Author Topic: Firewall rules.. auto- decide or not?  (Read 11291 times)

0 Members and 1 Guest are viewing this topic.

Offline smoaky

  • Newbie
  • *
  • Posts: 17
Firewall rules.. auto- decide or not?
« on: May 17, 2010, 11:58:16 PM »
Apologies for posting in the wrong thread but I am trying out AIS and have firewall rules set to "auto-decide" which of course eliminates a lot of pop-ups but using GRC leak test,AIS allowed it to run. Why would AIS allow GRC to connect to the net? (Paranoia speaking here) Wink ? Should I be concerned? Should I just go with "ask"? even though that would initiate more pop-ups?

Offline ALIV

  • Jr. Member
  • **
  • Posts: 38
Re: Firewall rules.. auto- decide or not?
« Reply #1 on: May 18, 2010, 12:02:58 AM »
I definitely recommend setting it to Ask.
The rules are remembered so you won't see more than one popup per application.
It all boils down to what you're most comfortable with though.

Offline Gargamel360

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 2346
  • Memento Mori
Re: Firewall rules.. auto- decide or not?
« Reply #2 on: May 18, 2010, 12:05:13 AM »
That would be a matter of personal preference, no?   "Ask" would be the safer, yet more cumbersome, way to go.
Signature?  But I gots no pen....

Offline logos

  • Avast Überevangelist
  • Serious Graphoman
  • *****
  • Posts: 9441
Re: Firewall rules.. auto- decide or not?
« Reply #3 on: May 18, 2010, 12:13:11 AM »
Apologies for posting in the wrong thread but I am trying out AIS and have firewall rules set to "auto-decide" which of course eliminates a lot of pop-ups but using GRC leak test,AIS allowed it to run. Why would AIS allow GRC to connect to the net? (Paranoia speaking here) Wink ? Should I be concerned? Should I just go with "ask"? even though that would initiate more pop-ups?

no need to apologize, it's okay ;) leave the firewall set to auto-decide at least for a couple of hours, even one day, so that it's got enough time to learn automatically what's connecting on your system. Then if you're if you don't trust it a hundred percent, you can always set it to "ask". I've been there and I switched it back to auto-decide a while ago. No need after all, following an alert, to confirm what the firewall would do automatically anyway. Just make sure that you've got a pop up for both blocked and allowed connections, to keep in touch with traffic management. You can always override a rule if needed. The risk is what if a trojan silently downloaded attempts to connect, but honestly, you'll have already noticed something wrong going on. And auto-decide doesn't mean "allow" necessarily. There are blocking rules...more transparency needed there because there's no obvious way so far to tell how this firewall takes its decisions. The interface will still change, new settings will be implemented from what I read, so let's wait and see...
w7 - ais7

Offline smoaky

  • Newbie
  • *
  • Posts: 17
Re: Firewall rules.. auto- decide or not?
« Reply #4 on: May 18, 2010, 06:39:23 PM »
Thanks,
That is good useful info  ;)
Set to auto-decide and it failed both GRC leak test and PC Flank.
Set to ask and it passed GRC but sill failed PC Flank. Hmmmmm ??
Any info on how leaky AIS firewall really is?
I am behind a Cisco router but I still become a bit paranoid  :-\

Offline lukor

  • Avast team
  • Super Poster
  • *
  • Posts: 1881
    • AVAST Software
Re: Firewall rules.. auto- decide or not?
« Reply #5 on: May 18, 2010, 07:43:51 PM »
Hi smoaky,
were you on "Public/Airport profile" during the PC Flank leak tests?

Lukas.

Offline smoaky

  • Newbie
  • *
  • Posts: 17
Re: Firewall rules.. auto- decide or not?
« Reply #6 on: May 18, 2010, 07:53:22 PM »
No. Got it on Work zone
Do you suggest Public zone even at home?

