|
|
#1
November 4th, 2007, 07:32 AM
|
||||
|
||||
Intraetians and the Satellitians
Note from LowWaterMark:
These posts were split off from the thread titled "Hints on using Online Armor FW-a Learning Thread 4" as they were not directly related to "learning about how to use Online Armor". This first post appears in both threads. The technical questions and issues with how to use OA should be posted in the other thread. This one is more about the philosophy and approach taken by Tall Emu and how they have structured and targeted Online Armor in the industry. ____________________ FWIW: In my list of allowed countries I 1st blocked countries Local Host and the Intraetians. Now I left the Satellitians blocked and they have yet to complain. When those 2 where blocked, (as they were not NATO members  ) , my Windows XP sp2 would boot up a little differently.It would boot never quite finish and log off and was in an up off loop. Don't try this at home, it is bad enough that I suffer first. IMHO this "glitch" was avoidable. It seems that OA missed this during testing this version. Mike, can we have your fix status on this? Wait for V3 or will U issue a fix in OA 2?
__________________
Escalader i7 8 GB RAM Notebook, 1TB External Drive Sandboxie, Nod32, OP FW Pro, KeyScrambler, MVPS HOSTS File IE 9 Hardened Active X,SmartScreen,Tracking Protection Paragon Backup and Imaging Last edited by LowWaterMark : November 6th, 2007 at 11:25 AM. Reason: added comment explaining about the split of the topic |
|
#2
November 4th, 2007, 09:23 AM
|
||||
|
||||
|
Re: Hints on using Online Armor FW-a Learning Thread 4
Escalader this, as you know, was mentioned to Mike on the 29th October, and he said it will be fixed. You know this because you joined in a thread after the original poster RabbitFighter, who found this 'problem'
Give Mike a break, he is working hard to try and get things A1 |
|
#3
November 4th, 2007, 10:49 AM
|
||||
|
||||
|
Re: Hints on using Online Armor FW-a Learning Thread 4
Quote:
Hi stapp: 1) This is a learning thread aimed at Wilder's learners. Not everyone here reads the OA Forum 2) No one cares who reported anything 1st. 3) Asking Mike a question about his intent to fix in OA 2 or V 3 is a simple question to answer. Let's all wait for Mike's reply, he is working hard as we all are.TY.
__________________
Escalader i7 8 GB RAM Notebook, 1TB External Drive Sandboxie, Nod32, OP FW Pro, KeyScrambler, MVPS HOSTS File IE 9 Hardened Active X,SmartScreen,Tracking Protection Paragon Backup and Imaging Last edited by Escalader : November 4th, 2007 at 12:23 PM. |
|
#4
November 4th, 2007, 01:45 PM
|
||||
|
||||
|
Re: Hints on using Online Armor FW-a Learning Thread 4
Quote:
Quote:
Escalader I think your response to Stapp was a bit harsh. First, yes this is a learning thread, but it isn't a support thread. If someone is having an issue with Online Armor, they would be well advised to be checking in at the OA forums. Secondly, I think that what Stapp was politely trying to say is you were grandstanding. You weren't the first to experience the "issue", and it was reported where it was appropriate, and since you knew it was reported, and Mike responded there really was now reason to make a big deal here. Thirdly, on a list of priorities, it has to be a very low one. Certainly any one should realize they aren't countries, and if you don't know what Intranet, and localhost are, you should be using OA out of the box. At least certainly not blocking them. That's almost like taking the list of services, and going thru each one, and flipping a coin, and based on the flip turning the service off. |
|
#5
November 5th, 2007, 04:47 AM
|
||||
|
||||
|
Re: Hints on using Online Armor FW-a Learning Thread 4
Quote:
What Escalader is communicating here, maybe unwillingly, is that there could be some usability issues here. Personally, I love this type of information rather than the usual "everything is under control here". I'm looking for a good reason to install and test OA and I haven't found it yet. Considering the posts on the OA forum, I expect that he will sail into a storm when he "learns" the advanced FW configuration. Can't wait to see it!  Don't do it without a help file! 
