KIS 2009 Firewall Question

Discussion in 'other firewalls' started by Judge Dee, Feb 16, 2009.

Thread Status:
Not open for further replies.
  1. Judge Dee

    Judge Dee Guest

    I am not able to establish "interactive mode" with applications making outbound connections. I think I followed Kaspersky advice correctly.
    In the "Applications" tab of firewall settings, under "Networks", I changed all programs to "Prompt for action".
    What am I missing? I'm getting no prompts for any program.

    Thanks,
     
  2. Baz_kasp

    Baz_kasp Registered Member

    Joined:
    May 1, 2008
    Posts:
    593
    Location:
    London

    Settings->protection "Select action automatically"...that needs to be unticked too.
     
  3. Judge Dee

    Judge Dee Guest

    Thank you, Baz kasp. That did it. :thumb:
     
  4. Zyrtec

    Zyrtec Registered Member

    Joined:
    Mar 4, 2008
    Posts:
    534
    Location:
    USA
    Hey Baz,

    First of all, I wanted to thank you for taking time to clarify questions here at Wilders along with your duties of Moderator at Kaspersky forums.

    I do have a quick question for you. I've checked the results of the test “Firewall Challenge”, performed by Matousec. In those tests, I've noticed the Kaspersky firewall ( part of KIS 2009) doesn't pass the ECHO-test which means, it replies when you ping a computer where it's currently installed.

    Is this by default or is it a bug? I had thought that almost all sotware firewalls were supposed to hide your computer by stealth all ports and, I believe that leaving your PC open to pings from another computer is not good idea in any way.

    Could you comment about this, please?


    Best regards,


    Carlos
     
  5. Baz_kasp

    Baz_kasp Registered Member

    Joined:
    May 1, 2008
    Posts:
    593
    Location:
    London

    Hi,

    I dont think that is a bug...this is because KIS2009 does not have a "stealth mode".... this helps reduce conflicts with a number of applications that utilise the network and does not reduce your security...if someone wants to attack your computer, they will do it regardless of whether there is a ping reply or not.

    This post gives a bit more info regarding this:

    http://forum.kaspersky.com/index.php?showtopic=67972&view=findpost&p=633287 (the whole thread is actually good reading)
     
  6. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    If I remember correctly, KISS did at one time have a "stealth mode", but that was an over-riding setting which would than cause users with such as game servers or file sharing programs problems with the unsolicited inbound connections needed/wanted, as the "Stealth mode" was not for a port by port usage but would block all ports. They appear to of now removed this feature.


    Stealth is just a "warm fuzzy feeling" a lot of users like to have (as i have put forward numerous times).
    Error messaging (which is what ICMP is about) over networks helps to prevent slowdowns and problems.
    Simply replying to a ping request does not in itself compromise security. Just a need to have a good packet filtering firewall and rules in place to prevent any possible misgivings in the OS.


    - Stem
     
Loading...
Thread Status:
Not open for further replies.