eScan Blog
eScan Website
eScan Forum
eScan Feeds From eScan Wiki
| Revision as of 04:11, 9 June 2009 WikiSysop (Talk | contribs) ← Previous diff |
Revision as of 04:24, 9 June 2009 WikiSysop (Talk | contribs) Next diff → |
||
| Line 1: | Line 1: | ||
| - | |||
| <B>Q. How does Limited Filter Mode Firewall in eScan ver.10 works?</B> | <B>Q. How does Limited Filter Mode Firewall in eScan ver.10 works?</B> | ||
| Line 12: | Line 11: | ||
| This approach has been taken, in view of the fact that most users DO NOT really know whether to click on YES or NO for a question from the firewall. And most, simply want to do away with the queries (like the UAC of Vista). | This approach has been taken, in view of the fact that most users DO NOT really know whether to click on YES or NO for a question from the firewall. And most, simply want to do away with the queries (like the UAC of Vista). | ||
| + | |||
| + | You can find the ports or the protocols that are whitelisted / blacklisted under the Expert Rule. While, you can find the Applications that are whitelisted / blcaklisted under the Application Rule. | ||
| + | |||
| + | To remove the cache, you can do the following , | ||
| + | Open the eScan protection center | ||
| + | Click on Firewall | ||
| + | Click on Settings | ||
| + | Click on "Clear Alert Cache". | ||
| + | |||
| <B>Note:-</B> Also, when you switch between the "Limited Filter" and "Interactive Mode" the alert cache is cleared automatically.</I> | <B>Note:-</B> Also, when you switch between the "Limited Filter" and "Interactive Mode" the alert cache is cleared automatically.</I> | ||
Revision as of 04:24, 9 June 2009
Q. How does Limited Filter Mode Firewall in eScan ver.10 works?
A. In the default Limited Filter mode (non-interactive mode), incoming packets from unknown sources (which had no outgoing connection in the first place), are selectively blocked (users are asked for permissions, with default action being blocked).
Also, outgoing connections, are allowed (by default) - unless the program happens to be a suspicious program, detected by the proactive scanner.
Also, any programs that connect to the Internet are MD5'ed and in the event that any changes to it's binaries are detected, a question is prompted up to the user.
However, every connection is logged within eScan databases as well.
This approach has been taken, in view of the fact that most users DO NOT really know whether to click on YES or NO for a question from the firewall. And most, simply want to do away with the queries (like the UAC of Vista).
You can find the ports or the protocols that are whitelisted / blacklisted under the Expert Rule. While, you can find the Applications that are whitelisted / blcaklisted under the Application Rule.
To remove the cache, you can do the following , Open the eScan protection center Click on Firewall Click on Settings Click on "Clear Alert Cache".
Note:- Also, when you switch between the "Limited Filter" and "Interactive Mode" the alert cache is cleared automatically.