__________________
"O, there has been much throwing about of brains." -- Guildenstern{alt. Gyldenstern[alt. Gyldenstjerne(anc. Gyllenstierna{knight of Lundholm})], knight of Hamlet}. |
|
#6
November 5th, 2007, 07:59 AM
|
|||||
|
|||||
|
Re: Hints on using Online Armor FW-a Learning Thread 4
Quote:
Quote:
Quote:
Quote:
What attracted me to OnlineArmor was Mike's way of handling questions here and at his own forum. A sort of "no question to dumb" approach. Even a "feature request" section that gets considerations. What makes me participate in the OnlineArmor threads here and seldom at the OA-forum, is the fact that end-users are afraid of "change" in OA. Escalader started a learning-thread so he could learn, but instead of helpful insight from anyone but Mike, he gets chastised by, dare I say, FANBOYS! I wish I could give more imput to this thread, but like Escalader, I'm just learning. Quote:
__________________
If I've offended you, I'm sorry. If I haven't, I'll get around to it. WSF 101 |
|
#7
November 5th, 2007, 08:20 AM
|
||||
|
||||
|
Re: Hints on using Online Armor FW-a Learning Thread 4
Quote:
Hi Monty, I'm not quite sure I agree with that assessment.. there's a core group of OA users that have banded together to keep me in line. You see, what we're trying to deliver is a product that can be used by the average guy in the street. The audience here at Wilders (Escalader included) is a bit more technically aware than that - and so there is a constant "battle" between adding features/power, and ease of use. Any extra firepower that we put into OA needs to be done in such a way that it won't compromise these goals. So, I would say that the fans (supporters, whichever you prefer) of Online Armor's mission are worried in case it goes off track. So am I. I like cool features better than anyone - but I have to try and keep it easy to use. Therefore, I'd have to say - afraid of it turning into another Tiny (perhaps the most horrific product I ever played with) - certainly. Afraid of change - I hope not  we have pretty healthy feature request forum (we already added a few since the release of OA Free, including block all traffic and nuking the activation).... By all means, everyone is welcome at our forums to participate, get and receive help. Probably, the many threads over there will benefit the help file.. after all, I know how to use it - and writing help that anticipates questions is fairly hard... And I also know that people will receive a warm and friendly welcome there... after all,many of them are also members here at Wilders and "know" each other already! Quote:
Maybe it's just the format of the thread that does it? I must admit, when I first saw the threads it looked like Escalader was trying to teach others how to use the firewall , rather than learn how to use it himself... perhaps that's where others have gotten confused too. In any case: anyone is welcome to ask questions at our forums, and they will recieve help in a friendly way if they need it.... but not right now from me: I need to sleep 
__________________
Mike Nash Tall Emu Pty Ltd Mike's Blog |
|
#8
November 5th, 2007, 08:41 AM
|
||||
|
||||
|
Re: Hints on using Online Armor FW-a Learning Thread 4
Quote:
Hi Lundholm Nothing wrong with reporting usablilty issues. But what was "reported" here under the "I was the first, I don't want it to happen" to others, in fact as Stapp pointed out, had already been reported on the OA forum, and addressed by Mike. It was unnecessary in a "Learning" thread. To All If you don't fully understand firewalls, like I don't, then use OA in the standard mode, it works fine that way. But if you want to explore use your head. If you don't understand what say local host is, for gosh sakes don't just block it. Google it, and learn first. Common sense. Pete |
|
#9
November 5th, 2007, 02:39 PM
|
||||
|
||||
|
Re: Hints on using Online Armor FW-a Learning Thread 4
Quote:
Thanks for your support Monty. I can certainly use that. Speaking only for myself (no one else can or should), I can always use help. Even a question is help since it gives posters a chance to research an issue/function. I understand that OA is open to ideas but at the moment is focusing on the standard out of the box settings for what some call Mom's and Aunties. This IMHO make perfect sense, since they represent a huge % no doubt of the OA business. Ideas are offered and placed in a list so they won't get lost. I have faith. I have high hopes for V 3 when it comes. But I'm happy enough to plod forward trying out OA 2 advanced features, asking my usual questions and trying solutions as they are offered and then trying again. Reports will be posted. Nobody is forced to read them. If posters don't care for the FW for whatever reason they have the option to uninstall it and replace it with another. My hint on that is back up your OA settings first. That way you won't burn the bridge back. See you.
