First our config:
- Windows XP SP3
- KAV 6.0.3.837
- Anti-Hacker enabled
- Firewall enabled in Low Security mode, with the default rules from the Admin Console. Our local LAN subnet listed in the Zones as "Local Network".
When attached to a local network, KAV seems to allow all other hosts on that subnet access to the workstation. Now on our local LAN this isn't surprising as we've defined it in the rules, but if the workstation is moved to a different LAN, I would have expected the default "Internet" settings to take effect and for all inbound connections to be blocked.
This doesn't seem to be the case. Hosts on the same subnet still have access to the workstation, although hosts on any other downstream subnets are blocked as expected. Even if I create a zone for the given subnet and set it to Internet/Stealth mode - local access is still allowed.
Am I doing something wrong here, or is there an implicit rule to trust local subnets that I can't see?