Web Shield is an on-access scanning provider which is able to monitor and filter all HTTP traffic coming from websites on the Internet. It’s implemented as a HTTP proxy running on your PC. Connections from your Web browser are redirected to the Web Shield module. Web Shield in turn connects to the requested web server and while downloading the content it scans it for viruses and Trojans. Only the clean data is delivered to the browser, every malware is stopped before it gets saved on your PC.
I always thought that viruses and other malaware can infect your computer ONLY when you are downloading software from the Internet.
Does this mean that my computer can become infected with malaware EVEN IF I am not downloading software ?
So since nothing is ever perfect, can you tell in your estimate how effective Web Shield and Standard Shield are effective at stopping malaware from infecting my computer ?
Does downloading mean that you are exposed to much more dangerous malaware or is this irrelevant ?
Thank you.
Thank you very much indeed for bringing this to my attention, freewheelinFrank.
In your blog, I read that a web site can be compromised (hacked) or contain compromised third-party content (typically ads from hacked ad servers).
I have a tripod website which I have worked hard at creating.
What will it mean exactly if my website gets hacked ?
Does it mean that I will not be able to access it anymore in order to alter the information that is on my own website ???
Suppose Web Shield tells me that it is hacked.
What can Web Shield do about it ?
How can I destroy the malaware on my website ?
Will my web hosting service be able to do something about it ?
I urge everyone out there to give me as much input about this as they can for this is a very alarming state of affairs.
I certainly would not want visitors to my website to get infected as a result of visiting my website.
The security of your web site is down to Tripod, there is little you can personally do to avoid it getting hacked. The hackers are hacking the hosting software and commonly inserting iframe tags into all pages on the Hosted tripod user pages.
The web shield can only alert you to the fact that something isn’t right (infected alerts) and block the download to your HDD.
David wrote:
" The web shield can only alert you to the fact that something isn’t right (infected alerts) and block the download to your HDD. "
By infected alerts, does this mean that if I visit an infected website, Web shield can alert me WITHOUT ME downloading it in any way into my hard drive such as I assume by saving it as a bookmark or a html document in my hard drive.
I have never seen an alert. What is it exactly ? With all these malaware infested websites, I think I ought to be on the lookout…LOL
The page contains an innocent character string that AV’s will detect as if it were a virus.
WebShield blocks the malicious content detected on a web page before it arrives on the hard disk. Unaffected parts of the web site will still be downloaded, and be stored in the broswer cache/history etc.
The web shield uses a localhost proxy to pre-scan the http port 80 traffic that would be downloaded to your browser cache. If something is infected the alert is raised and the only option given is to abort the connection, stopping it being downloaded into your browser cache, etc.
I followed the link to the Avast tutorial on how to install proxy setting in Firefox if you have Wndows 98.
I succeeded but the instructions need to be altered as follows :
In Firefox 2.0.0.14 click Tools > Options
There is no tab that is called General as the tutorial is showing. Instead you click Advanced > Network > Settings
And there you see the Manual proxy configuration radio button and you carry on as the tutorial shows you.
Now my question is:
Just beneath the HTTP proxy there is an option box which asks you whether you want to use the HTTP proxy server for all protocols ? What should I do ?
What proxy settings should I have for SSL proxy , FTP proxy etc.as listed in the wndow ? Should I leave these blank ?
Since security is the subject of this thread, under the Encryption tab, it asks when a website requres a certificate do I click the option of the compuer selecting one automatically or for it to ask me each time ?
Thank you very much indeed. Security is very important given the information that has been made known on this thread !!
Leave them blank as the web shield doesn’t monitor those ports only the HTTP port 80 traffic is monitored.
Encryption effectively screws the web shield as it can’t monitor encrypted traffic (that is the whole purpose of encryption, to keep prying eyes out). So leave that alone also, the only requirement to get the web shield scanning your HTTP traffic is already covered by what is in the tutorial.
Thank you David.
You write that Web Shield only monitors the HTTP port 80 traffic.
But the avast tutorial told me to specify Port 12080 and not 80.
Can you clarify this detail for me please ?
I followed the link to the Avast tutorial on how to install proxy setting in Firefox for those having Wndows 98. I installed those settings. So now Web shield should be able to monitor web pages that I open in Firefox on my Windows 98 system.
I have tabs in FF all displaying different web pages and one of them is the Eicar test page:
For the past hour or more, I have had the Web Shield Window telling me what it is doing because I have ticked the box in its settings for it to do so. It has scanned hundreds of web pages and none have been infected.
So far for some weird reason Web Shield has not scanned the eicar web page !!
Other than shutting down all the tabs, is there another way that I can tell Web Shield to specifically scan the eicar test page ?
That is the proxy port that the web shield uses (in the web shield settings), it redirects port 80 traffic to port localhost 12080 (for those OSes that support the transparent proxy function).
That is why you are having to set manually set your browser to use the proxy as your OS doesn’t support the transparent proxy function, you have to tell the browser what to use.
trigan had the links earlier in the thread but was pointing out that the avast tutorial is now out of date for Firefox and has not kept up to date with the layout of Firefox 2 (soon to be Firefox 3).
@trigan,
the pages are scanned by avast as they are opened. If you had the eicar tab open before you set up the proxy then it will not be scanned again until you re-open the eicar page.
Alan,
I read your above post and so I shut down the tab of the Eicar text file page. I made sure that the proxy settings were still directed to port 12080 in FF options and that Web Shield was up and running and scanning.
I then clicked on History > Show in Sidebar and clicked on the Eicar text file web page to re-open it. It opened up in a new tab.
AND STILL NO MESSAGE CAME UP as it usually does when I open a new web page in a tab or refresh a web page that is already open in a tab in Firefox.
But this time, I happened to notice that WebShield was scanning the following web page which I did not have in FF as a tab which I thought suspicious.
I could not see the end of it.
What is going on ?
Something tells me that I have to change something in Options or the Customize tab in Web Shield but what ?