avast web scanner/ kerio pfw

Avast Free Antivirus / Premium Security
1

I have avast home edition 4.7.844 and i use kerio personal firewall. regarding avast web scanner, i authorised outgoing connections and it never asked for more (for several months since i installed it) until today when kerio warned me of an incoming request thru the internet for avast web scanner. not knowing what this was, i denied it . could anyone tell me if this was normal ? does the web scanner update thru the internet ?

2

Into the firewall settings, the following programs should be allowed to connect:

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (avast! Web Scanner) (allow server rights; access to ports 80, 443; accept connections from localhost on ports 12080)
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (avast! e-Mail Scanner Service) (allow email rights: outgoing on ports 110, 25 and 119; accept connections from localhost on ports 12110, 12025, 12119)
C:\Program Files\Alwil Software\Avast4\Setup\avast.setup (avast! Update executable)

Don’t need rights to connect:
C:\Program Files\Alwil Software\Avast4\ashServ.exe (avast! antivirus service)
C:\Program Files\Alwil Software\Avast4\ashUpdSv.exe (avast! Update Service)

Maybe you’re seeing this message for the first time because avast has updated itself, or maybe you’ve changed your network settings in Kerio…

3

thanx for the quick reply !
just one last question, the program avast.setup is authorized to connect (that means outgoing only) and it does update without asking for incoming authorization. my Web Scanner is autorized for outgoing connection too but do i need to authorize incoming requests as well ? does it really need it to update ?

4

Be used to avast forum speed 8)

Yes. avast.setup is a temporary file that avast uses to update.

Not only for update but Webshield need this to scan all HTTP traffic and protect you.
The traffic Web > Web Shield > Browser > Standard Shield of avast (saving the data to the disk).
So, WebShield is on the middle and need both kind of connections.

5

quick and clear again thank you

6

Packet filter solution in here. Ruleset works also in Kerio 4.
http://forum.avast.com/index.php?topic=22030.0

It uses special techniques to prevent loopback tunneling through avast proxy.

PS
At least with packet filter rules, avast proxies need no explicit incoming (server type) connections in rules specified.