Results 1 to 8 of 8

Thread: Is there a perfect setup for ZA Pro and Avira's Antivir?

  1. #1
    clayachin Guest

    Default Is there a perfect setup for ZA Pro and Avira's Antivir?

    I have ZA Pro and Avira's Antivir PE Premium installed. My browsers take at least 10-15 seconds to open, and I think it's Avira and ZA Pro "talking" to each other. Avira's guard is scanning the browser exe files and something must be going on between ZA Pro's exe files and Avira, too.

    For the Avira programs in the ZA privacy menu, what should the settings be for trust level, access, and server (both trusted and internet for the last two)?

    Is there any reason that ZA Pro still won't recognize Avira in the anti-virus monitoring menu?

    Finally, some recommend turning off e-mail protection because of Avira's mail guard. However, I sort of like that ZA renames many file attachments. This gives Avira the ability to scan them more thoroughly, if I choose to open the renamed attachments. How much does it slow down matters for both e-mail security programs to be operating simultaneously?

  2. #2
    Join Date
    Dec 2005
    Posts
    9,056

    Default Re: Is there a perfect setup for ZA Pro and Avira's Antivir?

    Part of the slow connecting problem is the router should be set as Trusted in the Zones of the Firewall of the ZA. So should the DNS server(s).

    Try something like this:

    Make sure your DNS and DHCP server IP's are in your Firewall's Trusted zone. Finding DNS and DCHP servers, etc

    1. Go to Run and type in command and hit 'ok', and in the command then type in ipconfig /all then press the enter key. In the returned data list will be a line DNS and DHCP Servers with the IP address(s) listed out to the side. Make sure there is a space between the ipconfig and the /all, and the font is the same (no capitals).
    2. In ZA on your machine on the Firewall, open the Zones tab, click Add and then select IP Address. Make sure the Zone is set to Trusted. Add the DNS IP(s) .
    3. Click OK and Apply. Then do the same for the DHCP server.
    4. The localhost (127.0.0.1) must be listed as Trusted.
    5. The Generic Host Process (svchost.exe) as seen in the Zone Alarm's Program's list must have server rights for the Trusted Zone.
    Plus it must have both Trusted and Internet Access.

    Extra help is found at Guru Hoov site for the DNS/DHCP.

    The second point to be made is either choose the ZA Mail Safe or the AntiVir Mail Guard, but do not use both. Personally I would use the AntiVir mail checker, since it offers a lot more protection. Using both will lead to conflicts between the two applications and will cause issues.

    Back to the setting for the Avira in the ZA Program list. Use three green bars (Super) for all of the AntiVir components. The ones that the ZA asks for will need both Trusted and Internet Access. The rest will need only Trusted access. If the ZA asks for server rights , then only allow the Trusted server, since using Internet server will open ports directly to the internet. Opening ports to the internet does habve risks and it is not needed in any case.

    The ZA AntiVirus monitor is absolutely useless. It will only recognize Symantec and McAfee and one more. Just disable the AV Monitor since the Windows Security Center and the Avira will monitor the AV anyways. The AV monitor is just a sales pitch to buy the ZA AV. Disable this and save some extra CPU.

    Oldsod
    Best regards.
    oldsod

  3. #3
    clayachin Guest

    Default Re: Is there a perfect setup for ZA Pro and Avira's Antivir?

    Before I adjust anything, how will the following affect your recommendations:

    1) I've disabled my DNS service as it interferes with my large HOSTS file. However, I can see my DNS servers using the ipconfig /all command.

    2) The loopback local host address (127.0.0.1) wasn't automatically added to my zones tab and it's also not appearing in my privacy list.
    I seem to remember that my previous install of ZA had the loopback address in there. I'm not sure if it was added during the original setup, though.

  4. #4
    Join Date
    Dec 2005
    Posts
    9,056

    Default Re: Is there a perfect setup for ZA Pro and Avira's Antivir?

    1) I've disabled my DNS service as it interferes with my large HOSTS file. However, I can see my DNS servers using the ipconfig /all command.

    The DNS Client Service is not related to the DNS servers. DNS Client Service when disabled will do at least two things. First it makes windows stop the caching of the dns lookups for 50 or so commonly used site names - no more caching. Second, it will stop the windows to look for a dns server on every bootup and just accept the dns servers as entered in the Network Connections Properties.

    The DNS server(s) IP seen in the ipconfig /all are the domain name servers of your provider. These are always there. They can change their own IP from time to time and this will sooner or later facilitate the need to restart the DNS Client Service for the windows to find the new IP of the DNS servers.


    I do the same also - the desktop behind a router has both the DNS Client and the DHCP Client Services disabled. But the DHCP and the DNS server IP are entered in both the software firewall and the properties of the Network Connections. But I am prepared to occasionally restart these from time to time and re-locate the changed DNS server IP. The designated DNS servers do change their IP from time to time.
    The advantage of disabling these is beneficial- it stops the svchost (generic host process) from travelling the internet, hopefully making things more secure. And it "locks" the dns/dhcp servers, in hopes that malware will not enter instead it's own rogue dns server and make the PC go to strange places.
    Another benefit- once windows stopped doing the dns lookups, it forces the supported internet applications to do their own dns lookups. That gives the extra alerts and logging in the firewall concerning the dns lookups. If a rogue application installed, it will have to first ask for the dns access and the firewall will give an initail alert, before asking for it's usual http access.

    2) The loopback local host address (127.0.0.1) wasn't automatically added to my zones tab and it's also not appearing in my privacy list.
    I seem to remember that my previous install of ZA had the loopback address in there. I'm not sure if it was added during the original setup, though.

    Occasionally the ZA will forget to include the localhost (127.0.0.1) address and it should be manually entered.

