HTTP Off Risks

Discussion in 'ESET NOD32 Antivirus' started by dragoneer, May 15, 2012.

Thread Status:
Not open for further replies.
  1. dragoneer

    dragoneer Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    21
    This is a follow on to a thread names "Problem with Streaming" in this same forum. The discussion was abandoned at a crucial point. Both ESET Moderator "Macros" and Global Moderator "Cudni" participated. I hope that one of them or someone else knowledgeable in the problem described next will respond and clarify.

    From the cited thread, I gather that:

    1) Turning off "HTTP Checking" is at least as powerful as unchecking "Active Mode" for all browsers, i.e., when its turned off, all settings for particular Browsers are meaningless.

    2) Turning off "HTTP Checking" or unchecking the right Browser is necessary to play streams. (In prior thread I pointed at two streams from PBS net radio stations.)

    3) If you turn off "HTTP Checking" and/or uncheck "Active Mode" for a browser in use, there is no real-time (in the non-ESET technical meaning of the term) chcking of data as it comes into the computer.

    4) Your computer is then protected only by what ESET calls its "real time protection modules". I presume, but don't know, that this means the next time the file is opened, executed, etc. it will be scanned. What if the browser doesn't store the data as a file?

    5) There is/isn't risk in turning off "HTTP Checking"?

    Could someone knowledgeable please comment on the five assumptions/questions enumerated above. And, most important, tell me:

    6) What additional risks am I running when I disable "HTTP Checking"?

    7) If the answer to 6 is none, then what is the use of "HTTP Checking"?
     
  2. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    You're right, browser settings will become meaningless with http checking disabled.

    The only important thing is to leave media players in passive mode. Download managers and streaming media players won't work properly in active mode.

    Files that are saved to the disk will be scanned by real-time protection. However, unlike web access protection it doesn't scan inside archives and, of course, does not block access to potentially malicious sites.

    Not sure what you mean as browsers download files to the temporary folder first where they are scanned by real-time protection.

    As I have mentioned, http checking provides additional protection layer. It blocks access to sites known to serve malware, scans inside archives and uses more aggressive scanning to detect new born threats.

    Explained above.
     
  3. dragoneer

    dragoneer Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    21
    First I wanted to thank you for your rather complete reply. It seems that I need to put Firefox, IE, or another browser into passive mode to listen to the one PBS radio stream and put Windows Media Player into passive mode for the other PBS stream.

    As to "What if the browser doesn't store the data as a file?" in 4 above: Code, AKA the browser, can download packets into internal buffers (primary memory) rather than files in the file system. It is a coding style decision whether "files", as known to the OS, are created or not. For example, protocol implementation pieces (as opposed to data messaging parts of applications) typically just play with the streamed bytes looking for status and/or control messages that might be in or out "of band".
     
Thread Status:
Not open for further replies.