Author Topic: Web Shield Default Port Question (Read 4517 times)

JT. · « **on:** June 21, 2005, 01:11:10 PM »

Hi

I'm fairly new to Avast (so far by the way I think it's great) so I'm still finding my way around it but I notice that the only default port in web shield is 80 and given that 443 is so widely used I was just wondering (before I add it) if there might be a good reason for it's omission ........ ie. is it likely to cause problems somehow?
Sorry if this is a dumb question.

Cheers

JT.

Vlk · « **Reply #1 on:** June 21, 2005, 01:32:49 PM »

443 is used only for connections to a proxy server. Do you use a proxy server? If so, on which machine (your local machine or a remote machine?)

JT. · « **Reply #2 on:** June 21, 2005, 01:53:34 PM »

I'm not very techy so bear with me please but as far as I am aware, I do not use a proxy server. However, I often see in my firewall logs entries for my browser to https (443). These are frequently associated with things financial (secure server) or another good example would be installing Firefox Extensions.

JT.

Vlk · « **Reply #3 on:** June 21, 2005, 03:33:50 PM »

Oops, sorry, 443, you're right, that's HTTPS.

The WebShield module cannot filter HTTPS traffic - simply because HTTPS was designed to prevent similar mechanisms (called man-in-the-middle, i.e. someone "listening" en route)

Thanks
Vlk

JT. · « **Reply #4 on:** June 21, 2005, 04:19:22 PM »

Thanks Vlk

just to make sure I understand correctly, if you include port 443 in Web Shield, it acts as a proxy in that, for example it 'goes and gets' the information but just doesn't filter it. Is that right?

JT.

Vlk · « **Reply #5 on:** June 21, 2005, 04:30:43 PM »

Adding port 443 to the list of WebShield's ports won't work. Simply because the communication on port 443 is not based on the HTTP protocol (but HTTPS, which has a similar name but is a very different protocol).

HTH
Vlk

JT. · « **Reply #6 on:** June 21, 2005, 05:04:25 PM »

Thanks for trying to explain this to me Vlk but something just doesn't add up!
If I set my firewall to log everything, then restrict Firefox to port 80, then add port 443 to Web Shield, I am able to go to the Firefox Extensions pages perfectly ok. If I then look in my Firewall logs, the entries list Web Shield going to remote port 443.
I am confused!

JT.

Vlk · « **Reply #7 on:** June 21, 2005, 05:19:42 PM »

This is because WebShield contains some advanced hacks to detect HTTPS communication and switches itself to "passthru" mode (i.e. passive relay). It was implemented just to prevent problems when users try to tweak the settings and accidentally sort of over-tweak it...

In any case, adding 443 to the list of monitored ports will NOT add any extra security (and HTTPS traffic will not be scanned for viruses, as can be verified e.g. on the EICAR virus-test file page http://www.eicar.org/anti_virus_test_file.htm )

Hope this explains it,
Vlk

JT. · « **Reply #8 on:** June 21, 2005, 06:00:57 PM »

Thanks for your time and explanation Vlk ..... much appreciated.

JT.

Lisandro · « **Reply #9 on:** June 21, 2005, 07:25:10 PM »

Quote from: Vlk on June 21, 2005, 05:19:42 PM

It was implemented just to prevent problems when users try to tweak the settings and accidentally sort of over-tweak it...

Vlk, what is the performance/reliability of the RejZor's tweaks into WebShield? Do they work and increase security?

Author Topic: Web Shield Default Port Question (Read 4517 times)

JT.

Web Shield Default Port Question

Vlk

Re: Web Shield Default Port Question

JT.

Re: Web Shield Default Port Question

Vlk

Re: Web Shield Default Port Question

JT.

Re: Web Shield Default Port Question

Vlk

Re: Web Shield Default Port Question

JT.

Re: Web Shield Default Port Question

Vlk

Re: Web Shield Default Port Question

JT.

Re: Web Shield Default Port Question

Lisandro

Re: Web Shield Default Port Question