This is not a critical or heavy-duty issue like the WebShield saga, but merely an educational one. Here it goes:
During the initial setup and first run of avast, my firewall registers ICMP traffic requests from/to avast sites. After permissions are given and advanced rules are written, no such ICMP traffic is ever noted again (respective rules set to log all such ICMP activity).
Question: Is this the way it should be? If yes, what purpose is served by the avast childhood pings?
Maybe I’m wrong but could be the detection of update servers, could be statistics, could be…
Maybe it’ll be better for me to stop guessing and wait for a real technician to make statements here
No way, our servers never ping you. But avast is pinging them periodically to find out if they are reachable, unless you specify the “My computer is permanently connected to the Internet” option in the avast settings.
This is interesting. On closer examination of the records of the last avast installation (Win98, Kerio 2.1.5 firewall) all pings (5 occurrences) were initiated from my side and were answered by the same servers avast.setup goes to for updates. Needless to say, I didn’t ellect to ping anyone. It looks as if the ping requests are part of the installation program and they are never repeated again. I confirm Vlk’s statement that I was never pinged by an avast server.
That setting disables the pinging as well. It’s possible that the recorded pings occured before you made this setting. After selecting it, the pinging stopped. Could that be the case?
Yes indeed! As soon as the installation was completed, I ran through the various settings and selected appropriate parameters. The firewall rules were set during installation for kpf and edited later while for Sygate were set later on the basis of one-time permissions and subsequent traffic log readings. In either case, by the next time avast was run the ‘I connect to the internet …’ option was already ticked. It was much later that I noticed the total absence of ICMP traffic in my logs (I block all unnecessary ICMP traffic) and started wondering why.
So the bottomline is that everything I observed is in accordance with what you mentioned. Thanks for your help.