Hello,

Agnitum have released Outpost Pro 4.0.971.7030 (584). Details available at the Agnitum Website (http://www.agnitum.com/products/outpost/index.php).

Richie

Cool, hopefully they have ironed out a few of the bugs that annoy me.

Memory 19,948

This version looks like a keeper. The previous one had some annoying quirks. I'm using with latest beta (595) of System Safety Monitor, with Outpost's Component Control level set to low, excluding SysSafe.exe and Nod32 processes from Anti-Leak Control and there are no compatibility issues to note. As for memory use, who cares? Stability is far more important than that.

-{ Quote: "As for memory use, who cares?" }-

Does that mean it requires more compared to previous versions?

Havent tried outpost since 3.0.

-{ Quote: "Does that mean it requires more compared to previous versions?

Havent tried outpost since 3.0." }-

It has varied from ~3100kB to ~18000kB. If you open/close the interface from the Task bar, memory will be released. Too much emphasis is placed on memory use. Let's say you are running 512,000 kB memory (probably low by today's standards) and an application is using 30,000 kB. That's not even 6% of the total physical memory. Yet people will point out that firewall X uses only 10,000kB memory as compared to 20,000 kB memory for firewall Y. So what? Stability of the application is far more important than how much memory it uses, especially if mem use is around 20,000 to 30,000 kB typically.

I agree stability of the application is far more important, but to some people it is very important. That is why I posted my memory reading for outpost.exe .

-{ Quote: "I agree stability of the application is far more important, but to some people it is very important. That is why I posted my memory reading for outpost.exe ." }-

Nothing wrong with that. It is just perplexing to sometimes see references made to memory use of an app as if it is the ultimate parameter by which to rate how good it is.

Yeah outpost 4 memory usage varies quite a lot i have found. If i turn off a few features it can drop as low as 3-6mb's. Normally tho i find it anywhere from around 15-30mb's.

-{ Quote: "Yeah outpost 4 memory usage varies quite a lot i have found. If i turn off a few features it can drop as low as 3-6mb's. Normally tho i find it anywhere from around 15-30mb's." }-


I tried Outpost 4 last week. Liked it very much, but it has serious issues with Spy Sweeper. System froze up several times, got a few BSODs, ugh. Had to go (since I just bought NOD32 and re-upped my SpySw deal for two more years for the price of one).

Now I'm back to Sunbelt Kerio 4.3, which is stable as a rock, but if you want to talk about memory usage... !! The three processes running Kerio are currently eating up -- are you sitting down?? -- 31, 32, and 49 megs of RAM !!

When the system first starts up, they run about 2, 3, and 8. But when I open my Thunderbird and Firefox browsers (FF currently has 19 tabs open) the Kerio modules go through the roof.

Am I reading this right, or is there something else going on here?

Sam


//

-{ Quote: "Now I'm back to Sunbelt Kerio 4.3, which is stable as a rock, but if you want to talk about memory usage... !! The three processes running Kerio are currently eating up -- are you sitting down?? -- 31, 32, and 49 megs of RAM !!

//" }-

Well, that is alot! In cases like this where a program is using way more than typical (15-35 MB) then I agree it is cause for concern. You may want to try this latest 4.0 release of Outpost. I find it a huge improvement over the first 4.0 release.

-{ Quote: "Well, that is alot! In cases like this where a program is using way more than typical (15-35 MB) then I agree it is cause for concern. You may want to try this latest 4.0 release of Outpost. I find it a huge improvement over the first 4.0 release." }-


I tried the version that was available ~30 days ago. Unless they have made a significant change in its compatibility with Spy Sweeper, it will not work on my machine -- at least not without freezing on a regular basis and invoking the BSOD.

Do you know if the latest Outpost has ironed out those incompats??

SS


//

-{ Quote: "Do you know if the latest Outpost has ironed out those incompats??

SS


//" }-

According to this http://www.agnitum.com/products/outpost/history.php they have ironed out the Spysweeper issues. However, there really is no way of knowing for sure unless you try it. In the Agnitum forum someone complained that the McAfee issue has not been resolved, even though Agnitum claims it to be. It kind of looks like a crap shoot, unfortunately.

