Outpost 7 Public Beta Testing Is Underway

Thank you Manny! Even hovering the mouse pointer over the process(es) displays the full path. Just have it installed in an "nLited" XP VBox and running nicely so far.

 

installed Op 2 hours ago and it looks good.
(no webfilter, no adwarescanner - i have eset)

handling is as expected - like the builds in the past.
impressive the database for rare programs

#


gna gna gna cant have it proper working with proxomitron and firefox
firefox hangs on loading and outpost blocks something between Proxo and firefox.
it works on policy -> "almost most" but not "rules wizard".
firefox -> "firefox browser"
proxo -> "allow all"

stealth mode off

 

Well I do not know what to think about Agnitum for the simple reason that Agnitum will throw at user a lot of pop-ups. The other day I tested Agnitum with a piece of malware as expected the pop-ups came to the surface as a reaction to the malicious activities that the malware was undertaking. Eventually Agnitum dealt with the malware based upon my own answers to its series of pop-ups.

Now I tested the same piece of malware with NIS 2010 and Norton handled that sucker automatically and the same is true for KIS 2010. I've got to tell you that I was quite impressed because NIS 2010 made it look too easy. Now I'm not bashing Agnitum, I'm just saying that HIPS is too difficult for the average user to handle and this is true not only for Agnitum but also for other security software that use HIPS as their main protective mechanism; any wrong decision such clicking allow instead of deny would ruin a good computer. HIPS relies to much upon the user's knowledge.

Agnitum's engineer should reverse course in order to find a way to make their products intelligent. Failure to do so Agnitum can only hope to cater to a specific niche within the security market, the geeks.

Thanks.

 

Number of pop-ups in OP, as is the case with so many other HIPS, is relative to the way it's set up. If you set Anti-leak to "Optimal", you will get fewer pop-ups without sacrificing to much protection. You can also choose a higher level such as "Advanced", and fine tune the settings for something between "Optimal" and "Advanced". NIS is most likely taking a simplistic approach to the new executable and denying its attempt to launch in the first place. Well, OP and other HIPS can also be set up this way to simply deny the initial execution attempt.

 

NIS simplistic? You such a kidder... right? . Actually what NIS 2010 does is to analyze the source of the file based upon its own file reputation analysis algorithms;in a few words that is it. Agnitum is way behind in that file reputation analysis field... Without sacrificing too much protection; well how much protection am I going to lose anyway? .

Thanks.

 

Hi
You are comparing oranges with apples not is? This not sound like a thing a "Classical HIPS" do...

If i can ask something: Anyone here noted if the issue with UDP protocol mentioned here (https://www.wilderssecurity.com/showthread.php?t=256231&highlight=outpost opendns) which sometimes make Outpost block OpenDNS- are resolved? Packet filtering is improved in V7?
THX

 

You're welcome - and No kidding. HIPS and av are different things. I was talking about HIPS (specifically setting it up to alert on anything new), maybe not realizing you were referring to NIS using its heuristics to handle the rogue?

 

Looks interesting

 

I was never comparing apples to oranges or vice versa in the first place; moreover, where did you get that idea? File reputation analysis is definitely NOT HIPS. File reputation analysis is sweet and HIPS is a pain, big one.

Thanks.

 

Hi
I'd big trouble with it at last I replaced it with PC Tools.
Are there known issues between ThreatFire (TFWAH.dll ) and OP Self-protection-module ? I made similar experiences with ThreatFire and
Rising.
Please let me know.
Cheers
Sariel

 

File reputation is more than heuristics. Symantec has heuristic technology for a while now (i.e SONAR). File reputation analysis is new and it is called at Symantec "Quorum".

References:

http://www.computerworld.com/s/arti...nternet_Security_2010_checks_your_reputation_

http://community.norton.com/t5/Nort...9;jsessionid=BA3028719247A2EFBDB01F83672C33DE

http://www.symantec.com/connect/blogs/how-reputation-based-security-transforms-war-malware

Thanks.

 

For real? Because I´m missing something in the GUI, something very basic and very important. Namely, the fact that you can´t see the application rules with only one click!!! I mean come one, this is basic stuff!!! I can´t believe it.

 

The subject of the thread is the Outpost Public beta not a discussion over reputation vs hips. That sounds like a good topic for its own thread.

 

I could not have disagreed more my friend I'm beta testing OSS 7 now and the only thing I can see is HIPS, no more. Just think of it for a moment, what new technology that OSS 7 brings to the table? Well then let me see....Huh I cannot think of anything beside HIPS conveniently call right now proactive (something...). I have a lifetime subscription Agnitum and I do want them to succeed; however sometimes I believe that management is so hard headed that they blatantly refuse to listen to their own customers.

