Intraetians and the Satellitians - Split from OA Learning thread

Intraetians and the Satellitians

Note from LowWaterMark:

These posts were split off from the thread titled "Hints on using Online Armor FW-a Learning Thread 4" as they were not directly related to "learning about how to use Online Armor".

This first post appears in both threads.

The technical questions and issues with how to use OA should be posted in the other thread. This one is more about the philosophy and approach taken by Tall Emu and how they have structured and targeted Online Armor in the industry.

____________________


FWIW:

In my list of allowed countries I 1st blocked countries Local Host and the Intraetians.

Now I left the Satellitians blocked and they have yet to complain.

When those 2 where blocked, (as they were not NATO members) , my Windows XP sp2 would boot up a little differently.

It would boot never quite finish and log off and was in an up off loop.

Don't try this at home, it is bad enough that I suffer first.

IMHO this "glitch" was avoidable. It seems that OA missed this during testing this version.

Mike, can we have your fix status on this? Wait for V3 or will U issue a fix in OA 2?

 

Re: Hints on using Online Armor FW-a Learning Thread 4

Hi stapp:

1) This is a learning thread aimed at Wilder's learners. Not everyone here reads the OA Forum
2) No one cares who reported anything 1st.
3) Asking Mike a question about his intent to fix in OA 2 or V 3 is a simple question to answer.

Let's all wait for Mike's reply, he is working hard as we all are.TY.

 

Re: Hints on using Online Armor FW-a Learning Thread 4

What Escalader is communicating here, maybe unwillingly, is that there could be some usability issues here.

Personally, I love this type of information rather than the usual "everything is under control here". I'm looking for a good reason to install and test OA and I haven't found it yet.

Considering the posts on the OA forum, I expect that he will sail into a storm when he "learns" the advanced FW configuration. Can't wait to see it! Don't do it without a help file!

 

Re: Hints on using Online Armor FW-a Learning Thread 4

He wants to know when...

Okay...

Sort of like the responses Escalader gets when he asks a question...

He was asking how big of a priority it was...
What attracted me to OnlineArmor was Mike's way of handling questions here and at his own forum. A sort of "no question to dumb" approach. Even a "feature request" section that gets considerations. What makes me participate in the OnlineArmor threads here and seldom at the OA-forum, is the fact that end-users are afraid of "change" in OA. Escalader started a learning-thread so he could learn, but instead of helpful insight from anyone but Mike, he gets chastised by, dare I say, FANBOYS! I wish I could give more imput to this thread, but like Escalader, I'm just learning.

Very well said. So what say we try helping Escalader AND Mike out

 

Re: Hints on using Online Armor FW-a Learning Thread 4

Hi Monty, I'm not quite sure I agree with that assessment.. there's a core group of OA users that have banded together to keep me in line. You see, what we're trying to deliver is a product that can be used by the average guy in the street.

The audience here at Wilders (Escalader included) is a bit more technically aware than that - and so there is a constant "battle" between adding features/power, and ease of use. Any extra firepower that we put into OA needs to be done in such a way that it won't compromise these goals.

So, I would say that the fans (supporters, whichever you prefer) of Online Armor's mission are worried in case it goes off track. So am I. I like cool features better than anyone - but I have to try and keep it easy to use.

Therefore, I'd have to say - afraid of it turning into another Tiny (perhaps the most horrific product I ever played with) - certainly. Afraid of change - I hope not we have pretty healthy feature request forum (we already added a few since the release of OA Free, including block all traffic and nuking the activation)....

By all means, everyone is welcome at our forums to participate, get and receive help. Probably, the many threads over there will benefit the help file.. after all, I know how to use it - and writing help that anticipates questions is fairly hard... And I also know that people will receive a warm and friendly welcome there... after all,many of them are also members here at Wilders and "know" each other already!

Maybe it's just the format of the thread that does it? I must admit, when I first saw the threads it looked like Escalader was trying to teach others how to use the firewall , rather than learn how to use it himself... perhaps that's where others have gotten confused too.

In any case: anyone is welcome to ask questions at our forums, and they will recieve help in a friendly way if they need it.... but not right now from me: I need to sleep

 

Re: Hints on using Online Armor FW-a Learning Thread 4

Thanks for your support Monty. I can certainly use that.

Speaking only for myself (no one else can or should), I can always use help. Even a question is help since it gives posters a chance to research an issue/function.

I understand that OA is open to ideas but at the moment is focusing on the standard out of the box settings for what some call Mom's and Aunties.
This IMHO make perfect sense, since they represent a huge % no doubt of the OA business. Ideas are offered and placed in a list so they won't get lost.
I have faith. I have high hopes for V 3 when it comes.

But I'm happy enough to plod forward trying out OA 2 advanced features, asking my usual questions and trying solutions as they are offered and then trying again. Reports will be posted. Nobody is forced to read them.

If posters don't care for the FW for whatever reason they have the option to uninstall it and replace it with another. My hint on that is back up your OA settings first. That way you won't burn the bridge back.

See you.

 

Re: Hints on using Online Armor FW-a Learning Thread 4

This for me is a bad comment from you.
Personal comment of a product you obviously could not understand. I have used Tiny and found this to give excellent protection. Should we compare OA to Tiny? or should such a comment as "perhaps the most horrific product I ever played with" be retracted? replaced with "You simply could not understand"?

 

Re: Hints on using Online Armor FW-a Learning Thread 4

You put this forward why I wonder? You should disjoint between here and OA

Are you stating that Tiny did not protect. If you are, then you certainly do not know Tiny firewall.