__________________
Escalader i7 8 GB RAM Notebook, 1TB External Drive Sandboxie, Nod32, OP FW Pro, KeyScrambler, MVPS HOSTS File IE 9 Hardened Active X,SmartScreen,Tracking Protection Paragon Backup and Imaging |
|
#10
November 5th, 2007, 03:14 PM
|
|||
|
|||
|
Re: Hints on using Online Armor FW-a Learning Thread 4
Quote:
Personal comment of a product you obviously could not understand. I have used Tiny and found this to give excellent protection. Should we compare OA to Tiny? or should such a comment as "perhaps the most horrific product I ever played with" be retracted? replaced with "You simply could not understand"? |
|
#11
November 5th, 2007, 03:37 PM
|
||||
|
||||
|
Re: Hints on using Online Armor FW-a Learning Thread 4
Quote:
Stem I think your are nitpicking on terms. Using the firewall as the product, clearly if it didn't do it's just, I would call it horrific. But if was the best firewall on the market it and the only way I could get it to work, was create a rule for every port for every app for example, I would still label it horrifc, not cause it doesn't work, but because it was beyond difficult to use. I've looked at several "excellent" firewalls and would label them the same way strictly because of useablity. Sure it's my lack of understanding, but if I need a phd to understand, then I would call it horrific. Pete |
|
#12
November 5th, 2007, 04:04 PM
|
||||
|
||||
|
Re: Hints on using Online Armor FW-a Learning Thread 4
Quote:
Quote:
Quote:
Quote:
This, I thought, was a forum to learn,.. maybe it should be a forum to tell others what to use? Dont think so, not for me. |
|
#13
November 5th, 2007, 04:49 PM
|
||||
|
||||
|
Re: Hints on using Online Armor FW-a Learning Thread 4
Quote:
Think about my target market, Stem. I am trying to go for easy to use. When I had a look at Tiny (about 2 years ago as I recall) I did indeed find it terrible in terms of it's complexity and ease of use... which is what I measure these things against given my target market for OA. OA probably is horrific for you in terms of some of the things that you want - for example, if it rejects traffic it doesn't give you a popup and say "Hey, I just deflected a port scan". For some this is probably a terrible oversight - how could a firewall NOT alert you to an attack in progress! (disresgarding for the moment false positives here)... and for Online Armor the answer is: because it doesn't really matter. If someone port scans your computer - what are you going to do about it, if you're an everyday user?
__________________
Mike Nash Tall Emu Pty Ltd Mike's Blog |
|
#14
November 5th, 2007, 05:01 PM
|
||||
|
||||
|
Re: Hints on using Online Armor FW-a Learning Thread 4
Quote:
Just to clarify here - what actually happened was that OA automatically trusted a leaktest that was signed by a trusted software vendor. It is now possible in OA (central) admin to override individual programs on the whitelist to cover a situation where a trusted vendor releases something we would like to block (or pretend we don't know about, like a test).
__________________
Mike Nash Tall Emu Pty Ltd Mike's Blog |
|
#15
November 5th, 2007, 05:15 PM
|
||||
|
||||
|
Re: Hints on using Online Armor FW-a Learning Thread 4
Quote:
Quote:
Quote:
Quote:
|
|
#16
November 5th, 2007, 05:34 PM
|
|||
|
|||
|
Re: Hints on using Online Armor FW-a Learning Thread 4
Quote:
Do you put forward that no possibility of "forged" signed software (I believe not even microsoft can give such) |
|
#17
November 5th, 2007, 05:43 PM
|
||||
|
||||
|
Re: Hints on using Online Armor FW-a Learning Thread 4
Quote:
Hi Stem, Online Armor maintains a list of signatures which for trust purposes are divided into two categories: Trusted and Not Trusted. Signatures of products by MS, Adobe, and so on fall into the "Trusted" category - that is, these vendors do not release malware. It speaks nothing to the quality of the products, or their desirability - just that for the everyday user there is no harm in running these programs. So, if an EXE is signed - AND OA has that particular signature in it's database as one that should be trusted - then that exe will not be prompted should the user try to run it. A non-trusted signature works precisely the same way - except that the user will be given a big red popup that says this program might not be something you want to run. It is not "automatically trust anything that is signed". Online Armor's target market is the everyday user of a computer. With that in mind, the use of classifications of signatures is a popup reduction strategy. In another post I read this morning , you commented that users don't understand prompts about DLL injection - this is one way we work to reduce them.
