thinking of dropping NOD32

>
>Do you see ekrn.exe in running tasks/processes? That is the proxy and if you
>are running Nod32, version 3.x then you are using the proxy.

Sir,
I went and saw that ekrn.exe is running in the tasks list.
Admittedly, I know very little about such stuff. Is running through a
proxy good or bad and what are the advantages/disadvantages of doing
so?

Thanks,
Anthony
 >> Stay informed about: thinking of dropping NOD32 

Slarty <plink.1.RoyTubb RemoveThis @spamgourmet.com> wrote in
news:pfrkziioslnp$.16e97v1sx8zkp.dlg@40tude.net:

> On Sat, 26 Jan 2008 05:34:49 -0700, Sir_George wrote:
>
>> You may use another proxy on your system, but it is independent of
>> the above and that's the setting you have selected in the "Advanced
>> Mode".
>>
>> To my knowledge, you can not run Nod32, version 3.x without their
>> proxy.
>
> I use no proxy here, and I see no evidence on my system of NOD32 using
> one.


To see evidence of it, you will need to use something like TCPView:

http://technet.microsoft.com/en-us/sysinternals/bb897437.aspx

Use it to watch the running processes that open ports on your machine. Any
time you open up ports for http, pop or smtp traffic, you will see double
connections opening up. One is from the original application (IE, OE,
Firefox, etc) using the loopback address (127.0.0.1) and the other is for
ekrn.exe with the actual local and remote IP addresses. NOD32 v3 uses
ekrn.exe as a proxy server to filter http and email traffic.

This has nothing to do with the proxy server settings that some have found
in NOD32's configuration settings. Those settings are in case your system
already uses another proxy server to access the net.

As far as my own $0.02 worth, any uproar over using this particular method
of filtering traffic over some other, is pretty pointless. Whether they use
a proxy server set up to intercept the traffic for filtering, or patch into
the traffic at a different layer/place for filtering, is inconsequential.
The only things that are important are the effectiveness of the filtering
and how small an impact there is on the rest of the system.



--
Rick Simon rsimon RemoveThis @cris.com

Include "spam(trap)key" somewhere in the
body of any email to avoid spam filters.
 >> Stay informed about: thinking of dropping NOD32 

Anthony Ferrante wrote:
>> Do you see ekrn.exe in running tasks/processes? That is the proxy
>> and if you are running Nod32, version 3.x then you are using the
>> proxy.
>
> Sir,
> I went and saw that ekrn.exe is running in the tasks list.
> Admittedly, I know very little about such stuff. Is running through a
> proxy good or bad and what are the advantages/disadvantages of doing
> so?
>
> Thanks,
> Anthony

The issue isn't so much a matter of "good or bad", but different.

The main aims are; continous, non-blocking downloads and smooth scanning of
dynamic and password protected HTTP traffic.

Many anti-virus programs now include a "proxy mail servier" which inserts
itself between your email program and mail server and pretends to be a mail
server. Instead of your mail program talking directly to the mail server, it
talks to your anti-virus program and the anti-virus program acts as a middle
man.

The most common problem is when (for whatever reason) the anti-virus proxy
server fails to respond to a request. Depending on the anti-virus program
being used, this could cause error messages such as "the server 127.0.0.1
could not be found" or "the server is not responding".

It appears that most/all anti-virus programs will be using a proxy at
sometime in the future.

For more information on Nod32's proxy server and reaction to it, see the
following;

http://www.wilderssecurity.com/showthread.php?t=192305

I am not an expert on the subject, so I am open to any corrections regarding
the above.

--
Sir_George
 >> Stay informed about: thinking of dropping NOD32 

On Sun, 27 Jan 2008 06:27:27 -0700, "Sir_George"
<Sir_George-newsgrp-cis DeleteThis @spamex.com> wrote:

>Anthony Ferrante wrote:
>>> Do you see ekrn.exe in running tasks/processes? That is the proxy
>>> and if you are running Nod32, version 3.x then you are using the
>>> proxy.
>>
>> Sir,
>> I went and saw that ekrn.exe is running in the tasks list.
>> Admittedly, I know very little about such stuff. Is running through a
>> proxy good or bad and what are the advantages/disadvantages of doing
>> so?
>>
>> Thanks,
>> Anthony
>
>The issue isn't so much a matter of "good or bad", but different.
>
>The main aims are; continous, non-blocking downloads and smooth scanning of
>dynamic and password protected HTTP traffic.
>
>Many anti-virus programs now include a "proxy mail servier" which inserts
>itself between your email program and mail server and pretends to be a mail
>server. Instead of your mail program talking directly to the mail server, it
>talks to your anti-virus program and the anti-virus program acts as a middle
>man.
>
>The most common problem is when (for whatever reason) the anti-virus proxy
>server fails to respond to a request. Depending on the anti-virus program
>being used, this could cause error messages such as "the server 127.0.0.1
>could not be found" or "the server is not responding".
>
>It appears that most/all anti-virus programs will be using a proxy at
>sometime in the future.
>
>For more information on Nod32's proxy server and reaction to it, see the
>following;
>
>http://www.wilderssecurity.com/showthread.php?t=192305
>
>I am not an expert on the subject, so I am open to any corrections regarding
>the above.

Thanks, Sir George, for the detailed explanation.

Anthony
 >> Stay informed about: thinking of dropping NOD32