leaky web shield?

Avast Free Antivirus / Premium Security
1

I might be a little parinoid, but this may be a security issue.

I just installed sygate 5.6 and it passed the tests at shields up.

It would seem that the web shield proxy is being used by a couple of applications.

I have IE set to “ask” in sygate. The only time it asks is when the box in windows Internet Options\Connections\Settings\use proxy is unchecked. With the proxy enable, I can surf all over without a single request.

The same applies to ashserv.exe. The updates come through just fine, even with the file set to ask. The only time ashserv asked was when I was testing IE with the web shield proxy unchecked.

I read a few old post(about a year old), that where sort of related to this. But seeing as they where not the exact same thing, I thought they might just confuse the issue.

Now, is this a simple matter of creating rules within sygate so these two applictions don’t use the proxy? Or is it something that I have to live with if I want to use web shield and sygate?

I realize that some will say this is a sygate problem, but it would appear that the webshild proxy is the culprit here.

I know that there are lots of knowledgable people here who have either encountered this or have a solution.

Thanks

2

Sygate Firewall is outdated and not under developement anymore (bought by Symantec). So yeah it’s Sygate fault.

3

This is a fault of Sygate not Web Shield.

Sygate has a known issue (years old) in that it can’t identify traffic using a localhost loopback (proxy). It can only see the web shield proxy and because that has permission anything that uses the proxy slips under Sygate’s radar, a Sygate issue.

  • Web Shield - Disable Transparent Proxy - for Sygate
    How to disable transparent web shield proxy and allow only those browsers you want use it:
    In avast! go to Web Shield provider, Customize…, Basic tab, blank the redirected HTTP port field (remove the 80). Now no browser can use webshield unless you manually configure it to use Web Shield. See avast help file Resident Protection, Web Shield Provider Settings.

Example for IE - dialup users - Tutorial - Web Shield Proxy Set-up for IE (Dial-up)
For IE - broadband users: - Tutorial - Web Shield Proxy Set-up for IE

However as RejZoR said sygate is no longer being developed so it would be worth planning your next option.

4

The problem with Sygate is that it doesn’t block programs from connecting using a transparent local proxy. ZoneAlarm, by example, asks if the browser can connect to the “trusted zone”. So it’s Sygate’s fault. A way to solve this is to take out every port from webshield’s transparent proxy and then configure every browser you want to use to connect using localhost:12080. That’s the way I fixed the problem when i used Sygate, but I’m not using it anymore.

5

Thanks for the replies. I agree, (even last night, just didn’t know how to word it) that the “leak” is in sygate.

DavidR…that option is not availible with win 98se. As for the configuation in the IE options, I had it on the connections/setting/use proxy instead of the advanced tab. Web shield still worked from there. I have it right now. Thanks for the tutorial. Either way IE still used the proxy, as did avast updates.

Sygate is gone now and ZA free installed. It seems to be doing what I want it to do.

In another post, Spiritsong posted a link which lead to link to a great tutorial on configuring ZA. Thanks!