-{ Quote: "According to this http://www.agnitum.com/products/outpost/history.php they have ironed out the Spysweeper issues. However, there really is no way of knowing for sure unless you try it. In the Agnitum forum someone complained that the McAfee issue has not been resolved, even though Agnitum claims it to be. It kind of looks like a crap shoot, unfortunately." }-


Well, that sounds good!! I really liked Outpost but when the freezes started, and then the BSODs... I became impatient.

Another resolution may be in shutting down one or more of SpySwpr's shields; I've read somewhere that someone tried that with success.

SS


//

i dont get the fact that on the US agnitum site they have the 4.0 version but the UK site still has the 3.5 version?
lodore

-{ Quote: "I tried Outpost 4 last week. Liked it very much, but it has serious issues with Spy Sweeper. System froze up several times, got a few BSODs, ugh. Had to go (since I just bought NOD32 and re-upped my SpySw deal for two more years for the price of one).

Now I'm back to Sunbelt Kerio 4.3, which is stable as a rock, but if you want to talk about memory usage... !! The three processes running Kerio are currently eating up -- are you sitting down?? -- 31, 32, and 49 megs of RAM !!

When the system first starts up, they run about 2, 3, and 8. But when I open my Thunderbird and Firefox browsers (FF currently has 19 tabs open) the Kerio modules go through the roof.

Am I reading this right, or is there something else going on here?

Sam


//" }-
Yeah i found that outpost 4 combined with spysweeper did cause a few problems for me as well. I removed spysweeper and now use CA antispyware 9 alongside nod32 and outpost 4 with no problems.

I guess with 19 tabs open alongside everything else you are gonna have to expect that kind of resource usage. If you have plenty of ram i wouldn't worry about it however if not then i suggest you do not have so many tabs open at any one time.

Well i'm very pleases with this latest release from agnitum. They seem to have fixed a few of the problems so i'm actually able to use it again. I haven't tried this latest version alongside spysweeper yet to see if some of the issues have been resolved. But so far this does look like a keeper.

-{ Quote: "... they have ironed out the Spysweeper issues. However, there really is no way of knowing for sure unless you try it. In the Agnitum forum someone complained " }-

Is their forum up and running ? I get an error when trying to access outpostfirewall.com

-{ Quote: "Is their forum up and running ? I get an error when trying to access outpostfirewall.com" }-

The site's been down since a few hours ago. Something's afoot :-\

This new version still reports on first installation, that Webroot Spy Sweeper installed on my machine could cause stabilty issues if not added to Outpost Special Exceptions rules, It says on the website that they have fixed this up! Then why does it still report this on first installation????

-{ Quote: "This new version still reports on first installation, that Webroot Spy Sweeper installed on my machine could cause stabilty issues if not added to Outpost Special Exceptions rules, It says on the website that they have fixed this up! Then why does it still report this on first installation????" }-

That is just to allow Spysweeper to "modify" system memory. The stability issues with the previous OP release were caused, I believe, by other factors.

-{ Quote: "This new version still reports on first installation, that Webroot Spy Sweeper installed on my machine could cause stabilty issues if not added to Outpost Special Exceptions rules, It says on the website that they have fixed this up! Then why does it still report this on first installation????" }-

Outpost tries to fix the stability issue with Spy Sweeper by adding Spy Sweeper to the Outpost exclusion list. This is one of the steps to fix the issue.

Try is the word! I spoke with Outpost Live Chat Technical Help,and a Person called Angelina, said THe problem had been fixed, but adding programs to Outpost Exclusions List is nessecery due to the Outpost Architecture. Wouldnt you think though, If it had really been fixed, it would no longer be required to add programs to the exclusions list? Makes more sense than saying its because of the architechture of Outpost :-\

-{ Quote: "Try is the word! I spoke with Outpost Live Chat Technical Help,and a Person called Angelina, said THe problem had been fixed, but adding programs to Outpost Exclusions List is nessecery due to the Outpost Architecture. Wouldnt you think though, If it had really been fixed, it would no longer be required to add programs to the exclusions list? Makes more sense than saying its because of the architechture of Outpost :-\" }-



Yes, indeed, one would think if a product advertises a "fix" it would, in fact, fix something!! :-)

That rant aside, at least the new Outpost gives you a work-around.

"Baby Steps" -- a la, "What About Bob" -- Bill Murray.



//

Before I go back to give the new 4.0.971.7030 (584) a spin, I'm now putting Jetico 1.0.61 through its paces.

So far, so good. It had pretty much the best results at leak test site: (http://www.firewallleaktester.com/tests.php)

seems there is no fix for that Vulnerability/Bug published by Matousec in this version ... :(

-{ Quote: "
So far, so good. It had pretty much the best results at leak test site: (http://www.firewallleaktester.com/tests.php)" }-

Outpost 4.0 will beat jetico in leak tests.

As for the Spysweeper issue, I don't know if it has been resolved, but it is Outpost's security architecture Anti-Leak that prevents malicious activity by suspicious applications. It is simply doing its job. When a known safe application requires certain system privileges guarded by Outpost's Anti-Leak option, you just have to exclude the application from those areas. An example screenshot is provided showing SysSafe.exe (System Safety Monitor) allowed DNS API requets and Process memory injection. So whatever it is that Spysweeper needs exclusion from, it is simply necessary to choose "Allow" for those parameters. If there are still stability issues between Spysweeper and Outpost after all necessary exclusions are made, then something has to be fixed in either Outpost or Spysweeper, or possibly both. BTW, for "Use Global" I have "Prompt" for everything.

-{ Quote: "Outpost 4.0 will beat jetico in leak tests" }-The firewalker tests put Jetico right up there, evening besting Outpost 4 in many or most tests. KIS was a bit stronger in some instances. But overall it looks like Jetico was best.

I would *expect* Outpost to do better than these tests indicate, so maybe it's a case of which settings these apps were running. Without knowing this, such tests are almost meaningless.

-{ Quote: "

As for the Spysweeper issue, I don't know if it has been resolved, but it is Outpost's security architecture Anti-Leak that prevents malicious activity by suspicious applications. It is simply doing its job. When a known safe application requires certain system privileges guarded by Outpost's Anti-Leak option, you just have to exclude the application from those areas. An example screenshot is provided showing SysSafe.exe (System Safety Monitor) allowed DNS API requets and Process memory injection. So whatever it is that Spysweeper needs exclusion from, it is simply necessary to choose "Allow" for those parameters. If there are still stability issues between Spysweeper and Outpost after all necessary exclusions are made, then something has to be fixed in either Outpost or Spysweeper, or possibly both. BTW, for "Use Global" I have "Prompt" for everything." }-


If these adjustments within Outpost will effectively avoid any conflicts with Spy Sweeper, then it is a powerful argument to give Outpost another look. I liked it a lot when I used it last month, but one BSOD is too much for me -- I'm not as young as I used to be!! :)

I may have to re-evaluate the value of Spy Sweeper, now that I've gone to NOD32 as my av and since I've recently learned more about security layering. Problem is I just re-upped on my SpySweeper for two years (at 30 bucks), so I'm not excited about ditching it.

Outpost ver 3.5 was tested at that time. The latest ver 4.0 passes all the leaktests. It was also Jetico ver 1.0 tested. I'm not sure how much better, if at all, the latest beta 2.0 is.

The first ver of Outpost 4.0 was pretty unstable, Iwill admit. I didn't like it even though it ran okay for me, but it did exhibit some minor nuisances, especially the missing taskbar icon and some general lagging issues. I tried Comodo, liked it alot, tried Kerio 2.1.5, liked it alot, then tried the latest Outpost 4.0 release and found it to be excellent. Since I have a license, I went with it and so far very pleased with it.

Whether or not it will work for you can only be determined by trying it. Hopefully it will work for you if you do decide to give it another whirl. It is a very powerful security app and quite user-friendly if you set it up accordingly.

