OA Firewall (review)

Discussion in 'other firewalls' started by Stem, Mar 19, 2007.

Thread Status:
Not open for further replies.
  1. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    Hi Mike,
    I did not get this warning on my setup

    PCAudit2 was an update that does include keylogging.
    EDIT:

    I will set up again, but on XP(But this will be tomorrow). Maybe there is still a problem with OA+W2K
     
    Last edited: Mar 20, 2007
  2. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    Update:

    OA2, due to update, now intercepts both PCAudit leaktests.

    I will now move on to checking performance of OA firewall with torrent client.
    I did start testing on W2K system, but the results where not good, possibly due to past problems with OA2 and W2K OS. I have setup on XP and will check findings.
     
  3. dja2k

    dja2k Registered Member

    Joined:
    Feb 15, 2005
    Posts:
    2,120
    Location:
    South Texas, USA
    I have been using OA FW with uTorrent from the start and get great performance, hopefully you will get the same results Stem, good review by the way.

    dja2k
     
  4. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,639
    hey dja2k does OA FW work well with blacklists?
     
  5. Pedro

    Pedro Registered Member

    Joined:
    Nov 2, 2006
    Posts:
    3,502
    I tried it, and enjoyed the Firewall. Very good, congrats for the development team.

    I was amazed i could block countries! The graphs and stats were good, rule creation very easy, but here i'm with Stem- although we can restrict local ports globaly, i cannot restrict local ports per application, only remote ports. That would be a good suggestion for the to-do list.
    If this is irrelevant still, please, explain me why. I could use some learning.

    A lot of things looked self expanatory too, like the ICMP list.
    Answering the pop-ups gave me the tight rules i wanted. Still i would have liked to, like with Kerio 2.1.5, fine tune the rule when the pop-up appears.

    This is also true for Comodo.

    I'd like to say more, but i uninstalled it.
    Because it didn't seem capable of handling Emule. I have lots of things on the download list:) , and OA wouldn't calm down. I couldn't use the pc. So i'm testing the same situation now with Comodo, and it spikes, but calms down after a while.
    I'll give it a go again if i can (trial). But for now, i want to use the pc to download.

    I'd like to add one thing: OA seemed lighter than Comodo while browsing, somehow, but with Emule, it's a different scenario.
    Yes, i closed Opera to see if that was it.

    I'm open to suggestions, if i could have done something.
     
  6. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    I did have some problems on W2K, with OA blocking a lot of outbound packets. I have yet to try the later builds that may now of solved this?


    On my try out with XP, I had no problems, I set up to download a large distro, loaded up into OA large blacklists (the blacklists I had in post#4), I had the limits I set for download (120kb) and upload (40kb) and OA ran to my limits without problem, I was still able to browse etc without slowdown. Memory usage during the 10hr period I ran the torrent didnt change much, for the 2 OA processes, this was between 16-20mb.
     
  7. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    This as been asked for a couple of times, and it was mentioned that this would be added.
     
  8. Pedro

    Pedro Registered Member

    Joined:
    Nov 2, 2006
    Posts:
    3,502
    That's good news. How about Emule, did you try something of the sort?
    I couldn't even navigate within the program, to search for files, etc. CPU usage was very high, like 97% (OA process, can't remember the name).
    Obviously, by having lots of files for download, all kinds of conections are active, and this should a great test, if done by one that really knows how to do it.
    It didn't seem to handle it for me.

    Comodo isn't perfect here either, but i can use the pc. Is this a symptom for all good FWs, that have to analyse a lot of traffic?
     
  9. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    I have only checked using a torrent client. I will set up tonight with Emule. I will have to see how many different distro`s I can find/download.
     
  10. dja2k

    dja2k Registered Member

    Joined:
    Feb 15, 2005
    Posts:
    2,120
    Location:
    South Texas, USA
    Well Stem you an expert at this firewall stuff so I will leave the final verdict to you.

    dja2k
     
  11. Pedro

    Pedro Registered Member

    Joined:
    Nov 2, 2006
    Posts:
    3,502
    I forgot to turn off "Monitor dll injections" in Comodo. It's responsible for cmdagent.exe spikes, and i've got it covered.
    Comodo is light after this, much lighter than OA it seems.
    I also realize that this only serves as IDS, with the option to block, but then it blocks the browser (for instance) altogether. (HIPS will do wonders here)

    To be clear, i only had OA's Firewall running, i turned everything else off. With this out of the way (either something i did, or with a fix), this is an outstanding firewall!
     
  12. ankupan

    ankupan Registered Member

    Joined:
    Oct 4, 2004
    Posts:
    516
    Hi,

    I am using it and happy too.

    Its better than LnS, ZAP and others.....

    ~
    ankupan
     
  13. acr1965

    acr1965 Registered Member

    Joined:
    Oct 12, 2006
    Posts:
    4,995
    Does anyone run this with NOD32? Are there any known programs it conflicts with?
     