__________________
Mike Nash Tall Emu Pty Ltd Mike's Blog |
|
#18
November 5th, 2007, 05:59 PM
|
||||
|
||||
|
Re: Hints on using Online Armor FW-a Learning Thread 4
Quote:
It was not an attempt to condemn any product Stem. It was my (fairly lighthearted) way of trying to ease of a bit of tension that I saw building up in this thread about a perceived "resistance to change" or feeling of not being welcome over at our forums. Particularly, it looked to me like Escalader did not feel welcome - an issue I wanted to address. I'm sure if I took the time to sit down and go through all of the features in Tiny, I'd be able to work it out. I've said to you before "I'm not the firewall expert"... but please don't imply that I'm an idiot because I am not *personally* a firewall specialist. Quote:
To be honest mate, it does look that way - but then OA is my "baby". Maybe after a cup of nescafe I'll have a different views. As for leaktests - I've said this before... If we're going to appear in a table of results, I want us to appear at the top. We started in there somewhere in the middle, and now we're at #1. That does not mean OA is perfect. So, now we can make further improvements where they are needed. I've already mentioned that two requests of note to more advanced users (local port, disable whitelist) are going in. Sometimes, external events dictate priority - leaktesting was one of those times - people wanted to see OA leaktested - and we had to work until we get good results. Quote:
I am not suggesting that inbound attack is of no concern. What I am saying is that a 75 year old grandmother, who receives a prompt that says "Firewall just deflected a <whatever> attack" is no better off than if Firewall had simply deflected the attack and stayed silent. I use this solely as an example to illustrate how our philisophy differs from other products that aim to give incredible flexibility to expert users. We work as hard as we can to hide this stuff. As for your examples - I think I am pretty open to listening to people - why don't you just PM me (or post in our beta forum), or email me where you think we're lacking. I'll give it priority to complete if it's as serious as you say - or I can ask one of my guys what they think - or, I can go and do some research and tell my guys "we need to do this"... If you do actually like the product as you mention above, and you can spare me 5 minutes of your time I *will* listen and react to it. If not - that's cool too.
__________________
Mike Nash Tall Emu Pty Ltd Mike's Blog |
|
#19
November 6th, 2007, 12:02 AM
|
||||
|
||||
|
Re: Hints on using Online Armor FW-a Learning Thread 4
Hi Stem and Mike Nash:
Please take this post in the spirit it is intended, positive and with ideas for consideration. You chaps seem to have your own thing going and that is good if in the end me and other "semi advanced users" end up with a stronger more powerful tool, leaving aside the 75 year old grandmother, I like her already. Suggest you split off your discussion off line and identify all the areas where you agree and disagree or have concerns and then knock off the easy ones visa via solutions, there is always a solution hiding in there trying to escape. Mike, I mentioned somewhere here or at OA, that it seems to me that you have the solution in hand already. Two modes of operating, a standard "mom" mode with the improved FW etc working quietly in the background. This is better than her making errors replying to techi pop ups. This mode is quiet. It is my understanding that this improved standard mode is # 1 at OA at the moment. The second mode is advanced/ expert mode. This mode you have agreed to improve SPI etc some blocking rules etc etc. No need for a list. You have that list building daily. As learning/trials/testing goes along here and at OA the list will grow. This is the concept of continuous improvement. With a better FW and open to editing the rules expert's could hopefully fine tune the FW to their own set up. Binding ip's to application rules, adding port restrictions and ranges turning popup on and off at will. Dealing with all protocols that come at our PC's. Being able to trust/untrust the router etc etc. No need to prattle on here. When suggesting the Kerio 2.1.5 design as a base model for such an expert FW I wasn't kidding. In that application I could restrict email to only my email client MS Outlook in my case and block all other applications from sending silent emails. This is NOT a frill feature. ZA Pro handled that as well. I would want to know how the enhanced OA FW worked, are rules processed in order top to bottom? Are the rules such that they are the only rules used and any connection in or out NOT specifically allowed by those rules will be blocked? Now some will say I'm trying to tell you how to run your business. Not so. I am providing you ideas good or bad but they are free! If they are not welcome or they are wrong then let those critics produce better ideas. Better ideas exclude personal attacks. I am actually using OA 2 in production right now, I want it too succeed. If this thread continues as a battle ground, no one will learn anything and I would have to consider my options on that. I have 3 options in mind. But none of them are needed if we can get back to work. Please answer my last technical question on ICMP default changes, I laid open my attempt at improving my set up of this tab. We did it with the host file and the blacklisted country thing, lets finish what was started.
