KIS 2009 Firewall Question

Discussion in 'other firewalls' started by Judge Dee, Feb 16, 2009.

Thread Status:
Not open for further replies.
  1. Judge Dee

    Judge Dee Guest

    I am not able to establish "interactive mode" with applications making outbound connections. I think I followed Kaspersky advice correctly.
    In the "Applications" tab of firewall settings, under "Networks", I changed all programs to "Prompt for action".
    What am I missing? I'm getting no prompts for any program.

    Thanks,
     
  2. Baz_kasp

    Baz_kasp Registered Member

    Joined:
    May 1, 2008
    Posts:
    593
    Location:
    London

    Settings->protection "Select action automatically"...that needs to be unticked too.
     
  3. Judge Dee

    Judge Dee Guest

    Thank you, Baz kasp. That did it. :thumb:
     
  4. Zyrtec

    Zyrtec Registered Member

    Joined:
    Mar 4, 2008
    Posts:
    534
    Location:
    USA
    Hey Baz,

    First of all, I wanted to thank you for taking time to clarify questions here at Wilders along with your duties of Moderator at Kaspersky forums.

    I do have a quick question for you. I've checked the results of the test “Firewall Challenge”, performed by Matousec. In those tests, I've noticed the Kaspersky firewall ( part of KIS 2009) doesn't pass the ECHO-test which means, it replies when you ping a computer where it's currently installed.

    Is this by default or is it a bug? I had thought that almost all sotware firewalls were supposed to hide your computer by stealth all ports and, I believe that leaving your PC open to pings from another computer is not good idea in any way.

    Could you comment about this, please?


    Best regards,


    Carlos
     
  5. Baz_kasp

    Baz_kasp Registered Member

    Joined:
    May 1, 2008
    Posts:
    593
    Location:
    London

    Hi,

    I dont think that is a bug...this is because KIS2009 does not have a "stealth mode".... this helps reduce conflicts with a number of applications that utilise the network and does not reduce your security...if someone wants to attack your computer, they will do it regardless of whether there is a ping reply or not.

    This post gives a bit more info regarding this:

    http://forum.kaspersky.com/index.php?showtopic=67972&view=findpost&p=633287 (the whole thread is actually good reading)
     
  6. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    If I remember correctly, KISS did at one time have a "stealth mode", but that was an over-riding setting which would than cause users with such as game servers or file sharing programs problems with the unsolicited inbound connections needed/wanted, as the "Stealth mode" was not for a port by port usage but would block all ports. They appear to of now removed this feature.


    Stealth is just a "warm fuzzy feeling" a lot of users like to have (as i have put forward numerous times).
    Error messaging (which is what ICMP is about) over networks helps to prevent slowdowns and problems.
    Simply replying to a ping request does not in itself compromise security. Just a need to have a good packet filtering firewall and rules in place to prevent any possible misgivings in the OS.


    - Stem
     
Loading...
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.