    Cheers, Oldsod
    Best regards.
    oldsod

  5. #5
    clayachin Guest

    Default Re: Is there a perfect setup for ZA Pro and Avira's Antivir?

    <blockquote><hr>Oldsod wrote:
    I do the same also - the desktop behind a router has both the DNS Client and the DHCP Client Services disabled.</blockquote>


    Do you recommend closing the DHCP client service, too?


    <blockquote><hr>Oldsod wrote:
    But the DHCP and the DNS server IP are entered in both the software firewall</blockquote>


    Where would that be in Zone Alarm?


    <blockquote><hr>Oldsod wrote:
    But I am prepared to occasionally restart these from time to time and re-locate the changed DNS server IP.</blockquote>

    When restarting, is it advisable to rename your HOSTS file beforehand? Whenever I try to boot with DNS services enabled, everything slows down.
    Should I start the DNS client after booting? Would unplugging the router for 30 seconds with the computer off serve the same purpose in refreshing the DNS server and DHCP server?

  6. #6
    Join Date
    Dec 2005
    Posts
    9,056

    Default Re: Is there a perfect setup for ZA Pro and Avira's Antivir?

    "Do you recommend closing the DHCP client service, too?"

    Yes, but make sure the router is set to assign a peremanent IP to the desktop and it is locked in or is "static", as opposed to having the router assign a different to the desktop on every router stratup or desktop startup (dynamically assigned IP). This also helps the svchost to do a almost zero travelling and prevent it from going internet.

    Open the Properties of the Netwrok Connection or Local Area Connection.
    Select the Internet Protocol TCP/IP
    Select the Properties
    In the General tab, enter the assigned IP and the Gateway IP (router) and the DNS server [unchecking the Obtain an IP automatically, now helps to make it locked and stop the Windows from looking for the dhcp server on every startup],
    Select the Advanced
    In the IP Settings, enter the assigned IP and the Subnet mask 255.255.255.0 and enter the Gateway IP (router) with Automatic Metric
    In the DNS tab, enter the DNS server(s)

    OK and Apply and close the windows and reboot.

    Further advices can be seen here.

    "Where would that be in Zone Alarm?"

    In the Zones tab of the Firewall panel of the Zone Alarm


    {Make sure your DNS and DHCP server IP's are in your Firewall's Trusted zone. Finding DNS and DCHP servers, etc

    1. Go to Run and type in command and hit 'ok', and in the command then type in ipconfig /all then press the enter key. In the returned data list will be a line DNS and DHCP Servers with the IP address(s) listed out to the side. Make sure there is a space between the ipconfig and the /all, and the font is the same (no capitals).
    2. In ZA on your machine on the Firewall, open the Zones tab, click Add and then select IP Address. Make sure the Zone is set to Trusted. Add the DNS IP(s) .
    3. Click OK and Apply. Then do the same for the DHCP server.
    4. The localhost (127.0.0.1) must be listed as Trusted.
    5. The Generic Host Process (svchost.exe) as seen in the Zone Alarm's Program's list must have server rights for the Trusted Zone.
    Plus it must have both Trusted and Internet Access.

    Extra help is found at Guru Hoov site for the DNS/DHCP.}



    "When restarting, is it advisable to rename your HOSTS file beforehand? Whenever I try to boot with DNS services enabled, everything slows down.
    Should I start the DNS client after booting? Would unplugging the router for 30 seconds with the computer off serve the same purpose in refreshing the DNS server and DHCP server?"

    Yes, it better to rename the host file used for blocking and use the original host file before restarting the DNS Client Service.
    Once the DNS Client Service is restarted, it would attempt to cache the entire blocking list and it cannot do this - it is too large for it and the issues happen.
    Originally the host file was designed to be used to enter in the friendly addresses and help speed up the mostly used connections as opposed to being a method to block bad sites. This is why large host files are a problem - it was never designed to be used this way, although it is some what effective for blocking bad sites.

    Copy or rename your host file (used for blocking) and create the original host file.
    Reboot and restart both the DNS Client Service and the DHCP Client, then reboot to allow the svchost find the dns server via the dhcp server.

    In the event a mistake did happen and the dns client was enabled with a large host file, then do this:
    Open the command and type in ipconfig /flushdns and Enter. This will clean out the previous dns caching and windows should be working okay.

    Oldsod
    Best regards.
    oldsod

  7. #7
    clayachin Guest

    Default Re: Is there a perfect setup for ZA Pro and Avira's Antivir?

    Before I start applying all this, the only things I currently see in my Zones tab is the network listing with a generic router address and subnet mask, and the loopback IP address I just added. Should the DNS servers and DHCP servers been added automatically, or is it possible Zone Alarm won't see them because of the router?

  8. #8
    Join Date
    Dec 2005
    Posts
    9,056

    Default Re: Is there a perfect setup for ZA Pro and Avira's Antivir?

    The router is the DHCP server. Usually the DNS server is used from the provider. i suspect this is true in your case. The DHCP services of the gateway or the router is needed for the PC to obtain the DNS server IP and contact the DNS.

    Basically just add the DNS server IP to the Zones of the Firewall fo the Zone Alarm. Some routers will act as a DNS server, but not all.

    If the ipconfig /all showed the DNS server IP as NOT being the same as the DHCP IP, then either the router cannot act as a dns server or this feature is not enabled. In which case just add the DNS Server's IP(s). This adding the DNS server to the Zones does in many ways make the domain name hosts lookups a lot smoother and help with connections.

    Always remember the PC and the router and the provider make a mini network. The PC uses this mini network to get to the internet. The router is always working independant of the PC and the PC really needs the router services to get to the DNS and the internet. And of course use the assigned IP from the router just to talk to the router.

    Oldsod
    Best regards.
    oldsod

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •