Avast 7 and Comodo Firewall

[DavidR]

But it isn't a web shield flaw, avast is using the latest windows redirection API

Avast version 7 uses supported API of Windows 7, that is created solely for the purpose of redirecting network connections.

The problem is that comodo doesn't have support for that windows 7 API for the redirection of network connections.

From your previous experience it appears that PrivateFirewall has support for that Windows 7 (not avast's) API for the redirection of network connections.

[gdiloren]

So, did I do well following this tip ((with Private Firewall)from the Wilder's Security Forum ):

--- Correction ---


Yes it is an Avast issue and the Avast forum is where you should be getting help from.

Here is how to prevent all non-Avast web shield filtered traffic on port 80 for your browser.

In your existing PF browser firewall rules:

You need to disable your existing browser PF Primary and Alternate HTTP Connections rules by by unchecking the H and L boxes.

Leave all your remaining browser rules as is; that includes the existing Secure HTTP Connection rule that connects to port 443! In the event you uninstall Avast or turn off its web shield, you will have to activate Primary and Alternate HTTP Connections rules and delete or deactivate the new rules you will add below.

You need to create 2 firewall rules for you browser to only allow HTTP traffic to Avast web shield proxy server:

       Allow outbound - TCP - from local 1024-65355(user) port - to remote port 12080, remote IP 127.0.0.1 - checkmark IP address connection box only.

       Deny Outbound -TCP - from any local port- to remote port 80, any remote IP - checkmark H and L boxes.

Move the two new rules to the top of the existing rule set.

That's it!

If these rules look weird remember that its avastsvc.exe that is doing the actual HTTP connections with Avast web shield turned on, not your browser.

?

[DavidR]

Well if you hadn't done that and you didn't have a problem with privatefirewall, not to mention that is allowing the web shield.

I'm no firewall geek but as far as I can see there is nothing there to combat the whole point of this topic "Avast 7 and Comodo Firewall" blocked programs in comodo being able to sail through the avast proxy unmolested because comodo doesn't support the latest API.

All this does is ensure that privatefirewall doesn't block the web shield localhost proxy (controlled by avastSvc.exe). So it won't/shouldn't hurt, but I tend not to pre-empt a problem but react to them.

[hlecter]

But it isn't a web shield flaw, avast is using the latest windows redirection API

Avast version 7 uses supported API of Windows 7, that is created solely for the purpose of redirecting network connections.

The problem is that comodo doesn't have support for that windows 7 API for the redirection of network connections.

Trying to understand this as the 'problem' discussed here also affects Windows 7 own firewall with outbound protection
where permission for avastsvc.exe lets all redirected browsers and other programs at port 80 through, making the 7 firewall
useless for outbound control when Avast Webshield is used. Windows 7 FW must support windows 7 API?

A solution for Window 7 firewall, Comodo and you name them would be to give Avast users the possibility to
determine which processes to redirect through Webshield. Not only the option to only scan 'well-known' browser processes.
As far as I remember we had something like that in earlier versions of Avast.

This would be much better than discussing who is at fault here.

[gdiloren]

Let's stop doing like ostrich and put our heads in the sand . AILWIL, COMODO and even MICROSOFT should work on this intensively

[TomasAC]

Is this issue fixed?

[MrMaxaMan]

Is this issue fixed?

It will be fixed with the next release of Comodo, I'm not sure if Avast are doing anything about it though.

[bob3160]

Is this issue fixed?

It will be fixed with the next release of Comodo, I'm not sure if Avast are doing anything about it though.

If it's a Comodo problem, why would Avast be doing anything about it

[MrMaxaMan]

If it's a Comodo problem, why would Avast be doing anything about it

It's not just Comodo, it's windows firewall too. But that's already been talked about in this thread.

[TomasAC]

is the problem only with WebShield? am i fine using Avast without Web Shield together with Comodo?

what about Comodo Defense+, isn't it redundant if i'm using Avast Behavior and Script Shield with Cloud Services?

Network Shield is ok?

[CraigB]

is the problem only with WebShield? am i fine using Avast without Web Shield together with Comodo?

what about Comodo Defense+, isn't it redundant if i'm using Avast Behavior and Script Shield with Cloud Services?

Network Shield is ok?

Webshield is one of the most important shields and your first line of defence so by no means should you disable it

If you have to have Comodo then i would suggest waiting for there next release or imo there are better firewalls such as Outpost, Online Armor, Privatefirewall which work great with avast.

[TomasAC]

Webshield is one of the most important shields and your first line of defence so by no means should you disable it

If you have to have Comodo then i would suggest waiting for there next release or imo there are better firewalls such as Outpost, Online Armor, Privatefirewall which work great with avast.

First line of defense? pardon my ignorance but doesn't it only scans Web Traffic, the sites you visit and etc? most of the exploits on the Web are either Java or Flash, am i wrong? from all this time using the Web Shield, browsing the sites i use on day-to-day basis i don't see the Web Shield being of much use.. i think the File system shield is the most important shield.. from the firewalls you've mentioned, which do you recommend? and you still haven't answered my questions from the last post

is the problem only with WebShield? am i fine using Avast without Web Shield together with Comodo?

what about Comodo Defense+, isn't it redundant if i'm using Avast Behavior and Script Shield with Cloud Services?

Network Shield is ok?

[mchain]

First line of defense? pardon my ignorance but doesn't it only scans Web Traffic, the sites you visit and etc? most of the exploits on the Web are either Java or Flash, am i wrong? from all this time using the Web Shield, browsing the sites i use on day-to-day basis i don't see the Web Shield being of much use.. i think the File system shield is the most important shield.. from the firewalls you've mentioned, which do you recommend? and you still haven't answered my questions from the last post

is the problem only with WebShield? am i fine using Avast without Web Shield together with Comodo?

what about Comodo Defense+, isn't it redundant if i'm using Avast Behavior and Script Shield with Cloud Services?

Network Shield is ok?

hi Fell_MTK,

Just to show you how important WebShield is, see the attached below:  Was visiting an anti-malware site with high reputation at the time (still is), so the last thing one would think would be a trojan lurking in a tiny url embedded in the blog post.   

WebShield is an external facing (internet) filtering shield, File shield is internal, Network is primarily internal (home network) and host computer.  So, without WebShield active, I would've been nailed to the wall with this one.

Recommend enabling WebShield to prevent a web page from loading when it is malicious.  WebShield off, malicious page loads like no tomorrow and you are done. 

Are you ready to repair or re-install the os if needed?

[CraigB]

Webshield is one of the most important shields and your first line of defence so by no means should you disable it

If you have to have Comodo then i would suggest waiting for there next release or imo there are better firewalls such as Outpost, Online Armor, Privatefirewall which work great with avast.

and you still haven't answered my questions from the last post

I believe i have answered as webshield is your first line of defence, there are more troubles on the net than just java and flash - what about Malware ( viruses, trojans ) coming from infected webpages as mentioned you should definitely not disable the webshield, i'd rather stick to the default windows firewall with no outbound protection than disabling the webshield.

Iv got two lifetime licenses for outpost pro firewall so that would obviously be my first recommendation but the free version requires you to install the free suite in custom install without all the others features as there is no stand alone free firewall, my next choice would be Online Armor which has a free standalone version.

[SpeedyPC]

Comodo FW has been a real pain in the arse and I'm so glad I gave up long ago since v5.5 something since I was a long time user from v3.14 up to v5.5, it was killing my PC as hell and I gave up than I decided to buy a lifetime licence of Outpost Pro FW smooth as baby oil rubbing your backside so you can slide across the floor easy