Blocking Not Working !

Mahdi
edited November 2013 in Firewall

Firewall Bitdefender forever disabled ! Why ?


when firewall disabled , maybe hacked !


Why can not bitdefender blocking any program in internet ?


BitDefender has said that while the firewall is enabled , and firewall is ON ! But Not work , As a result, Firewall is Turned Off [Disable]


DO NOT WORK


http://www.uploadtak.com/images/h5241_Bit.jpg


http://www.uploadtak.com/images/h5241_Bit.jpg

Comments

  • Same here. The Bitdefender Total Security 17.19.0.831 firewall is not blocking applications properly on my system. I first noticed this with Desktop Scout 5.21. Even when totally "blocked", Desktop Scout is allowed to connect. I've seen similar behavior with other "blocked" applications.


    No reply from Bitdefender? Disappointing.


    post-159226-1381618046_thumb.jpg


    post-159226-1381618054_thumb.jpg

  • Ekalb
    edited October 2013

    Hello,


    Is it the right process (dtsview) that is blocked?


    Is this not another process that connects to the Internet?

  • It's definitely dtsview.exe that is accessing the LAN even after Deny is set. I do have dtsview.exe set to be excluded from On-access and On-demand scans, but neither the interface nor the help file indicate that this also excludes it from being blocked, even if it is set to Deny.


    If I block uTorrent.exe in the same way, it doesn't make connections to other clients, but it is still able to check for updates.


    Am I just not understanding the unintuitive manner in which BD applies firewall access rules?

  • Ekalb
    edited October 2013

    Mahdi Ghasemi,


    If I try to block access to internet for Firefox, blocking is effective.


    Firefox cannot connect to the Internet.


    The firewall of Bitdefender works perfectly.


    You can try a repair of your Bitdefender.

  • If I try to block access to internet for Firefox, blocking is effective.


    Firefox can not connect to the Internet.


    The firewall of Bitdefender works perfectly.


    You can try a repair of your Bitdefender.


    So, you're saying that since it works for you, it must be perfect, regardless of what others are experiencing. So, all issues that others report are illusory if you are not also experiencing them. Is that a serious statement?


    I just did a fresh install.

  • Ekalb
    edited October 2013

    heterodox, you say that the firewall doesn't work and I say that the firewall works fine.


    Where I wrote that I denied your problem? I gave you the advice to repair Bitdefender.


    How does work the firewall after the new installation?

  • heterodox, what is your system's configuration? What OS and is it 32 or 64 bits? Thanks.

  • It's definitely dtsview.exe that is accessing the LAN even after Deny is set. I do have dtsview.exe set to be excluded from On-access and On-demand scans,


    That is because if you add a file to the excluded process list like that under antivirus it applies a blanket rule across the entire security suite excluding it from firewall rules as well.


    I have experienced this behaviour intentionally when temporarily applying a workaround for an IDS false positive on AMD catalyst service files.

  • That is because if you add a file to the excluded process list like that under antivirus it applies a blanket rule across the entire security suite excluding it from firewall rules as well.


    I have experienced this behaviour intentionally when temporarily applying a workaround for an IDS false positive on AMD catalyst service files.


    Wow, thanks for the heads up on that. Shouldn't that be included in the user manual / help files somewhere? :blink:

  • That is because if you add a file to the excluded process list like that under antivirus it applies a blanket rule across the entire security suite excluding it from firewall rules as well.


    Very interesting information, thank you.

  • antikythera
    edited October 2013

    From the manual's AVC section:


    16.6.4. Managing excluded processes


    You can configure exclusion rules for trusted applications so that Active Virus Control


    does not block them if they perform malware-like actions. Active Virus Control will


    continue to monitor excluded applications. If an excluded application is detected


    to perform suspicious activities, the event will simply be logged and reported to


    Bitdefender Cloud as detection error.


    To manage Active Virus Control process exclusions, follow these steps:


    1. Open the Bitdefender window.


    2. Click the Settings button on the upper toolbar.


    3. In the Settings Overview window, select Antivirus.


    4. In the Antivirus Settings window, select the Exclusions tab.


    5. Click the Excluded processes link. In the window that appears, you can manage


    the Active Virus Control process exclusions.


    Note


    Process exclusions also apply to the Intrusion Detection System included in the


    Bitdefender firewall.

  • From the manual's AVC section:


    Process exclusions also apply to the Intrusion Detection System included in the


    Bitdefender firewall.


    I have read that before. But the IDS is not the same thing as the firewall. I had thought that whether or not an application can connect out is a function of the firewall, not the IDS.


    In any case, the firewall interface should indicate which applications are excluded, and not mark then as denied, since the deny status is not applicable. This is a design shortcoming.

  • Firestart
    edited October 2013

    uncheck ipv6 from your internet adapter properties ..(on older pc issue) ..select ipv6 and uncheck it..see if problem is solved...

  • Hello,


    "What are Microsoft's recommendations about disabling IPv6?


    It is unfortunate that some organizations disable IPv6 on their computers running Windows 7, Windows Vista, Windows Server 2008 R2, or Windows Server 2008, where it is installed and enabled by default. Many disable IPv6-based on the assumption that they are not running any applications or services that use it. Others might disable it because of a misperception that having both IPv4 and IPv6 enabled effectively doubles their DNS and Web traffic. This is not true.


    From Microsoft's perspective, IPv6 is a mandatory part of the Windows operating system and it is enabled and included in standard Windows service and application testing during the operating system development process. Because Windows was designed specifically with IPv6 present, Microsoft does not perform any testing to determine the effects of disabling IPv6. If IPv6 is disabled on Windows 7, Windows Vista, Windows Server 2008 R2, or Windows Server 2008, or later versions, some components will not function. Moreover, applications that you might not think are using IPv6—such as Remote Assistance, HomeGroup, DirectAccess, and Windows Mail—could be.


    Therefore, Microsoft recommends that you leave IPv6 enabled, even if you do not have an IPv6-enabled network, either native or tunneled. By leaving IPv6 enabled, you do not disable IPv6-only applications and services (for example, HomeGroup in Windows 7 and DirectAccess in Windows 7 and Windows Server 2008 R2 are IPv6-only) and your hosts can take advantage of IPv6-enhanced connectivity."


    See: http://technet.microsoft.com/fr-fr/network/cc987595.aspx#

  • heterodox
    edited October 2013
    That is because if you add a file to the excluded process list like that under antivirus it applies a blanket rule across the entire security suite excluding it from firewall rules as well.


    I have experienced this behaviour intentionally when temporarily applying a workaround for an IDS false positive on AMD catalyst service files.


    It took me all this time to realize...


    I do not have dtsview.exe set under "Excluded processes". I have no excluded processes configured at all. I have the full path to dtsview.exe set under "Excluded files and folders".


    The quoted part of the manual (i.e. "Process exclusions also apply to the Intrusion Detection System included in the Bitdefender firewall.") is from the part titled "Managing excluded processes", not excluded files and folders. The part of the manual that discusses excluded files and folders says nothing about the IDS and/or firewall, only the antivirus component.


    post-159226-1381812699_thumb.jpgpost-159226-1381812575_thumb.jpg

  • ipv6 was created because they run out of ipv4 adresses.It's like on mobiles when they run out of combination they add anoher digit.But as far as I know any computer converts those ipv6 adresses into ipv4 when ipv6 is unchecked.U can disable that version of ip with no problems at all.If your internet provider does not support ipv6 your ipv6 checked is in vain.