-{ Quote: "Outpost ver 3.5 was tested at that time. The latest ver 4.0 passes all the leaktests. It was also Jetico ver 1.0 tested. I'm not sure how much better, if at all, the latest beta 2.0 is.

The first ver of Outpost 4.0 was pretty unstable, Iwill admit. I didn't like it even though it ran okay for me, but it did exhibit some minor nuisances, especially the missing taskbar icon and some general lagging issues. I tried Comodo, liked it alot, tried Kerio 2.1.5, liked it alot, then tried the latest Outpost 4.0 release and found it to be excellent. Since I have a license, I went with it and so far very pleased with it.

Whether or not it will work for you can only be determined by trying it. Hopefully it will work for you if you do decide to give it another whirl. It is a very powerful security app and quite user-friendly if you set it up accordingly." }-


Yeah, I'd like to see some tests with up-to-date versions of Outpost and Jetico. I'm running Jetico 1.0, to get an idea of how to use a heavy rules-based fire wall (I'm a newbie at it); before I jump into the beta 2.0.

Do such up to-date-tests exist?

-{ Quote: "
Do such up to-date-tests exist?" }-

AFAIK, not yet, but some, myself included, have run the available leaktets on Outpost 4.0 and it did pass them all.

-{ Quote: "AFAIK, not yet, but some, myself included, have run the available leaktets on Outpost 4.0 and it did pass them all." }-

CPR, I know this is a bit OT, but you mentioned you tried (and liked) Kerio 2.1.5. Have you also tried Jetico? If so, how do they compare??

I know they are both more simplified, "light", rules-based firewall apps -- as compared with today's more bloated and multi-faceted "firewall suites". As far as being able to set up strict rules that don't require a PhD in programming to write, do either of these qualify, in your opinion??

-{ Quote: "Outpost ver 3.5 was tested at that time. The latest ver 4.0 passes all the leaktests. It was also Jetico ver 1.0 tested. I'm not sure how much better, if at all, the latest beta 2.0 is.

Good questions. I wonder if there are any later tests that would show the improvements, if any :), that Outpost has made.

I'm running Jetico 1.0, so any news on the 2.0 would be of interest as well.


The first ver of Outpost 4.0 was pretty unstable, Iwill admit. I didn't like it even though it ran okay for me, but it did exhibit some minor nuisances, especially the missing taskbar icon and some general lagging issues. I tried Comodo, liked it alot, tried Kerio 2.1.5, liked it alot, then tried the latest Outpost 4.0 release and found it to be excellent. Since I have a license, I went with it and so far very pleased with it.

Have you also used Jetico? I'd be interested to hear how Kerio 2.1.5 compares with Jetico 1.0. I've used Kerio 4.3 and like its interface and features but it seems to be a little weak in terms of leaktesting and also security -- can be disabled.

Whether or not it will work for you can only be determined by trying it. Hopefully it will work for you if you do decide to give it another whirl. It is a very powerful security app and quite user-friendly if you set it up accordingly." }-


You're right -- the proof is in the pudding! Guess I'll have to saddle up the new version of Outpost to see if they've cleared up the conflicts with Spy Sweeper. But first I want to have a longer look at this Jetico 1.0 I just installed last night. It derseves more than one day at the beach.

-{ Quote: "CPR, I know this is a bit OT, but you mentioned you tried (and liked) Kerio 2.1.5. Have you also tried Jetico? If so, how do they compare??

I know they are both more simplified, "light", rules-based firewall apps -- as compared with today's more bloated and multi-faceted "firewall suites". As far as being able to set up strict rules that don't require a PhD in programming to write, do either of these qualify, in your opinion??" }-

Kerio 2.1.5 is an excellent little rules based firewall. Very light, very configurable for controlling application traffic and not too difficult to use. If you are comfortable using/learning a HIPS, I would recommend partnering one with Kerio to bolster defenses. With those two and a good antivirus app, you will have a very powerful security setup, provided you configure everything properly.

