Is Sygate firewall ok with KAV 4.5 and Mozilla Firefox?

I am wondering if Sygate's proxy weakness would be a problem while running KAV 4.5 (with mail checker installed) and Mozilla Firefox.

 

Should not be a factor with that configuration. The loopback issue would only apply when using something like Proxo where applications could access the Internet via localhost and the proxy.

Regards,

CrazyM

 

Thank you very much, CrazyM!

 

Hmmm...my understanding is that KAV's mail checker does run as a local proxy and that therefore Sygate would not prevent other programs from trying to access the Internet through it. However you could substantially reduce (but not eliminate) the risk by configuring a tight ruleset for the proxy (e.g. POP3/IMAP/SMTP protocols only, ISP mailserver addresses only).

 

If KAV does use a proxy type service for scanning e-mail, I cannot see it allowing other applications to use it other than the mail clients you configure. I doubt it is an independent proxy service available to anything. But not having used it, perhaps a KAV user can jump in and clarify how the e-mail scanning works.

Regards,

CrazyM

 

Given that the most popular use for compromised PC's is as spam zombies, I would hope that the exploit here is obvious.

I was however also thinking about a malware application trying to use the proxy to trigger fake DNS requests to transfer data (in a similar fashion to DNSTester). The only way to prevent this would be to block DNS access for the proxy and to have the mail server addresses added to the hosts file (thereby removing the need for the proxy to do a DNS lookup).