Hello,

I use Kerio Server Firewall, By defualt it drops any connection unless there is a rule specified.

I have never seen it let anything through but today when I installed spybot, I noticed it began downloading updates, and I had not even made a rule in my firewall to allow the updates program. Yet it still updates without me having to make any rule in my firewall.

Why does this happen?

Thanks.

I have also tried to manually deny Spybotsd.exe and sdupdate.exe by making a rule in my firewall, yet it still lets it check for updates, I know this because it says "Now newer updates avaliable"

The only way I am able to stop spybot from checking for updates is to make a rule that denies ANY connections, then it works, but if i make a rule and specify the spybot programs IT STILL CONNECTS.

help please.

Why would you want to block Spybot in the first place?

kidcash:

Go into Spybot > Help > About. What version of Spybot - Search & Destroy are you running?

How long after you initiate the update are you getting the "No newer updates available" message (it's "No" not "Now")?

If you are running Spybot - Search & Destroy 1.5.2.20, the update is done using SDUpdate.exe. The "No newer updates available" should appear in a second or two if you were actually contacting to the update server and there are in fact no updates to download. If it is taking about 30 seconds for the "No newer updates available" message to appear, then the attempt to update is probably timing out without connecting to the update server. Unfortunately Spybot 1.5 no longer returns Socket Error messages when you fail to connect. See:
Improve error message on update connection problems
http://forums.spybot.info/project.php?issueid=180

Thanks for the replies and spelling correction.

Well I do not want to block spybot, I am just trying to block it to test out my firewall. But I dont know where the problem lies.

The problem as I said was spybot was able to update even though I had not made a rule in the firewall to allow it to update.

I have version 1.5.2.20

When I click update, it takes about 8 seconds or so until the "No updates avaliable" message appears, so it is definitely connecting, which it shouldn't as my firewall blocks all apps unless I make a rule.

When I make a rule in my Firewall and chose the Application "SDUpdate.exe", and set it to BLOCK, it still checks for updates, Takes about 10 seconds
When I make a rule in my Firewall and chose the application "SDUpdate.exe" and set it to ALLOW, it checks for updates, Takes about 2 seconds though to say "No new updates"
When I make a rule in my firewall to block ANY APPLICATION, it gives an error when updating.

Cant edit previous post so have to double post.

Actually It always gives the "no update available" I think I have gotten it to work, but am not 100% sure, Thanks.

I think there may have been some sort of conflict with the latest version of Nod32 antivirus and my Kerio server firewall, it seemed after I uninstalled nod32 and restarted these weird things were not happening anymore.

Like I said I am not 100% sure, as the first time when there was updates available it began downloading them without a rule in place in my Firewall.