Jump to content

Recommended Posts

I installed ESS 8 the other day and left all the settings at the defaults. Things seem to be working fine regarding the firewall (all of my LAN functions were carrying on without interruption), but today I tried to play a LAN multiplayer game of Age of Mythology (ancient, but still good fun). Apparently a rule wasn't automatically created because the hosted game did not show up on the client computer. After manually creating a rule for the .exe of the game, it works fine ... what triggers the Automatic mode to create an allow rule for a game?

Just want to figure out why this didn't work ... Thanks

Link to comment
Share on other sites

You can learn more about firewall modes here: hxxp://kb.eset.com/esetkb/index?page=content&id=SOLN3190

So if you want the firewall to learn rules automaticaly, set it to Learning mode. To get popups about new connections so you can choose to allow or deny the communication (permanently or temporary), set it to Interactive mode.

*cheers* :)

Edited by LaiLai
Link to comment
Share on other sites

I have understood it so that the computer with ESS was hosting the game. Therefor a rule allowing incomming connection needed to be created so that the client could connect to the hosted game.

It would be an interesting information to know if automatic mode allows incomming connections when some application just listens on some port.

Link to comment
Share on other sites

I have understood it so that the computer with ESS was hosting the game. Therefor a rule allowing incomming connection needed to be created so that the client could connect to the hosted game.

It would be an interesting information to know if automatic mode allows incomming connections when some application just listens on some port.

The automatic mode should block every incoming connection unless it is allowed under pre-defined rules by default. However, I have no idea with the outbound connection when the firewall is set to Auto mode. Is the firewall going to allow every outbound connection regardless what application is attempting to connect to the Internet? Does the firewall block any outbound connection in case it is a suspicious or malicious one?

Link to comment
Share on other sites

Yes of course if the computer is hosting a game and needs a incoming connection then some firewall rules may be have to created. If the game uses only outbound connection (so it uses a server) then this is of course not the case.

So with the learning mode you could solve the problem. But of course you also have to configure your router (if you have one) to allow this communication too.

Link to comment
Share on other sites

@rugk: If the client is outside LAN then router should be configured too, but that is not the case here :) (it is still a good info for others)

@yongsua: I can only guess here. Outbound connection is allowed for every application. Malicious or suspicious files should be catched by realtime protection and other mechanics before they even get the chance to communicate outside. Botnet traffic should be blocked by Botnet protection and malformed packets or other corrupted traffic should be filtered by IDS no matter the direction. Do you have anything specific in mind?

Edited by LaiLai
Link to comment
Share on other sites

@LaiLai

Okay, LAN party. I understand. :D

(Ahh... I just read the first post of the TS again. Yeah he mentioned there that it was a LAN game, so sorry, I didn't read the post before it again...)

 

About your guess I would think you're quite correct. But of course I don't know it for sure.

Link to comment
Share on other sites

@rugk: It would be awesome when someone from ESET could clarify/explain this in more detail. I'm very interested in this topic and the information could be valuable for others too (at least I think so) :)

Edited by LaiLai
Link to comment
Share on other sites

The part that confuses me is that in a LAN that has been configured as Home/Work (in other words trusted), incoming connection attempts from other devices in the LAN should already be set up to allow. This is referring to the computer hosting, but in the same line of thought with a system hosting the game on a LAN that host should be broadcasting the available game ... so the outbound connection should actually be what the client systems see.

Just seems bizarre that I needed to add the game's .EXE file to a new firewall rule in a trusted LAN environment.

Keep the ideas coming, and anyone from ESET available to shed light?

Link to comment
Share on other sites

AFAIK in a home/work network ESS allows incoming connections (from the trusted zone alias all local IPs). But this is only done for some known system services (like RDP and so on), because only for these are pre-defined rules created. (You can also find these rules in the rules and zones editor)

Some of these can also be configured in the IDS settings. (like this e.g.)

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...