Destarah 6 Posted March 22, 2015 Share Posted March 22, 2015 I installed ESS 8 the other day and left all the settings at the defaults. Things seem to be working fine regarding the firewall (all of my LAN functions were carrying on without interruption), but today I tried to play a LAN multiplayer game of Age of Mythology (ancient, but still good fun). Apparently a rule wasn't automatically created because the hosted game did not show up on the client computer. After manually creating a rule for the .exe of the game, it works fine ... what triggers the Automatic mode to create an allow rule for a game? Just want to figure out why this didn't work ... Thanks Link to comment Share on other sites More sharing options...
LaiLai 8 Posted March 24, 2015 Share Posted March 24, 2015 (edited) You can learn more about firewall modes here: hxxp://kb.eset.com/esetkb/index?page=content&id=SOLN3190 So if you want the firewall to learn rules automaticaly, set it to Learning mode. To get popups about new connections so you can choose to allow or deny the communication (permanently or temporary), set it to Interactive mode. *cheers* Edited March 24, 2015 by LaiLai Link to comment Share on other sites More sharing options...
rugk 397 Posted March 25, 2015 Share Posted March 25, 2015 In automatic mode this communication should always work. Link to comment Share on other sites More sharing options...
LaiLai 8 Posted March 25, 2015 Share Posted March 25, 2015 I have understood it so that the computer with ESS was hosting the game. Therefor a rule allowing incomming connection needed to be created so that the client could connect to the hosted game. It would be an interesting information to know if automatic mode allows incomming connections when some application just listens on some port. Link to comment Share on other sites More sharing options...
yongsua 16 Posted March 26, 2015 Share Posted March 26, 2015 I have understood it so that the computer with ESS was hosting the game. Therefor a rule allowing incomming connection needed to be created so that the client could connect to the hosted game. It would be an interesting information to know if automatic mode allows incomming connections when some application just listens on some port. The automatic mode should block every incoming connection unless it is allowed under pre-defined rules by default. However, I have no idea with the outbound connection when the firewall is set to Auto mode. Is the firewall going to allow every outbound connection regardless what application is attempting to connect to the Internet? Does the firewall block any outbound connection in case it is a suspicious or malicious one? Link to comment Share on other sites More sharing options...
rugk 397 Posted March 26, 2015 Share Posted March 26, 2015 Yes of course if the computer is hosting a game and needs a incoming connection then some firewall rules may be have to created. If the game uses only outbound connection (so it uses a server) then this is of course not the case. So with the learning mode you could solve the problem. But of course you also have to configure your router (if you have one) to allow this communication too. Link to comment Share on other sites More sharing options...
LaiLai 8 Posted March 26, 2015 Share Posted March 26, 2015 (edited) @rugk: If the client is outside LAN then router should be configured too, but that is not the case here (it is still a good info for others) @yongsua: I can only guess here. Outbound connection is allowed for every application. Malicious or suspicious files should be catched by realtime protection and other mechanics before they even get the chance to communicate outside. Botnet traffic should be blocked by Botnet protection and malformed packets or other corrupted traffic should be filtered by IDS no matter the direction. Do you have anything specific in mind? Edited March 26, 2015 by LaiLai Link to comment Share on other sites More sharing options...
rugk 397 Posted March 28, 2015 Share Posted March 28, 2015 @LaiLai Okay, LAN party. I understand. (Ahh... I just read the first post of the TS again. Yeah he mentioned there that it was a LAN game, so sorry, I didn't read the post before it again...) About your guess I would think you're quite correct. But of course I don't know it for sure. Link to comment Share on other sites More sharing options...
LaiLai 8 Posted March 28, 2015 Share Posted March 28, 2015 (edited) @rugk: It would be awesome when someone from ESET could clarify/explain this in more detail. I'm very interested in this topic and the information could be valuable for others too (at least I think so) Edited March 28, 2015 by LaiLai Link to comment Share on other sites More sharing options...
Destarah 6 Posted March 29, 2015 Author Share Posted March 29, 2015 The part that confuses me is that in a LAN that has been configured as Home/Work (in other words trusted), incoming connection attempts from other devices in the LAN should already be set up to allow. This is referring to the computer hosting, but in the same line of thought with a system hosting the game on a LAN that host should be broadcasting the available game ... so the outbound connection should actually be what the client systems see. Just seems bizarre that I needed to add the game's .EXE file to a new firewall rule in a trusted LAN environment. Keep the ideas coming, and anyone from ESET available to shed light? Link to comment Share on other sites More sharing options...
rugk 397 Posted March 29, 2015 Share Posted March 29, 2015 AFAIK in a home/work network ESS allows incoming connections (from the trusted zone alias all local IPs). But this is only done for some known system services (like RDP and so on), because only for these are pre-defined rules created. (You can also find these rules in the rules and zones editor) Some of these can also be configured in the IDS settings. (like this e.g.) Link to comment Share on other sites More sharing options...
Recommended Posts