Offline logos

  • Avast Überevangelist
  • Serious Graphoman
  • *****
  • Posts: 9441
Re: Firewall rules.. auto- decide or not?
« Reply #7 on: May 18, 2010, 08:44:53 PM »
while "public zone" might indeed prevent the leak, you don't need it. Sticking to work zone is safe enough, and obviously more appropriate on a private LAN.
w7 - ais7

Offline smoaky

  • Newbie
  • *
  • Posts: 17
Re: Firewall rules.. auto- decide or not?
« Reply #8 on: May 18, 2010, 08:57:43 PM »
Cool  ;D
Still worried how leaky AIS Firewall is.
Anyone seen any test results on how AIS (Firewall) ranks compared to other ISS i.e. Norton,Kaspersky,Eset,GData, etc.
I have seen a few reviews but it leaves me with doubts.
Have been using Comodo Firewall along with Avast 5 AV.
Comodo Firewall is excellent but get tired of pop-ups ..seems forgetful of rule settings.

Offline logos

  • Avast Überevangelist
  • Serious Graphoman
  • *****
  • Posts: 9441
Re: Firewall rules.. auto- decide or not?
« Reply #9 on: May 18, 2010, 09:25:21 PM »
for your own sake, forget about the leak test, have a glass of wine, and relax ;D
w7 - ais7

Offline smoaky

  • Newbie
  • *
  • Posts: 17
Re: Firewall rules.. auto- decide or not?
« Reply #10 on: May 18, 2010, 09:39:51 PM »
Thanks
I'm sure we all say that until we get infected. No harshness intended but as you know it is always safer to practice preventive maintenance that try to fix an unexpected hacker, drive by, key logger, trojan attack.
Honestly, over the years what has been your personal experiences with viruses,key loggers,etc. and why did you decide on AIS?
I have had a few bad encounters but only because of my stupidity clicking on a malicious link or web site.
Peace

Offline logos

  • Avast Überevangelist
  • Serious Graphoman
  • *****
  • Posts: 9441
Re: Firewall rules.. auto- decide or not?
« Reply #11 on: May 18, 2010, 09:53:25 PM »
Quote
I'm sure we all say that until we get infected

nope ::) >>> watch your clicks first, that's the best line of defense, no need to elaborate, as to drive by downloads and keyloggers...never seen any of these here...I'm not saying this doesn't exist, I know it does, but not here ;D
 Why AIS? well I've been running Avast AV for a few years now, I like the interface, V4 like V5...specifically AIS >>> firewall and sandbox...not much to comment on that yet, it's too early. I was running CIS (Comodo), got fed up with it and was looking for another solution.
w7 - ais7

Offline smoaky

  • Newbie
  • *
  • Posts: 17
Re: Firewall rules.. auto- decide or not?
« Reply #12 on: May 18, 2010, 10:03:20 PM »
Me too,
Drive by and key loggers ..never seen em (key loggers are more prevalent with dial-up internet connections I guess)
Ex-CIS user too huh?
Really lliked CIS but damn....got tired of the incessant pop-ups even after setting rules. You too?

Offline logos

  • Avast Überevangelist
  • Serious Graphoman
  • *****
  • Posts: 9441
Re: Firewall rules.. auto- decide or not?
« Reply #13 on: May 18, 2010, 10:12:13 PM »
Me too,
Drive by and key loggers ..never seen em (key loggers are more prevalent with dial-up internet connections I guess)
Ex-CIS user too huh?
Really lliked CIS but damn....got tired of the incessant pop-ups even after setting rules. You too?

no that's the worse about it, I didn't have single problem with it, I was running Comodo stuff since CFP 2.4 >>> I just got bored with the interface, not a very serious attitude in terms of security I admit but when I get bored with something I ditch it. And when I saw that CIS 4 brought almost nothing new compared to V3, there was no regret. Avast firewall is far from being perfect yet, but I really like the interface, meant to be silent and efficient at the same time. Not all the bells and whistles of Comodo, no HIPS but I can very well live without that. Yeah I got fed up with the HIPS too, not that it was that noisy, but I was starting to have doubts about the necessity to have it. Yeah, and finally Comodo as a company, not much to add as I don't want to start another Comodo bashing thread here ;)
w7 - ais7

Offline ALIV

  • Jr. Member
  • **
  • Posts: 38
Re: Firewall rules.. auto- decide or not?
« Reply #14 on: May 18, 2010, 10:39:29 PM »
As far as the aIS firewall being leaky, well, I guess it kinda is from everything I gather.
What needs to be remembered though is it can't get out if it can't get in in the first place. ;)