Author Topic: Network Shield (also lightweight firewall)  (Read 12824 times)

0 Members and 1 Guest are viewing this topic.

Offline Mike098

  • Jr. Member
  • **
  • Posts: 25
Network Shield (also lightweight firewall)
« on: September 03, 2008, 09:11:46 PM »
Why is there a Network Shield with avast! 4.8 Home Edition when installed on Windows NT,2K,XP,Vista? Because without the Network Shield I can install a more complete third party Firewall and have for 100% sure no conflicts with this Network Shield of avast!. I am afraid that when I install a third party Firewall next to avast! 4.8 Home Edition on my Windows XP I get conflicts. Is there a way of deactivate the Network Shield of avast! 4.8 Home Edition? Or can I expect a more complete Firewall build in the future avast! Home Edition?
Thanks in advance, Mike098.

Offline Mike098

  • Jr. Member
  • **
  • Posts: 25
Re: Network Shield (also lightweight firewall)
« Reply #1 on: September 03, 2008, 09:28:54 PM »
I did read that two firewalls, in this case the Network Shield (also lightweight firewall) of avast! 4.8 Home Edition on Windows NT,2K,XP,Vista and a third party Firewall give conflicts.

Offline sanctuaryforever

  • Sr. Member
  • ****
  • Posts: 252
Re: Network Shield (also lightweight firewall)
« Reply #2 on: September 03, 2008, 09:51:50 PM »
I have both a firewall and network shield running no problem for nearly a year now on Windows XP.  The network shield is only lightweight (only deals with specific infections etc) and shouldn't conflict with your own firewall
« Last Edit: September 03, 2008, 09:53:26 PM by sanctuaryforever »
Celeron 1.30Ghz, 1Gb ram, Windows XP SP3 32-bit

running Avast 6.0.1289

Offline wyrmrider

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1298
Re: Network Shield (also lightweight firewall)
« Reply #3 on: September 03, 2008, 10:36:29 PM »
Network shield is not a firewall

Offline Bluesman

  • Avast Evangelist
  • Advanced Poster
  • ***
  • Posts: 901
  • Amiga Power!
Re: Network Shield (also lightweight firewall)
« Reply #4 on: September 03, 2008, 10:40:44 PM »
I have both a firewall and network shield running no problem for nearly a year now on Windows XP.

Same setup here...I have no problem at all, everything is working just fine!
"The blues are the roots, everything else is the fruits" -Willie Dixon

Online DavidR

  • Avast √úberevangelist
  • Certainly Bot
  • *****
  • Posts: 84922
  • No support PMs thanks
Re: Network Shield (also lightweight firewall)
« Reply #5 on: September 03, 2008, 11:21:10 PM »
The network shield as has been said isn't a firewall, but monitors known ports used for exploits. It should have no impact on your firewall.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 21.3.2459 (build 21.3.6164.561) UI 1.0.609/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline Sueisfine

  • Newbie
  • *
  • Posts: 10
Re: Network Shield (also lightweight firewall)
« Reply #6 on: May 20, 2009, 01:09:26 PM »
The network shield as has been said isn't a firewall, but monitors known ports used for exploits. It should have no impact on your firewall.

I'm very sorry for the necromantic stunt here but reading this thread made me wonder about one thing:  what's the difference between the Network Shield and the Web Shield?

I mean, by the quote above, Network Shield monitors traffic going through certain ports and so I suppose HTTP ports are included in this bunch.  Since the job of the Web Shield is to filter all the HTTP traffic, does it means both Network Shield and Web Shield are doing the same thing when it comes to HTTP traffic? Is HTTP traffic being double-filtered all the time? ???

Alas, can you please clarify what are the specific jobs of the Network Shield and the Web Shield?

Thanks very very much in advance!

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67255
Re: Network Shield (also lightweight firewall)
« Reply #7 on: May 20, 2009, 02:06:19 PM »
Network Shield filters traffic coming from all applications (not only browsers), and on all ports. For performance reasons, though, it tries a bit harder in case of the well-known HTTP ports.

