Nod32 v3: Software firewall made useless b/c all connections are running through v3?

Discussion in 'ESET NOD32 Antivirus' started by veri, Nov 22, 2007.

Thread Status:
Not open for further replies.
  1. share98

    share98 Registered Member

    Joined:
    Dec 5, 2004
    Posts:
    31
    Re: Nod32 v3: Software firewall made useless b/c all connections are running through

    Well I for one am lost on how to configure NOD32 v3 and Comodo v3 so they work together and provide the maximum security. I just laid out $80+ for a two year subscription and I am not very pleased by the ambiguity in how to set this up.

    I've got security and D+ policies and then I have the HTTP / pop3 settings in NOD32.

    I am not sure what to set as checked, unchecked or crossed.

    What a mess.

    I just want to use the computer to access the 'net and write some email. I don't play online games or anything fancy.

    I think these vendors are outsmarting themselves.

    Are the Apple machines this complicated to use all the time?

    Sorry - I'm just a little weary from trying to figure out two programs that worked together well yesterday and don't seem to cooperate today.
     
  2. ratchet

    ratchet Registered Member

    Joined:
    Feb 20, 2006
    Posts:
    1,988
    Re: Nod32 v3: Software firewall made useless b/c all connections are running through

    Is the $80+ for two years/two pc's anti virus or two years Smart Security? If you purchased S S then you apparently have a firewall that will work with the ekrn.exe proxy tunnel and you don't need any other firewall. If not, you are indeed in the same boat as the rest of us that are on here complaining.
     
  3. Woody777

    Woody777 Registered Member

    Joined:
    Aug 29, 2006
    Posts:
    490
    Re: Nod32 v3: Software firewall made useless b/c all connections are running through

    Who knows? Which Firewall. Each one may do this differently. Now that ESET has created a nice tunnel through my Zone Alarm Pro I suspect if I want adequate security I will have to revert back to 2.7. If I want the newest firewall then I will have to either use ESS or another AV or an integrated Suite. I am not going to try to configure Version 3 Antivirus with all these esoteric settings are they kidding who wants to do all these adjustments just to be able to use this product.
     
  4. nonmirecordo

    nonmirecordo Registered Member

    Joined:
    Jul 19, 2004
    Posts:
    145
    Location:
    Cambridgeshire, UK
    Re: Nod32 v3: Software firewall made useless b/c all connections are running through

    The main criticism of NOD (pre-v.3) by the magazine reviewers has been its complexity for the average user.

    The critics will have a field day when they get round to v.3! That is, those that properly understand how it works and not just look at the gui.

    The cynical amongst them might even suggest that it was a deliberate ploy to persuade users to buy ESS.
     
  5. SteveBlanchard

    SteveBlanchard Registered Member

    Joined:
    Nov 4, 2007
    Posts:
    312
    Location:
    ENGLAND
    Re: Nod32 v3: Software firewall made useless b/c all connections are running through

    Could be right. But then the firewall isn';t good enough is it?
     
  6. Vicky1

    Vicky1 Registered Member

    Joined:
    Nov 27, 2007
    Posts:
    33
    Re: Nod32 v3: Software firewall made useless b/c all connections are running through

    I second that :thumb:
     
  7. SteveBlanchard

    SteveBlanchard Registered Member

    Joined:
    Nov 4, 2007
    Posts:
    312
    Location:
    ENGLAND
    Re: Nod32 v3: Software firewall made useless b/c all connections are running through

    Let me understand this correctly.

    Nod 3 is connecting itself to the web via a tunnel through the installed firewall?

    In which case why does Comodo tell me I am installing a new application? Surely that means the Firewall IS doing its job? and then if that application has a virus in it (god forbid) then NOD will shut the application down. Sounds like what I would expect it to do.

    Or is this, one of these oddities that affects certain users....

    I am also puzzled to why a popular UK forum has had no mention of this or any other problems that have been raised since 5 November.
     
  8. Ocky

    Ocky Registered Member

    Joined:
    May 6, 2006
    Posts:
    2,713
    Location:
    George, S.Africa
    A quick read through of this topic has given me impetus to soon wipe
    my Windows XP and retain my Ubuntu Linux on the dual-boot set-up
    I currently have. However, in the meantime I will probably renew my
    NOD32 licence and stick to v.2.7 with which I was very pleased.
    With v.3 and Comodo v.3 and Proxomitron I would expect time
    consuming fiddling ( read keeping me from my work and impacting
    my earnings potential due to missed opportunities while fiddling
    for hours on end).
    As I am not running a server none of these problems experienced here
    affect me (with Ubuntu) - although I have a simple firewall frontend plus an AV justin.
    Seems like the way to go to save time and money. :)
     
  9. SteveBlanchard

    SteveBlanchard Registered Member

    Joined:
    Nov 4, 2007
    Posts:
    312
    Location:
    ENGLAND
    Re: Nod32 v3: Software firewall made useless b/c all connections are running through

    It is clear this issue does not effect everyone - even the suggestion to alter the rules in the firewall didn't work for me. I tried a simple test and knocked Firefox off the firewall rules- so following the arguement that NODv3 punches a hole throught the firewall should mean that Firefox connects - Firefox is blocked. Which is what is meant to happen.

