to ask for rights before gaining access to the ‘net.  With 80 as the redirected port, they should get through unscathed; however if you blank the redirected port in the WS, then Sygate should ask you for permission before the program gets out. 

The solution in the above thread to blank port 80 in the Web Shield solved the Sygate permission problem, although routing Firefox through the Web Shield brought about different problems discussed here: http://forum.avast.com/index.php?topic=11662.0.  So for now the trade-offs with the current solution are:
·   Programs are checked by Sygate PFF before accessing the Internet
·   Firefox (in my case) with “Direct connection to the internet” checked - doesn’t get the advantages of the Web Shield, yet it doesn’t suffer from the current anomalies either.


=AirCeej=

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67255
Re: Sygate and webshield...
« Reply #14 on: March 18, 2005, 04:14:16 AM »
The solution in the above thread to blank port 80 in the Web Shield solved the Sygate permission problem

No, it does not solve. It just 'disable' WebShield. When you enable it again (writting port 80), the firewall does not use that 'allow rule' but connect anyway through WebShield (and not through the browser itself). I did the test right now...
The best things in life are free.