eScan Blog
eScan Website
eScan Forum
eScan Feeds From eScan Wiki
Q. How does Limited Filter Mode Firewall in eScan ver.10 works?
A. In the default Limited Filter mode (non-interactive mode), incoming packets from unknown sources (which had no outgoing connection in the first place), are selectively blocked (users are asked for permissions, with default action being blocked).
Also, outgoing connections, are allowed (by default) - unless the program happens to be a suspicious program, detected by the proactive scanner.
Also, any programs that connect to the Internet are MD5'ed and in the event that any changes to it's binaries are detected, a question is prompted up to the user.
However, every connection is logged within eScan databases as well.
This approach has been taken, in view of the fact that most users DO NOT really know whether to click on YES or NO for a question from the firewall. And most, simply want to do away with the queries (like the UAC of Vista).
You can find the ports or the protocols that are whitelisted / blacklisted under the Expert Rule. While, you can find the Applications that are whitelisted / blcaklisted under the Application Rule.
To remove the cache, you can do the following , Open the eScan protection center Click on Firewall Click on Settings Click on "Clear Alert Cache".
Note:- Also, when you switch between the "Limited Filter" and "Interactive Mode" the alert cache is cleared automatically.
Email us your feedback to solutions@mwti.net