    And now from what Ocky has said, this problem only affects users who run a server?!?! Which explains why I and many others have had no issue.:D
     
  10. Ocky

    Ocky Registered Member

    Joined:
    May 6, 2006
    Posts:
    2,713
    Location:
    George, S.Africa
    Re: Nod32 v3: Software firewall made useless b/c all connections are running through

    No,no I was referring to Ubuntu ... :D
     
  11. ASpace

    ASpace Guest

    Re: Nod32 v3: Software firewall made useless b/c all connections are running through


    Wow ! You want just to write email but you got one of the most complicated firewalls in the world . COMODO is excellent product but with so many stuff (including the Defense+) and it is definitely for really advanced users , not for just email writers . Sorry , I don't want to hurt you but you can't complain , in my opinion .

    The solution was already explained , you disable/stop protocol filtering , your COMODO will then act differently , another solution is to get ESS ... what's the big matter o_O
     
  12. SteveBlanchard

    SteveBlanchard Registered Member

    Joined:
    Nov 4, 2007
    Posts:
    312
    Location:
    ENGLAND
    Re: Nod32 v3: Software firewall made useless b/c all connections are running through

    Never mind - i am not having any problems!!!:D
     
  13. SteveBlanchard

    SteveBlanchard Registered Member

    Joined:
    Nov 4, 2007
    Posts:
    312
    Location:
    ENGLAND
    Re: Nod32 v3: Software firewall made useless b/c all connections are running through

    For the record ekrn.exe is already set up like this, I just needed to increase the settings to high.
     
  14. jon123

    jon123 Registered Member

    Joined:
    Mar 7, 2005
    Posts:
    76
    Re: Nod32 v3: Software firewall made useless b/c all connections are running through

    Goodness, just scanned through the last page here and am shaking my head again.

    Well, not encouraging, am I to scratch another AV from my list of possibles?

    I suppose with a little :rolleyes: research and diligence I can learn and configure this new version, but sure as hell if it turns out that these upgrades end up causing more problems, not just fixing existing ones, it's off to the trash heap for this one too.

    How long before there is a mad rush to remotely served software like that which Google is offering up? No more personal computer, no more privacy and independent networks.... Invest in Google!

    And I'm not referring to the windows world alone either, some of Linux community are falling into the same trap, releasing updates in a "timely manner" no matter if they are ready or not.

    Maybe there should be a poll:

    Who here is sick to death of so called upgrades and timely f*****up_dates?

    (I'm supposed to be using my software, not upgrading and fixing it all the time)


    FWIW, I do prefer "specialist standalone and independent programs for different functions like for example anti-virus, firewall, antispware, etc. instead of a 'Do-it-all' Jack".
    Infinately preferable to the bells and whistles approach of the "Jack-of-all-trades expert at none" buy this years version marketing strategy.

    -end of rant-
     
  15. alf535

    alf535 Registered Member

    Joined:
    Nov 29, 2007
    Posts:
    6
    Re: Nod32 v3: Software firewall made useless b/c all connections are running through

    The subject is problem. The technology is use in NOD v3 for perlustration HTTP traffic (and which was named best by ESET and Microsoft) make big hole in security. Because NOD is use self proxy process (ekrn.exe).

    of course whole traffic pass through firewall, but... it's impossible to identified owner (source) for traffic passed through NOD after that. And any firewall (not only Comodo) don't know who send information and can't block or use other rule (for exapmle by application) for this traffic if NOD is added to trust zone. CPF don't show and i don't know genuine applications that send this traffic. always for CPF and for me it will be the ''ekrn.exe'.

    and no methods for solve this now.
     
  16. SoCalReviews

    SoCalReviews Registered Member

    Joined:
    Apr 14, 2006
    Posts:
    282
    Location:
    Los Angeles, CA
    Re: Nod32 v3: Software firewall made useless b/c all connections are running through

    Many of us have chosen particular software FWs because of their particular features and our long time familiarity with them. We all know that the entire industry is moving towards security suites as Windows Vista becomes adopted by more users on new Windows based PCs. NOD32 satisfied an exclusive market of users who required a light, effective and highly compatible AV program. When I switched away from my previous AV solution and went with NOD32 compatibility with my other security software was one of the major deciding factors for using NOD32. NOD AV v3 seems to have moved away from the concept of alternative FW compatibility with this ekrn.exe proxy issue. The simple design of v3 may attract new users but this issue could alienate long time pre v3 NOD users who require alternative FW compatibility.

    If I was running Vista only then I wouldn't be as concerned with this issue and maybe using ESS would be a solution I would consider. However I plan on using XP SP2 with another advanced FW for many more years into the future. I certainly hope that v2.7 is supported for at least two more years (hopefully more than three years) or I will be forced to look for alternative AV solutions for my XP SP2 machines.
     