Network Shield works on both DNS and HTTP level, i.e., blocks domains on DNS level, but in no way it's limited to whole domains only. The plan is to actually only block malicious URLs unless they're 100% certain there's no useful stuff hosted on the domain (in which case they will block it altogether). It can also block by IP's.

Also, Network Shield is a protection against known Internet worms/attacks. It analyses all network traffic and scans it for malicious contents. It can be also taken as a lightweight firewall (or more precisely, an IDS (Intrusion Detection System).
Network Shield protects you from internet worms that spread themselves via various security holes in your system. Typicaly these kind of viruses don't infect files but instead  they attack running processes on your PC (either Windows components or some server programs like SQL Server, IIS etc.). These kind of attacks are not easily catched by ordinary antivirus during file or mail scanning. It is not a duplicate work with Standard Shield.
Basically, it covers all Internet worms. Such as Win32.CodeRed, Win32.SQLSlammer, Win32.Blaster, in32.Welchia (Nachi) and Win32.Sasser.

WebShield scans only http traffic on redirected ports (generally, 80 only). It stops the connection to malware even before the file is saved to the computer.
The best things in life are free.

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67255
Re: Network Shield (also lightweight firewall)
« Reply #8 on: May 20, 2009, 02:20:04 PM »
Check also other limits of WebShield (compared to Script Blocker).
http://forum.avast.com/index.php?topic=45438.msg380636#msg380636
The best things in life are free.

Offline Sueisfine

  • Newbie
  • *
  • Posts: 10
Re: Network Shield (also lightweight firewall)
« Reply #9 on: May 20, 2009, 04:41:50 PM »
Network Shield filters traffic coming from all applications (not only browsers), and on all ports. For performance reasons, though, it tries a bit harder in case of the well-known HTTP ports.

WebShield scans only http traffic on redirected ports (generally, 80 only). It stops the connection to malware even before the file is saved to the computer.

So based on the above quotes, the HTTP traffic gets indeed scanned by both Network Shield and Web Shield, right?

Offline RejZoR

  • Polymorphic Sheep
  • Serious Graphoman
  • *****
  • Posts: 9364
  • We are supersheep, resistance is futile!
    • RejZoR's Flock of Sheep
Re: Network Shield (also lightweight firewall)
« Reply #10 on: May 20, 2009, 05:04:59 PM »
Actually Network Shield isn't bound to any port specifically. It simly checks traffic on all ports. However on HTTP it also checks links with its blacklist to see if the visited site is bad or not.
Visit my webpage Angry Sheep Blog

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67255
Re: Network Shield (also lightweight firewall)
« Reply #11 on: May 20, 2009, 05:35:54 PM »
So based on the above quotes, the HTTP traffic gets indeed scanned by both Network Shield and Web Shield, right?
No, as RejZor said.
The best things in life are free.

Offline Sueisfine

  • Newbie
  • *
  • Posts: 10
Re: Network Shield (also lightweight firewall)
« Reply #12 on: May 20, 2009, 05:57:42 PM »
Ok, thanks all for your answers!


Offline Francois Blais

  • Jr. Member
  • **
  • Posts: 60
Re: Network Shield (also lightweight firewall)
« Reply #13 on: May 20, 2009, 07:00:59 PM »
From the above comments, it seems the Web Shield is therefore useless if one uses the Network Shield.
Is that right?
Old P3-1000 with 512MB RAM.
XP Pro SP3 (french locale).
XP's own firewall.
No other real-time security app running, besides AVAST 5.1.884 Free.

Offline Sueisfine

  • Newbie
  • *
  • Posts: 10
Re: Network Shield (also lightweight firewall)
« Reply #14 on: May 20, 2009, 07:22:43 PM »
From the above comments, it seems the Web Shield is therefore useless if one uses the Network Shield.
Is that right?


Hmmm, the way I understood it is not useless because although they both scan HTTP traffic, they search for different things (NS searches for Internet worms/specific TCP packets and WS searches for malicious/spyware code inside HTTP traffic content)  :)

But I might have understood wrong, ofc  8)
« Last Edit: May 20, 2009, 07:26:43 PM by Sueisfine »