I briefly tried only Jetico 1.0. Similar to Kerio but it offers better overall security, lots of pop-ups and a little more difficult to figure out. I don't reemember too much else about it because I didn't keep it very long. As much as I like pop-ups, even Jetico's were a little overbearing for my liking. Still, you might want to try it out and post questions in this forum if you have any. There are a couple members, at least, who are highly skilled at configuring Jetico and would likely help you out.

-{ Quote: "Kerio 2.1.5 is an excellent little rules based firewall. Very light, very configurable for controlling application traffic and not too difficult to use. If you are comfortable using/learning a HIPS, I would recommend partnering one with Kerio to bolster defenses. With those two and a good antivirus app, you will have a very powerful security setup, provided you configure everything properly.

I briefly tried only Jetico 1.0. Similar to Kerio but it offers better overall security, lots of pop-ups and a little more difficult to figure out. I don't reemember too much else about it because I didn't keep it very long. As much as I like pop-ups, even Jetico's were a little overbearing for my liking. Still, you might want to try it out and post questions in this forum if you have any. There are a couple members, at least, who are highly skilled at configuring Jetico and would likely help you out." }-

So you think Jetico offers better security than Kerio 2.1.5? After what you said above about Kerio, that would make Jetico that much better!

Btw, as I've been using Jetico this past 24 hours, indeed there pop-ups -- but I see them as a normal part of the learning curve. Even Zone Alarm puts you through that. KIS, too. Most firewalls, as far as I know have a learning curve.

What I've noticed on Jetico is that when it gives me a pop-up there is often a choice to put the program/app in question into the "trusted" zone. Aftter doing that, the pop-ups diminish substantially. Do you think it's wise to put an app, like NOD32 for example, into the trusted zone?? I can't think of any reason why not. If one knows the app and what the pop-up is asking, then I see no reason why trusted apps cannot go into the trusted zone. Am I missing something??

-{ Quote: "
What I've noticed on Jetico is that when it gives me a pop-up there is often a choice to put the program/app in question into the "trusted" zone. Aftter doing that, the pop-ups diminish substantially. Do you think it's wise to put an app, like NOD32 for example, into the trusted zone?? I can't think of any reason why not. If one knows the app and what the pop-up is asking, then I see no reason why trusted apps cannot go into the trusted zone. Am I missing something??" }-

It's not something I would do, but it depends on how securely you want to control your applications. I don't know what Jetico's trusted zone entails, but it likely means any local ports and any remote ports and hosts.

In my case I have nod32krn.exe allowed to connect out to port 80, TCP, local port range 1024-5000, and also out to port 53, UDP, remote ip my router's lan ip (for dns querries), local port range 1024-5000. I could have made it more restrictive than that even, tying it down to my local NIC's ip and also restricting the http connection to Eset's update server ip's, but I just didn't bother.

For Ad Muncher alone I have 12 different rules for it, so I'm probably in the fairly paranoid group when it comes to configuring firewall rules.

Again, I really can't help you with Jetico configurations because of my lack of knowledge and experience with it.

-{ Quote: "It's not something I would do, but it depends on how securely you want to control your applications. I don't know what Jetico's trusted zone entails, but it likely means any local ports and any remote ports and hosts.

In my case I have nod32krn.exe allowed to connect out to port 80, TCP, local port range 1024-5000, and also out to port 53, UDP, remote ip my router's lan ip (for dns querries), local port range 1024-5000. I could have made it more restrictive than that even, tying it down to my local NIC's ip and also restricting the http connection to Eset's update server ip's, but I just didn't bother.

For Ad Muncher alone I have 12 different rules for it, so I'm probably in the fairly paranoid group when it comes to configuring firewall rules.

Again, I really can't help you with Jetico configurations because of my lack of knowledge and experience with it." }-

The above rules you have made are for Outpost 4? Yes, I would say your restrictions on NOD are tight! What are your reasons for that? Afraid of imposters calling themselves "NOD32" getting installed and calling out??