HIPS is good as long as the users are knowledgeable. To rely on HIPS as your main protective apparatus is to live within a time bubble of the past. And its for that reason that I'm challenging Agnitum to innovate and provide their own contribution to technological advancements. Symantec and TrendMicro are leading on new technologies such file reputation recognition and detection.

I beta tested a lot of products and most of the time with companies like Symantec, Kaspersky, or TrendMicro you could see that they have made progress by providing something new; but for Agnitum its the same old HIPS.

Thanks.

 

Are you beta testing or beta bashing?

 

sounds that way to me also
help out or move on I say!!

 

Should I consider your question a counter argument?

Thanks.

 

Well then here's my beta testing report to hayc59 and twl845 thus far, pay attention please: I experienced a lot of

1) GUI crashes.

2) Internet Explorer 8 froze like hell.

3) Complete system slow down.

4) OSS 7 not able to prevent application from running entertainment mode (full screen) even after I clicked on block such application from entering entertainment mode or full screen.

5) Malware that kept coming back even after I quarantined and deleted its processes after a lot of exercises with the famous HIPS, block, block, block, block, block, block..... and the malware kept coming back. Eventually I said I gave up, I've had it.

Should I go on hayc59 and twl845?

Thanks.

 

I don't doubt your results, but I'm running V6.7.3.(30063.452.0726) and don't experience any problems. Maybe it's because you're testing a beta.

 

CogitoTesting, ok cool now pay attention for me
you would be better off posting your results of un-happiness
at the forum where best suited for Agnitum dev team to see your
testing results so they can be addressed
here is the link in case you cannot locate ot
http://www.outpostfirewall.com/forum/forumdisplay.php?f=92

 

The GUI was redesigned so problems with it are not surprising. My personal preference is they work under-the-hood and increase stability.

Agnitum has "ImproveNet" which is used as a tool to create rulesets based on what people require for the programs and checked by the Agnitum engineers. That feature has been there since at least v3.5.

Source

There are very few prompts when run with learning mode or automatic rules, or using the feature to automatically create rules signed by trusted vendors Some of the new features probably require more time and public participation to set required permissions.



We here all know, or should know anyway it is said often enough that not every software will handle every threat. Two other products are mentioned in a this vs. this manner. The "This handled this and that did not" adds nothing useful.

To follow that a link to a review quoting Symantec, a Symantec blog and an Norton blog. Those links have nothing to do with the product under discussion and while one is entitled to disagree that does not make those posts suddenly on topic.

 

I'm having a look at OP free just now in a VM and running through what I would do in the live system so no roll backs for a few weeks to see how it progresses through learning, what logs build up etc. I noticed some of the new features in version 7, especially the file/folder protection and would like to give it a try. A few questions though:

Do you have to hold a valid Pro/AV/Suite licence to test the beta products? If not will you get the 'trial' pop-ups if you don't have a licence?

Can you upgrade directly from the free product i.e. will it remember the rules already created or is it a start again scenario?

Will the new HIPS/firewall features eventually make it into the free version? I won't use the web filter or anti-spy elements so never saw the need before but might consider the current lifetime deal if there were to be significant advantages from the free to paid product moving forward.

Thanks

 

Better yet, I already sent my unhappiness results to Agnitum directly. Thanks for the advice.

 

Did you read my previous posts before that in order for you to understand the context? Someone mistakenly believed that NIS 2010 caught a malware using heuristics; consequently I had to prove to him or her that it was not the case.

Moreover, the links that I provided are testament of a company that really innovated the technological advancements within the computer security field and Symantec is not alone I could also refer to Kaspersky and Panda. To me these links are quite relevant to the Outpost thread since it is yet to be proven at the beta stage the kind of technological advancements that OSS 7 has provided.

If someone has to refute my point of view, well it is fine. However, one must do so by providing a valid counter argument by stating what OSS 7 provides to the computer security world beside "HIPS". I'll say it again Agnitum heuristic is laughable, no cloud protection, and no File reputation detection. As of today these technologies are at the cutting edge for now. Has Agnitum made any headway in anyone of them? Please can someone tell me again especially the beta testers, beside HIPS what does OSS 7 provide as its main protection? Please be specific.

Thanks.

 

Regardless of the methodology (and you didn't need to "prove" anything, only clarify which you did), you were still comparing apples to oranges, depite your claim to the contrary. Your post came off looking as though you were pitting OP against NIS, specifically citing the advantages you perceived from NIS (and other competing products, no less) over OP.