    Last edited: Dec 3, 2007
  17. HAN

    HAN Registered Member

    Joined:
    Feb 24, 2005
    Posts:
    2,098
    Location:
    USA
    Re: Nod32 v3: Software firewall made useless b/c all connections are running through

    I'm still perplexed that someone from Eset doesn't get more directly involved in this discussion. o_O IMO, this subject is no where near cleared up.

    I guess if you run no software firewall (maybe only run a NAT router), or only use the inbound filtering (only) Windows Firewall, then you have no issues. But if you use a software firewall with outbound filtering, you may have an issue and never know it. Or if you have a known issue, have no sure way to solve the problem.

    I know some have been working on this and may indeed have some (perhaps all) of the answers we need (and thanks to all who have been doing this!) But it would help put me more at ease if we had some guidance from Eset directly...
     
  18. Nodrog

    Nodrog Registered Member

    Joined:
    Nov 10, 2007
    Posts:
    56
    Location:
    UK
    Good grief!!

    To AV web browsing on whatever browser (svchost, ie, opera, ff, itunes, etc etc) all have to go through the ONE scanning pipe, the ekrn proxy.

    Any other firewall that can not hook into that proxy (ie ESS) can only define one rule for ekrn...


    ... EQUALS no granularity on rule set for multiple browser apps.

    To allow https on svchost for updates to run means you have to allow https for all the others cos they ALL go through the one pipe and outbound firewall rule (comodo or outpost or zonealarm).

    So to cut a very long story very short, if you want to AV on browsing with this pup; while it might not actually be a tunnel, it is certainly a single rule set, with no option for any kind of granularity... other than to go through it or not. o_O

    best of luck.
     
  19. ratchet

    ratchet Registered Member

    Joined:
    Feb 20, 2006
    Posts:
    1,988
    Re: Nod32 v3: Software firewall made useless b/c all connections are running through

    Conspicuous by their absence!
     
  20. share98

    share98 Registered Member

    Joined:
    Dec 5, 2004
    Posts:
    31
    Re: Nod32 v3: Software firewall made useless b/c all connections are running through

    Actually I am a rather sophisticated user. I just happen to want to use this machine (and my Dad's since I bought the two pack of NOD) without any problem. You know -- sometimes you just want to drive a car someplace and not be a gear head every time you go somewhere (I also have a very hot Mustang but I drive my wife's car every so often). I like Comodo and really don't have a major issue understanding it. It's NOD v3 that's confusing me - especially how it interacts with Comodo.

    I missed how you stop/disable protocol filtering?
    Would you post me to the post?
    Thanks.



     
  21. Joliet Jake

    Joliet Jake Registered Member

    Joined:
    Mar 1, 2005
    Posts:
    911
    Location:
    Scotland
    Re: Nod32 v3: Software firewall made useless b/c all connections are running through


    Not sure I'm understanding you. Do you mean if I start something on my PC that wants to connect to the internet, Comodo V3 won't recognise it and will automatically allow it because of NOD V3?

    Thanks.
     
  22. Woody777

    Woody777 Registered Member

    Joined:
    Aug 29, 2006
    Posts:
    490
    Re: Nod32 v3: Software firewall made useless b/c all connections are running through

    Yes you are correct. As far as I can tell you could indeed accomplish the same fuctionality with a NAT router & V3. No real need for a firewall since the proxy negates the firewalls outbound filtering. V3 finishes off most of your firewalls filtering. I suppose you can remove HTTPS scanning with the proper adjustment & then your firewall will once again function as a firewall. So what you would have left in the way of protection would be on access protection . Since my ISP uses encrypted Email connections I find that NOD32 hasen't scanned any of my Email for who knows how long. Who knows how to set that up with any version? The result is we have the functionality of an AntiVirus product 4 years ago. Do you think Eset was thinking that people would disable the HTTPS scanning when they designed this beast. I don't think so. Probably it would be good for this new improved security system to include a HIPs product , ES Secure , SSM or some other one.
     
  23. mickhardy

    mickhardy Registered Member

    Joined:
    May 16, 2005
    Posts:
    140
    Location:
    Australia
    Re: Nod32 v3: Software firewall made useless b/c all connections are running through

    https://www.wilderssecurity.com/showpost.php?p=1124960&postcount=17

    Change this default setting to applications instead of ports and applications and your software firewall will behave as expected.
     

    Attached Files:

  24. SteveBlanchard

    SteveBlanchard Registered Member

    Joined:
    Nov 4, 2007
    Posts:
    312
    Location:
    ENGLAND
    Re: Nod32 v3: Software firewall made useless b/c all connections are running through

    Do you still need to adjust the firewall rules as per much earlier on in this epic post?
     
  25. ratchet

    ratchet Registered Member

    Joined:
    Feb 20, 2006
    Posts:
    1,988
    Re: Nod32 v3: Software firewall made useless b/c all connections are running through

    lol!!! Good One!!!
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.