![[Guide Home]](../../resources/misc/oplogo_green.jpg){kind=small}
|
The Web Hikers guide to
|
Home > Rules > Preset Rules > Antiviral
![[Green colours with tiny sized fonts]](../../resources/misc/css_green_small.gif){kind=small}
![[Green colours with medium sized fonts]](../../resources/misc/css_green_regular.gif){kind=small}
![[Green colours with large sized fonts]](../../resources/misc/css_green_large.gif){kind=small}
![[Orange colours with tiny sized fonts]](../../resources/misc/css_orange_small.gif){kind=small}
![[Orange colours with medium sized fonts]](../../resources/misc/css_orange_regular.gif){kind=small}
![[Orange colours with large sized fonts]](../../resources/misc/css_orange_large.gif){kind=small}
![[Blue colours with tiny sized fonts]](../../resources/misc/css_blue_small.gif){kind=small}
![[Blue colours with medium sized fonts]](../../resources/misc/css_blue_regular.gif){kind=small}
![[Blue colours with large sized fonts]](../../resources/misc/css_blue_large.gif){kind=small}
![[Grey colours with tiny sized fonts]](../../resources/misc/css_grey_small.gif){kind=small}
![[Grey colours with medium sized fonts]](../../resources/misc/css_grey_regular.gif){kind=small}
![[Grey colours with large sized fonts]](../../resources/misc/css_grey_large.gif){kind=small}
Antiviral
There are preset rules for the following Antiviral:
KAV Updater
McAfee Update
NOD32 AntiVirus Control Centre
NOD32 AntiVirus Email Scanner
Symantec LiveUpdate
KAV Updater presets
McAfee Update presets
NOD32 AntiVirus Control Centre presets
NOD32 AntiVirus Email Scanner presets
Symantec LiveUpdate presets
Symantec LiveUpdate HTTP
KAV Updater HTTP connection
McAfee Update
Update NOD32 engine and virus definitions
Protocol: TCP
Direction: Outbound
Remote Port(s): HTTP (80), 81-83, HTTPS (443), SOCKS (1080), 3128, 8080, 8088, 11523
Action: Allow It
What it's for
This rule is used by your antivirus program for updating it's engine and downloading new virus definitions. HTTP (Hyper Text Transfer Protocol) is the only port you really need for browsing the Internet, ports 81, 82, 83 are auxiliary web browsing ports and are rarely used. HTTPS (Hyper Text Transfer Protocol over Secure Socket Layer (SSL)) is used when connecting to secure sites. 3128, 8080, and 8088 are common ports that proxy servers use. If your e-mail client needs to use a proxy server for HTTP connections then it will probably be on one of these ports. 11523 is used by AOL's browser.
To optimize
Remove the remote ports: 81, 82, 83 unless you know that you need them. If you don't use a SOCKS proxy server remove SOCKS. If you don't use a remote or local proxy remove 3128, 8080 and 8088. Add an Event for 'Remote Host' and specify the 'Remote Host' as the server your Antivirus program connects to to update. If you don't use AOL's browser remove 11523.
More about HTTP, HTTPS, SOCKS, PROXY
Back to Antiviral
Symantec LiveUpdate FTP
KAV Updater FTP connection
Protocol: TCP
Direction: Outbound
Remote Port(s): FTP (21)
Action: Allow It
What it's for
This rule is used for establishing FTP (File Transfer Protocol) connections to FTP servers to download a file (although file transfer can be done over HTTP using the browser's HTTP rule).
FTP uses two channels to achieve the transfer, there is the control connection (this rule) which is used to send the necessary commands to achieve the transfer and a data channel (see FTP DATA) which is used to actually send the files with. The control connection is established from the client (which would be you) when the client logs into an ftp server, whereas the data channel is usually established by the server to the client after the client connects to the server.
To optimize
Add an Event for 'Remote Host' and specify the 'Remote Host' as the server your Antivirus program connects to to update.
More about FTP
Back to Antiviral
Symantec LiveUpdate FTP DATA
KAV Updater FTP DATA connection
Protocol: TCP
Direction: Inbound
Remote Port(s): FTP DATA (20)
Action: Allow It
What it's for
This rule is used for the actual transfer of files from an FTP (File Transfer Protocol) server (although file transfer can be done over HTTP using the browser's HTTP rule).
FTP uses two channels to achieve the transfer, there is the control connection (see FTP) which is used to send the necessary commands to achieve the transfer and a data channel (this rule) which is used to actually send the files with. The control connection is established from the client (which would be you) when the client logs into an ftp server, whereas the data channel is usually established by the server to the client after the client connects to the server.
To optimize
Add an Event for 'Remote Host' and specify the 'Remote Host' as the server your Antivirus program connects to to update.
More about FTP DATA
Back to Antiviral
Scan incoming mail for viruses
Protocol: TCP
Direction: Outbound
Remote Port(s): POP3 (110)
Action: Allow It
What it's for
This is used by NOD32's Email Scanner when it checks incoming mail for Viruses.
To optimize
Add an Event for 'Remote Host' and specify the 'Remote Host' as your e-mail providers POP server. This is usually pop or pop3.your_provider.com so, for example, if NTLWorld is your e-mail provider you would use pop.ntlworld.com. You can either e-mail your provider for there POP server details or collect an e-mail and check either your Allowed log or the DNS Cache log both of which should give you the IP number or host name of your providers POP server.
More about POP3
Back to Antiviral
Outpost and the Outpost logo are ©Agnitum Software
This is an unofficial guide, the information expressed here may differ from Agnitum's. There is a support forum (no longer run by Agnitum, but by users) if you need more help this is a good place to start. Where information here conflicts with what Agnitum have told you always go with the information given to you by Agnitum.
Guide/site and images ©Stephen Cox