How to set Imon to check SSL Port 995

Discussion in 'NOD32 version 2 Forum' started by tosbsas, Nov 17, 2004.

Thread Status:
Not open for further replies.
  1. tosbsas

    tosbsas Registered Member

    Joined:
    Feb 9, 2002
    Posts:
    789
    Location:
    Lima, Peru
    Hey guys

    that's weird - I could set Imon to check 9110 instead of using 110 when I was using spampal and b9 together but now I am using gmail that wants to use ssl/tsl Port 995 - but Imon is not checking it - at least I don't get the footer.

    Any ideas??

    Ruben

    OH: OS: win2ksp4 Nod 2.13.3
     
  2. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,772
    Location:
    Texas
    tosbsas

    Encryption would be my first thought. Guessing.
     
  3. tosbsas

    tosbsas Registered Member

    Joined:
    Feb 9, 2002
    Posts:
    789
    Location:
    Lima, Peru
    You saying imon cannot check it - or it can't write the footer

    Ruben
     
  4. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,772
    Location:
    Texas
    tosbsas

    To my way of thinking, NOD would have to decrypt the mail to check it. I'm sure Nod can't decrypt it so it wouldn't be checked in the standard way.

    This is my theory. If anyone else know differently----------
     
  5. tosbsas

    tosbsas Registered Member

    Joined:
    Feb 9, 2002
    Posts:
    789
    Location:
    Lima, Peru
    Don't think so, cause when sending or receiving a PGP mail I can see the transparent Imon window checking the mail

    Ruben
     
  6. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,772
    Location:
    Texas
    Ruben

    Maybe someone will have a better idea. :)

    Gmail configuration

    Incoming Mail (POP3) Server – requires SSL: pop.gmail.com
    Use SSL: Yes
    Port: 995
    Outgoing Mail (SMTP) Server – requires TLS: smtp.gmail.com (use authentication)
    Use Authentication: Yes
    Use STARTTLS: Yes (some clients call this SSL)
    Port: 465 or 587
    Account Name: your Gmail username (including '@gmail.com')
    Email Address: your full Gmail email address (username@gmail.com)
    Password: your Gmail password
     
  7. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,772
    Location:
    Texas
    Ruben

    From the NOD help file.

    Note: For that IMON works on Winsock level, it is not possible to make it check encrypted SSL communication on port 995. Also, adding ports used by other protocols (e.g. MAPI, FTP, etc.) will not make IMON check that communication either
     
  8. sir_carew

    sir_carew Registered Member

    Joined:
    Sep 2, 2003
    Posts:
    884
    Location:
    Santiago, Chile
    Hi,
    I've a Gmail account too. You can use Outlook 97/2000/2002 (XP)/2003 and install the latest version of EMON (Beta 1). If you do that, EMON will check both incoming and outgoing messages independent of ports, protocol used... EMON work independent of IMON. Note that EMON only work with Outlook, so EMON doesn't work with Outlook Express. The other thing that you can do is install The Bat! and get the NOD32 plugin. Anyway, without EMON, IMON... AMON will detect any attemp of viruses...
     
  9. Someone

    Someone Guest

    so in that case EMON sucks :>
     
  10. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    Low level interception (WinSock) modules cannot check secure connections (SSL/TLS). Special plugins for MS Outlook are totaly different thing since they check mail when its already in inbox (decrypted).
    So don't bother setting up secure connection mails.
     
  11. 0pium_Dealer

    0pium_Dealer Registered Member

    Joined:
    Jun 20, 2004
    Posts:
    106
    Cheers ronjor for the link.

    Does this mean it's risky using gmail? If someone send me an infected file, NOD will not detect it when I download it from the server?
     
  12. tosbsas

    tosbsas Registered Member

    Joined:
    Feb 9, 2002
    Posts:
    789
    Location:
    Lima, Peru
    You will have to trust amon :)--)9

    Ruben
     
  13. 0pium_Dealer

    0pium_Dealer Registered Member

    Joined:
    Jun 20, 2004
    Posts:
    106
    In my original post, abhi say Gmail doesn't support exe files, but didn't I read somewhere exe files could be disguised?

    I don't personally know how to go about disguising a exe file (could be as simple as changing the .exe to .jpg)

    Does Google actually scan the attachment and if it contains exe codes, will refuse it?

    Are there any AV that will scan SSL Port 995?

    The reason I am asking this is because I am building a PC for my mother, it will have a Non-English XP installed, along with some other Non-English software.

    I will need to configure the system to be as secure as I can. She is an absolute newbie to the world of PC. She has never ever used one, but is starting to get interested in using emails, and web surfing. She'd like to keep in touch with friends and family in HK. She only just got her first ever email account (Gmail :D )

    She knows nothing about viruses and worms. I will lecture her on it, but I just cannot trust her not to open files without scanning it first (mothers :rolleyes: )

    She also live about 400 miles away, so I don't really want the system to go belly-up, and me going up there to 'fix' it...

    From a security point of view, would I be betting off paying for a pop box, and setting that up for her, and forget about gmail?

    With pop mail boxes, at least I know all emails and attachment are scanned by NOD, whereas Gmails aren't.

    Thanks
     
  14. NOD32 user

    NOD32 user Registered Member

    Joined:
    Jan 23, 2005
    Posts:
    1,766
    Location:
    Australia
    EMON?
    Plus, don't be too concerned with not being able to scan gmail - if you've got the rest of it configured properly there should be a neat zero opportunity (via AMON/DMON) for anything that may manages to get in that way.
     
  15. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    Even if you change extension from EXE to JPG,that wouldn't be executable anymore,but a very "corrupted" image. So in the end the file would be useless.
     
Thread Status:
Not open for further replies.