Avast firewall newbie questions

Hi,

I hope it's okay to ask here (hoping that avast IS users can help me..)

How can I creat a block rule for a single and a range of ports in avast firewall? I am a bit confused on the layout of the avast firewall and the Application Rules shows only "Allowed Applications". I have selected Public/High Risk Zone so all incoming is blocked(stealth all ports...right?)

In the SYSTEM it says,

Allow connections to all networks.
Outbound ports: All or 80 Inbound ports: 445
For all other connections: Auto-decide or Block/Ask

I do not want it to allow all connections and prefer to block some like the infamous port 445 and 135-139. But I am at a loss as to how I can create it.

I also need to block programs fro calling home but seem nt to find "terminate connection" option....is there one in the avast firewall? How can I block an application from calling home?

Appreciate the help and replies!

Thanks very much!

 

Try going to the Firewall>Packet Rules section and add a rule.

 

Best would be to ask at Avast forums or contact their support.
Blocking programs from calling home...sounds like crack method

 

How would using the firewall from Avast IS to block a program from calling home be a crack method?

 

Thanks for the reply. I appreciate it.

I posted at the avastForums but there is no reply as of this time...that's why I opted to ask here instead..maybe an avast IS user will know..

I do not use crack software because it usually borks the system, as much as possible if I cannot buy I enter contests/giveaways/promos or ask a friend for a license. My Cyberlink is not crack it's a 30day trial that was extended to 2 months courtesy of my request last December(trying it on Windows 7...I don't use it in XP but use Ashampoo software..also from promos).

There are programs like Wondershare's DVD Slideshow Builder which I won in WebTalk that frequently calls home. I would want to block that as mentioned like Cyberlink eats up my connection. A lot of Wondershare software like DVD-Ripper platinum, DVD Creator, DVD Video Converter calls home and all of mine are licensed and registered. There are also a lot of alternatives out there to use instead of "crack".
There are legit programs that always calls home.

Like Java which if not configured when you install it auto-updates itself and eats up our bandwidth without you knowing and here you are after you have done something you find out that your download is not yet finished because the bandwidth is cut in half. I was talking of scenarios like that.

Maybe I ought to remove the firewall component and go back to Privatefirewall or either Outpost/OA Premium. In my XP SP3 I have Privatefirewall, there is no option to terminate a connection so I use Processhacker ver2.8.

Testing out combinations here( and wanted to check if avast firewall is good --all they say is that it's a silent firewall but what...?--- ).

Thank you.

 

You can edit rules for applications in Firewall -> Application Rules, there you can change the automatically created rules for the programs phoning home. You can also set Avast to Ask on every connection attempted for which there is no rule yet by going to Firewall -> Firewall Settings -> Expert settings. Or if you find that too much of a hassle you can also check the option Show notifications about newly created "allow" rules. From that notification you can go straight to Application rules if you want to change it to Deny. Terminating connections is not possible though.

For the ports you can change the rules in Packet rules in Expert settings, but I'm not really experienced with that.

 

@BoerenkoolMetWorst,

Thanks for the reply.I tried it and it works. Only thing is Adobe Updater and Java update keeps running although I have made rules for them...it can't seem to apply it. Is there a whitelist of some sort with avast firewall which when a program is included auto-allows everything concerned with the whitelisted program? Anyway, I'll still observe and then decide i I'll keep it.

Thanks

 

Avast doesn't have a HIPS, so while it denies internet access to the applications it doesn't stop them from running. With v5.1 there is sort of a behaviour blocker if you set the behaviour shield to Ask, maybe that will throw a pop-up about adobe and java updater?

 

Yeah(Behavioral shield --seems benign no alerts or pop-ups..not the kind of the likes of Prevx...) tried that but still it didn't stop Adobe Updating itself....to terminate it I had to use Processhacker ver2.8 still.

 

The behavior shield is only passive if not mistaken, it will not do anything now, as it is still on learning mode according to avast!.

 

Perhaps you need to disable Adobe readers processes in the startup list, readersl.exe is preloading the reader for faster startup and adobearm.exe is for the update I think. Or switch to a nicer reader

Yes, but you can set it to Ask yourself in expert settings since 5.1

 

@eugene,

Oh is that so...that explains it why it seems to do nothing on my extra machine. Well I have Prevx SOL in tandem with Avira Premium(w/out ProActive) loving it

@BoerenkoolMetWorst,
-- I am using PDF-Xchange Viewer doesnt call home and doesn't bug you on updates. You should try it jasonbourne...looks good too

@jasonbourne,

imo, a firewall should have an option to terminate a connection..but that's just me

 

But it wouldn't do anything too

 

It only asks about things it deems suspicious and the whitelist has grown too, so it may be more difficult to get a pop-up, but I've seen quite a few pop-ups, mostly when installing software.