__________________
Escalader i7 8 GB RAM Notebook, 1TB External Drive Sandboxie, Nod32, OP FW Pro, KeyScrambler, MVPS HOSTS File IE 9 Hardened Active X,SmartScreen,Tracking Protection Paragon Backup and Imaging |
|
#20
November 6th, 2007, 01:39 AM
|
||||
|
||||
|
Re: Hints on using Online Armor FW-a Learning Thread 4
To Mr.Michael Nash,Esquire,
Dear Sir, I object strongly to your discrimination against 75 year old grandmothers-Mr.Michael-I am one myself! You are implying that I,and all the other poor purple haired dears like my good self-DONT KNOW POO FROM CLAY-well dear Sir-this is not the case-poo is all sort of squishy. Furthermore,you launched into a completely unprovoked attack against poor old Tiny,a dear cow I once owned until she was laid to rest by foot and mouth. I would suggest you are suffering from foot in the mouth,after all your nasty attacks. I am awake to your idea of poisoning that nice man Mr.Stern,who you invited to your office for a cup of Nescafe. Whats wrong with a nice cup of tea,which we grannies drink-coffee is only for foreigners. In conclusion My Dear Sir,I am thinking of complaining to those nice Anti Discrimination people,or even the Tax office. When they lock you up and throw away the key,you'll be wishing a granny was there to look after you and wash your smalls,wont you! Rest assured,next time our paths cross,I will clobber you with my (golf )umbrella! Last edited by Hairy Coo : November 6th, 2007 at 02:52 AM. |
|
#21
November 6th, 2007, 01:48 AM
|
||||
|
||||
|
Re: Hints on using Online Armor FW-a Learning Thread 4
__________________
Mike Nash Tall Emu Pty Ltd Mike's Blog |
|
#22
November 7th, 2007, 08:09 PM
|
|||||||
|
|||||||
|
Re: Hints on using Online Armor FW-a Learning Thread 4
Quote:
Quote:
Quote:
Quote:
Quote:
Quote:
Quote:
|
|
#23
November 8th, 2007, 01:26 AM
|
||||
|
||||
|
Re: Hints on using Online Armor FW-a Learning Thread 4
Quote:
It seems that the present release has been rushed out in order to pass some leak tests just in time for Xmas. Unfortunately, some features and the general product quality (and the help file) suffered in the process. I didn't spend much time on OA, until the learning thread started. Reading posts here and there, I had the impression that OA was a solid product. Maybe the previous release?
__________________
"O, there has been much throwing about of brains." -- Guildenstern{alt. Gyldenstern[alt. Gyldenstjerne(anc. Gyllenstierna{knight of Lundholm})], knight of Hamlet}. |
|
#24
November 8th, 2007, 02:05 AM
|
||||
|
||||
|
Re: Hints on using Online Armor FW-a Learning Thread 4
Quote:
The prior release of Online Armor passed all of the leaktests as well, it just wasn't tested by Matousec. This is the FIRST release of the free version, and as such we submitted it for testing. Quote:
I think that's pretty unfair coming from someone who has publically stated that you're not going to install it until the help file is upgraded. You're basing your opinion on reading a few support forum posts - where people who have had problems or questions go to get help and advice. You have no way of knowing how many installs of Online Armor Free have been made since it was released, and what proportion of users experienced a problem. I do - and it is *tiny*. I don't deny for a moment we have had some issues. What's important, I think is the way we respond to them - working individually with the person who reports it as needed, and get it fixed as fast as possible. You got me on the help file - although I don't think it's *quite* so bad as you keep pointing out and we're working on it, and FAQ's as fast as we can.
__________________
Mike Nash Tall Emu Pty Ltd Mike's Blog |
|
#25
November 8th, 2007, 02:31 AM
|
||||
|
||||
|
Re: Hints on using Online Armor FW-a Learning Thread 4
Quote:
Thanks Stem, We're about to start on reviewing some of the filtering in the firewall kernel drivers, so I have spent a bit of time re-aquainting myself with Snort and it's capabilities during the course of the day. Once I figure out how this plays within OA's framework we'll get started on it. I don't expect that this will be a trivial undertaking, but we'll begin as soon as we can. Mike
__________________
Mike Nash Tall Emu Pty Ltd Mike's Blog |
| « Previous Thread | Next Thread » |
| Thread Tools | Search this Thread |
|
|
