Author Topic: Web Shield - Stream scanning multiple ports  (Read 2348 times)

0 Members and 1 Guest are viewing this topic.

Offline kvikings

  • Newbie
  • *
  • Posts: 1
  • theViking!
Web Shield - Stream scanning multiple ports
« on: September 21, 2005, 06:44:40 PM »
I've got avast!Prof.

Info:Regarding the Web Shield and Resident task settings Basic
(Enable Web scann. and "Use intelligent stream scann".)
- I've got sev. ports, gen. web-browsing(80), Apache:90 and Proxypass to Tomcat(8080),
Bull.FTP-Serv.(21) - everthing unfort. running on the same machine(up 4Mbit/down 8 Mbit).
Q1: Are scanning by priority or are streams haltet(waiting) to ensure that "unwanted" traffic
are not going through the ports on high volumne traffic?
Q2: Should a have a specific sort order for the ports: "21,1024,90,80"?
Q3: Should I ignore Apache Proxypass addresses in addition to locahost if I move
the webserver(to a new machine(and soon hopefully))?

By the way - you've got a great product    :)

thnx.
-- theViking -

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67255
Re: Web Shield - Stream scanning multiple ports
« Reply #1 on: September 21, 2005, 07:46:44 PM »
Q1: Are scanning by priority or are streams haltet (waiting) to ensure that "unwanted" traffic are not going through the ports on high volumne traffic?
All HTTP traffic is scanned. Not other protocols (traffic) are scanned by WebShield.

Q2: Should a have a specific sort order for the ports: "21,1024,90,80"?
No. Any order will work (as far I know).

Q3: Should I ignore Apache Proxypass addresses in addition to locahost if I move the webserver(to a new machine(and soon hopefully))?
If you ignore any address it won't be scanned. So it's up to you, if you are confident in the cleaning of that address...

Welcome to avast! forums.
The best things in life are free.

Offline lukor

  • Avast team
  • Super Poster
  • *
  • Posts: 1881
    • AVAST Software
Re: Web Shield - Stream scanning multiple ports
« Reply #2 on: September 25, 2005, 12:30:32 AM »
Kvikings,

as Tech already noted, only HTTP is scanned (understood by webshield). So scanning the port 21 (FTP) is definitely a very bad idea!

To the rest, well, if you want to be protected from viruses coming from your Apache server which is running on port 90 and serving HTTP there, then you might include that port in the scanned (redirected) port list. Everytime when you'll try to connect to the port 90, the traffic will be intercepted by WebShield.