Web shield only for browser: is it possible?

[petr0id]

Hello there.

Is there is any way to use web shield abilities ONLY for browser's traffic?

When i'm using Firefox (in my case the web browser is FF), i know where i want to go and also know, that there is a rules for FF in CIS (Comodo Internet Security Suite). And also i know, that there is a lot of different rules for other applications.

But if all HTTP traffic will be treated as WS connection, how do i know which program want to connect to network via the HTTP port's?

Excuse my bad english please, thanks in advance!

[Sesame]

Hello there.

Is there is any way to use web shield abilities ONLY for browser's traffic?

When i'm using Firefox (in my case the web browser is FF), i know where i want to go and also know, that there is a rules for FF in CIS (Comodo Internet Security Suite). And also i know, that there is a lot of different rules for other applications.

But if all HTTP traffic will be treated as WS connection, how do i know which program want to connect to network via the HTTP port's?

Excuse my bad english please, thanks in advance!

Since Web Shield is monitoring HTTP traffics of major browsers such as Internet Explorer, Firefox, Google Chrome, Safari, and Opera, at port 80, by default, it is supposed to monitor browsers' traffic.  So, if you use these main browsers, you are most likely using it through WS.  To check it with your own eyes, you need a traffic monitor application such as Currports.  If you monitor the traffics of the browsers above with it, you will see they access local port of 12080, where WS stays and watching the traffics before they reach these browsers.

[Edit]I forgot to add.  There is a popular way to "experience" WS on action without risking your system from real malware.  With your browser of your choice, please visit this site and try to download each test file there.  Downloading files on HTTP traffic should be aborted as long as the browser is covered by WS.  Since you know WS only covers HTTP traffic, you shouldn't be surprised to find WS is not doing anything for test files on HTTPS traffic.[/Edit]

[petr0id]

After i tried to download this: hxxp://www.nirsoft.net/packages/x64tools.zip
Avast! gone mad. It show me a billion of alert pop-ups about viruses and finally crashed.
Well done!

I think there is a misunderstanding.
I want to know is there is a way to prevent other programs (not my browser) to connect to HTTP via WS "proxy".
I don't want to manually check each IP address. I want to know which program wants to connect to internet.
In case with WS filtering enabled on port 80 it easily can be any software 8(

[Sesame]

After i tried to download this: hxxp://www.nirsoft.net/packages/x64tools.zip
Avast! gone mad. It show me a billion of alert pop-ups about viruses and finally crashed.

So, you downloaded utility sets rather than only Currports, which I recommended?  Yes, for some reason, some of Nirsoft's applications are tagged as malware by some security applications (Some of the tools are unfortunately favorite of some malcreants since they are computer information tools).  However, Avast! shouldn't be one as you can see here.

I think there is a misunderstanding.
I want to know is there is a way to prevent other programs (not my browser) to connect to HTTP via WS "proxy".
I don't want to manually check each IP address. I want to know which program wants to connect to internet.
In case with WS filtering enabled on port 80 it easily can be any software 8(

Then, let your comodo limit the connection from these browsers to 12080.  However, I cannot show how to configure the firewall function of Comodo Internet Security since I am not the user.

Edited for a messed link.

[petr0id]

Okay, thank You!

So the WS is checking ONLY web-browsers and e-mail actions?
Other programs does not able to use the WS "proxy"?
If i allow AvastSvc.exe to connect on HTTP and e-mail ports is this means what Avast! is know all about my browsing/e-mail activities?
Why AvastSvc.exe sends ICMP packets to home (Avast!) servers?

[Sesame]

So the WS is checking ONLY web-browsers and e-mail actions?

Most likely yes since Web Shield monitors HTTP traffics while Mail Shield monitors SMTP (sending messages), POP, IMAP (Both for receiving messages) and NNTP ports (Receiving News).  The "formula" for the ports where AvastSvc.exe staying is 12000+the monitored ports.  As I have already mentioned, for instance, 12080 for HTTP, or port 80.

So the WS is checking ONLY web-browsers and e-mail actions?

Web Shield is only checking HTTP traffics for remote port 80.  Email traffics are checked by Mail Shield although the process name is the same AvastSvc.exe.

Other programs does not able to use the WS "proxy"?

As long as Web Shield is concerned, it only checks HTTP traffics initiated by the supported browsers to remote port 80 by default.  If you are talking about AvastSvc.exe, I said most likely since I don't know how P2P/IM Shield works since I don't use any P2P or messaging applications.

If i allow AvastSvc.exe to connect on HTTP and e-mail ports is this means what Avast! is know all about my browsing/e-mail activities?

About Web Shield, yes as long as you use the supported browsers I aforementioned to connect remote port 80.  As for Mail Shield, the story is bit different since it seems to monitor any traffic which goes through ports such as 25, 587, 110, 143, 119 not concerning which application is using them.

Why AvastSvc.exe sends ICMP packets to home (Avast!) servers?

It's checking for possible update.

[petr0id]

Yep, my was bad when mixing WS and MS functions.

Thanks for Your time and thanks for extensive information.
Also thanks for useful links.

I think this thread is now may be closed.