-{ Quote: "The above rules you have made are for Outpost 4? Yes, I would say your restrictions on NOD are tight! What are your reasons for that? Afraid of imposters calling themselves "NOD32" getting installed and calling out??" }-

Yes, for Outpost 4. To answer your second question, I guess hanging out in these security forums has made me increasingly paranoid :) Well, that's part of the reason. Several security experts in these forums recommend these types of retrictions, even on well known apps, so that is part of the reason for my rules, and also it is simply a nice way to learn about networking.

I suppose there could be malware created that disquises itself as NOD32, if it hasn't already been done. It is quite common, I understand, for malware to disquise itselt as svchost.exe, a common Windows process that manages services, usually as a group. That is why it is especially important to apply tight network restrictions on it.

-{ Quote: "I agree stability of the application is far more important, but to some people it is very important. That is why I posted my memory reading for outpost.exe ." }-Yes, and thank you some of us have older systems and it is an issue. ;)

-{ Quote: "
The first ver of Outpost 4.0 was pretty unstable, Iwill admit. I didn't like it even though it ran okay for me, but it did exhibit some minor nuisances, especially the missing taskbar icon and some general lagging issues." }-

Hello cprtech,

Yes I agree with you. The newest version of Outpost 4.0 is a MASSIVE IMPROVEMENT over the first final release. Agnitum have fixed a number of issues in this particular version, in my case the situation with Avast's Standard Shield module, and they have fixed some other problems too. Reading the Outpost Forums there are now more users happy with it than previously. There are still a few things to be ironed out, but Agnitum seem to be getting it sorted, slowly but surely. RESULT!!!! 8)

Richie

-{ Quote: "Hello cprtech,

Yes I agree with you. The newest version of Outpost 4.0 is a MASSIVE IMPROVEMENT over the first final release. Agnitum have fixed a number of issues in this particular version, in my case the situation with Avast's Standard Shield module, and they have fixed some other problems too. Reading the Outpost Forums there are now more users happy with it than previously. There are still a few things to be ironed out, but Agnitum seem to be getting it sorted, slowly but surely. RESULT!!!! 8)

Richie" }-

Yes, and a big RESULT that is! :)

The problem I find with Outpost Pro 4, is no matter what rules there are for Windows Live Mesenger, is that it absolutely refuses to let it auto sign in during Windows startup or rebooting the computer, the initial installation allowed it to sign in,but after that, it requires a manual sign-in. I've missed countless messages due to this cause I keep forgetting to sign it in, as all the other firewalls I used allowed it. I had an online chat with some technical help person at Agnitum,but they said to allow port 1900 UDP Outbound, the automatic created rules in Outpost block this port, wtf is going on?. I noticed Outpost has set my LAN too 10.0.0.1 but on one occasion it was set at 10.0.0.2 and that allowed WLM to auto sign in, how do I get it back to 10.0.0.2, or in short, "How the hell can I get Windows Live Messenger to Auto-Sign In" ???

Yeah i have noticed that as well, i use messenger 7.5 and it doesn't seem to want to auto sign in, and it also seems to always take two attempts to sign in before it actually does it.

I dont know If I'm onto something here,but I tried this and it worked for me :

I came across this site by accident www.agnitum.co.uk and I chose to download Outpost 4,and discovered it was only a 12.6MB download English/Deutch languages I think, dont quote me on it as I'm not sure, anyway I dont think it has ALL Languages in the install. It installed but it was the previous version still, not the update that was released Nov 7. I chose to reboot later instead of after installation, and changed the policy to accept most, from the default installation of rules wizard, and chose predifined rules,and not automatically create rules. I checked the rules settings in msnmsgr.exe and found some rules that I did not on previous installs see, except for Block 1900 port. I clicked modify rules from block to allow, and renamed it Allow 1900 port. From then on I tried 5 reboots,and each single time MSN MEssenger has auto signed in. Lastly I went to www.agnitum.com and downloaded the Deutch/English version 12.6MB this site has the most recent version, and I chose to keep my settings and they were configured into the new version. MSN Messenger is still signing In. Like I said it worked for me, and it might work for you too. :thumb: