What am I dion wrong?

Hello every one, and hello to the tech people.

I hope you can answer this question. I have a computer with the Avast pro edition on it (evaluation period) and it is hooked up to other computers via ICS. I am trying to get it to stop inbound viruses. I have followed the online instructions as best that I can, yet the program still allows the test files to flow through. Test files are from eicar.org. The computer has XP Pro with SP2 and all updates to this date. It has an athlon CPU 1.4 Ghz. The only programs on the computer is the OS and the Antivirus programs. So can anyone tell me where I went wrong? Or is this a simple problem and I’m just dumber than a sack of hammers? ???

Is the web shield enabled ?
What is the sensitivity setting of Standard Shield ?
Not all files are scanned on creation (download), archive files or files that aren’t an immediate threat, e.g. they aren’t executable, so zips and txt files by default wouldn’t be scanned depending on your settings.

Which eicar test file were you trying, eicar.zip, eicar.com, what ?
avast doesn’t scan https traffic, it is encrypted so it can’t so if you try any of these links it will get through.

If I understand this correctly you are running a machine with just an operating system and antivirus on it. Since you mention ICS I am guessing that machine is basically acting as your hub allowing the sharing of your Internet connection between the other systems.

While I hate to mention the sack of hammers …

Any regular antivirus program scans only the activity that originates on the machine on which it is installed. avast will only scan the browser traffic generated on that machine.

The ICS connections to the other machines are, to the very best of my knowledge, flying under the radar of any antivirus program installed on the main ICS system. So all of the other systems are operating without any antivirus protection.

You would need to install avast on each of the systems to ensure scanning of the activity on each system.

The web shield is enabled and set to to high
The standard shield is on and set to high
I downloaded it and then updated Avast on the thrird of february (This month)
As for the test file, well that would be any and\or all of them. And it stops none of them.

Well that seems a shame, since a tech up town has the exact same set up as mine and his works. but then again he is using of the shelf Norton. I was really hoping to use Avast.

I have no problem with the detection of eicar test virus and never have.

So if you click on this link, Web Shield Test - http://www.eicar.org/download/eicar.com nothing happens ?

See Images, 1) Web Shield enabled on High 2) Web Shield paused, Standard Shield on Normal.

Maybe I’m not being clear. I have no problem detecting eicar test bug on the first computer, what I need is for it to stop it from going to the next computer that does not have a A\V program. Now I know that it can be done I just do not know how to do it. :cry: I have seen it done so I know it can be done. I just need someone to explain to me how.

Thanks for any help :slight_smile:

avast pro is a standalone desktop and not a server AV solution for that you need avast 4 server something more expensive. So you either need avast on each system or the avast 4 server version.

That is not a problem, as long as it works. Is there a trial so that I can make sure before I buy? Again thanks for your time. ;D

http://www.avast.com/eng/avast_4_small_business.html or http://www.avast.com/eng/avast_4_server.html, these however mention use with a server OS.

You might want to email sales@avast.com with your requirements and they would be able to say what you would need. Sorry I can’t be more helpful, I just an avast user.

I doubt that the avast server edition will do what you want at all - so check very carefully before you make any purchase.

To do what you want is more complex than you are thinking - have you not asked the smart tech you know how it is being done? If he tells you it is just ICS and off the shelf Norton on the ICS machine then he is not nearly as smart as you think.

To do what you want to do would require that you to run the central machine as a proxy server into which all the protocol level connections from the other machines would need to run. (In fact this is just what avast does internally on a single machine - avast is the proxy for your POP/SMTP and HTTP accesses). With those protocols running through a single proxy server that is also the network gateway you can get away with running an antivirus product on just the network gateway. This would have nothing to do with using ICS.

There are products out there that would help you do this - here is a link to one:

http://www.entensys.com/products/usergate/antivirus.php

Thanks, I will have to check it out.

Oh yeah, he said that he is going to set up one the same as he has at home, at the store in 2 maybe 3 weeks and let me play around with it. Now I know that I’m as sharp as a bowling ball, but I have been working with and on networks since 95B (boy was that fun >:() and I have never seen anything like what he claims he has done, so, I should be able to see if he is full of sh*t ::slight_smile: or if he really does have some way of doing something that has not been thought of :o. If so, does anyone want me to post it somewhere here?

sure, you can add it to this thread.

Ok, I found out how he did this. If anyone is interested in finding out how it was done then let me know. :stuck_out_tongue:

It will be good, if you can, if you post here 8)