  14. dja2k

    dja2k Registered Member

    Joined:
    Feb 15, 2005
    Posts:
    2,120
    Location:
    South Texas, USA
    Run what, if you mean OA Firewall, yes it works fine. I even run the AV+ version with Nod32 with no problem. Look at most people's signature for their security lineup and you will see some others run Nod32 + Online Armor FW.

    dja2k
     
  15. ankupan

    ankupan Registered Member

    Joined:
    Oct 4, 2004
    Posts:
    516
    I am using NOD32 + OA2.

    its interested to use NOD32 + OA2 AV+...any user using this ?

    OA+ AV+ is using KAV engine, so may be conflict will occured.

     
  16. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    I know of no conflicts with OA and NOD.
    All the times I have had OA2 installed, I have had NOD2.7 installed and active.

    I have not teasted OA2+AV with NOD as I would not personally install 2 AV`s
     
  17. dja2k

    dja2k Registered Member

    Joined:
    Feb 15, 2005
    Posts:
    2,120
    Location:
    South Texas, USA
    From the start Mike has done Online Armor AV+ to run along side other residential AV's. Online Armor AV+ only uses its AV for scanning of executables and not run actively in the background like other residential AV's. There is no problem whatsoever running OA AV+ and Nod32, its like having the best of both Antivirus programs. :D

    dja2k
     
  18. ankupan

    ankupan Registered Member

    Joined:
    Oct 4, 2004
    Posts:
    516
    It means, we can run two AV together or

    OA 2 AV+ (antivirus can be disabled) and can be used as on demand scanner too ?? with NOD32 setup....

    Comments......
     
  19. ankupan

    ankupan Registered Member

    Joined:
    Oct 4, 2004
    Posts:
    516
    Is it possible to disable anttivirus in OA2 AV+ ?

    as you are using, your comments please

     
  20. dja2k

    dja2k Registered Member

    Joined:
    Feb 15, 2005
    Posts:
    2,120
    Location:
    South Texas, USA
    Both are active on my computer. OA AV+ is using the KAV engine sorta like an antimalware scans executables for anything bad, so basically its not a full blown Anti-Virus. Anything executable that runs has to pass through Online Armor AV+ and Nod32 before it runs. Mike might put more options into the AV+ portion of Online Armor, but later. Yes you can disable any Shield in Online Armor in the GUI or right clicking the OA icon in the taskbar and of course you can use OA AV+ for on demand only.

    dja2k
     
  21. kvp

    kvp Registered Member

    Joined:
    Feb 4, 2007
    Posts:
    3
    Hi ankupan

    On my laptop and on my desktop i have used OA AV+ version 2 with together with NOD32 since 4 month and there have never been a conflict.
    The OA firewall works like I want and I am very happy with the HIPS and Kernel protection.
    All OA including the AV+ part of OA is running at the same time as NOD32 AMON-DMON-EMON-IMON.
    I have a scheduled scan 1 time a week wit NOD32 and an on-demand scan with OA AV+(KAV). I use SuperAntispyware and AVG AS on demand too.

    All running very light and is a very big improvement from ZoneLabs ISS and Norton ISS:)
    My laptop is 1,4 GHz and 528 MB.

    According to task manager the memory consumption on resident protection is:

    nod32krn.exe use 21.684+19.408
    Nod32kui.exe use 2.700+3548
    OAsrv.exe use 7.436+26.044
    OAui.exe use 5.380+5.536
    ScanningProcess.exe use 13.208+18.720

    kvp
     
  22. ankupan

    ankupan Registered Member

    Joined:
    Oct 4, 2004
    Posts:
    516
    Hi,

    Just I have uninstalled OA2 and installed OA2 AV+

    its running well, lets try till 2 April than time for ESET SMART Suite :D

    my system is
    Laptop 1.6 Mhz, 512 MB RAM, 120 GB HDD
     
  23. stapp

    stapp Global Moderator

    Joined:
    Jan 12, 2006
    Posts:
    23,936
    Location:
    UK
    I am running OA+FW along with AVG antispy (paid) avira, Superantispyware and First defence.

    No conflicts at all, runs very fast for me using opera.

    Can also be useful to block ads, after being on a site with ads, go into the OA configuration-my websites- highlight the site and choose untrusted. This blocks the ads.
     
  24. MikeNash

    MikeNash Security Expert

    Joined:
    Jun 9, 2005
    Posts:
    1,658
    Location:
    Sydney, Australia
    Hi Someone,

    Sorry, seems I missed a lot of posts to this thread... I have not tested OA with emule - we should handle this level of load - we certainly do with other P2P programs... remember this is a preview release, not final :)

    In any case, I have added to the TODO list a test with emule... if we can find the same problem as you, we will fix it.


    Mike
     
  25. ankupan

    ankupan Registered Member

    Joined:
    Oct 4, 2004
    Posts:
    516
    Hi,

    OA AV+ : antivirus is having only one option that is scanning.

    Is there any more option ? or that all.

    Surprising OA2 AV+ without any options for antivirus (Disable and Scan only two options)
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.