Simple to hard also gives rise to least to best. No security application that attempts to make full implimentation of protection is easy, simplistic protection is, simplistic. We can go through whitelists/blacklist, I already know OA has allowed "leaktests" outbound before due to its "whitelist". Would you state this would not happen again.

phd, or simply a time to learn. Do not blanket all users with your own lack of knowledge or want (or lack of) to need this.

This, I thought, was a forum to learn,..
maybe it should be a forum to tell others what to use? Dont think so, not for me.

 

Re: Hints on using Online Armor FW-a Learning Thread 4

Think about my target market, Stem. I am trying to go for easy to use. When I had a look at Tiny (about 2 years ago as I recall) I did indeed find it terrible in terms of it's complexity and ease of use... which is what I measure these things against given my target market for OA.

OA probably is horrific for you in terms of some of the things that you want - for example, if it rejects traffic it doesn't give you a popup and say "Hey, I just deflected a port scan".

For some this is probably a terrible oversight - how could a firewall NOT alert you to an attack in progress! (disresgarding for the moment false positives here)... and for Online Armor the answer is: because it doesn't really matter.

If someone port scans your computer - what are you going to do about it, if you're an everyday user?

 

Re: Hints on using Online Armor FW-a Learning Thread 4

Just to clarify here - what actually happened was that OA automatically trusted a leaktest that was signed by a trusted software vendor.

It is now possible in OA (central) admin to override individual programs on the whitelist to cover a situation where a trusted vendor releases something we would like to block (or pretend we don't know about, like a test).

 

Re: Hints on using Online Armor FW-a Learning Thread 4

As you should know, I have full respect for you and what you are trying with OA. But please do not attempt to condem other products due to the complexity involved. (due to your lack of knowledge)

I am unconcerned with "port scans". I am more concerned with direct "spoofed" inbound packets (some put this forward as "drivebys"~ or other). Do not mistake me for some conflict to your product, I actually like it (as mentioned before) but you still put preferance to "leaktests" before filtering of packets of active connections.

Inbound/direct attack, you say is of no concern? Yet most of which, protection of which is missing. Certainly examples are available,.. or I can make public.

MMMMM, well, should any firewall concern of "stealth"~ a big deal with most. But none actually give this. Should I put forward your firewalls lack of this (as with all others), or maybe your lack to filter packets.

 

Re: Hints on using Online Armor FW-a Learning Thread 4

This puts forward what? That software with signed sig is automactially allowed? (even a bad move when mentioned for Vista).
Do you put forward that no possibility of "forged" signed software (I believe not even microsoft can give such)

 

Re: Hints on using Online Armor FW-a Learning Thread 4

Hi Stem,

Online Armor maintains a list of signatures which for trust purposes are divided into two categories: Trusted and Not Trusted.

Signatures of products by MS, Adobe, and so on fall into the "Trusted" category - that is, these vendors do not release malware. It speaks nothing to the quality of the products, or their desirability - just that for the everyday user there is no harm in running these programs.

So, if an EXE is signed - AND OA has that particular signature in it's database as one that should be trusted - then that exe will not be prompted should the user try to run it.

A non-trusted signature works precisely the same way - except that the user will be given a big red popup that says this program might not be something you want to run.

It is not "automatically trust anything that is signed".

Online Armor's target market is the everyday user of a computer. With that in mind, the use of classifications of signatures is a popup reduction strategy.

In another post I read this morning , you commented that users don't understand prompts about DLL injection - this is one way we work to reduce them.

 

Re: Hints on using Online Armor FW-a Learning Thread 4

It was not an attempt to condemn any product Stem. It was my (fairly lighthearted) way of trying to ease of a bit of tension that I saw building up in this thread about a perceived "resistance to change" or feeling of not being welcome over at our forums. Particularly, it looked to me like Escalader did not feel welcome - an issue I wanted to address. I'm sure if I took the time to sit down and go through all of the features in Tiny, I'd be able to work it out. I've said to you before "I'm not the firewall expert"... but please don't imply that I'm an idiot because I am not *personally* a firewall specialist.

To be honest mate, it does look that way - but then OA is my "baby". Maybe after a cup of nescafe I'll have a different views. As for leaktests - I've said this before... If we're going to appear in a table of results, I want us to appear at the top. We started in there somewhere in the middle, and now we're at #1. That does not mean OA is perfect. So, now we can make further improvements where they are needed. I've already mentioned that two requests of note to more advanced users (local port, disable whitelist) are going in.

Sometimes, external events dictate priority - leaktesting was one of those times - people wanted to see OA leaktested - and we had to work until we get good results.

I am not suggesting that inbound attack is of no concern. What I am saying is that a 75 year old grandmother, who receives a prompt that says "Firewall just deflected a <whatever> attack" is no better off than if Firewall had simply deflected the attack and stayed silent. I use this solely as an example to illustrate how our philisophy differs from other products that aim to give incredible flexibility to expert users. We work as hard as we can to hide this stuff.

As for your examples - I think I am pretty open to listening to people - why don't you just PM me (or post in our beta forum), or email me where you think we're lacking. I'll give it priority to complete if it's as serious as you say - or I can ask one of my guys what they think - or, I can go and do some research and tell my guys "we need to do this"...

If you do actually like the product as you mention above, and you can spare me 5 minutes of your time I *will* listen and react to it. If not - that's cool too.

 

Re: Hints on using Online Armor FW-a Learning Thread 4

Hi Stem and Mike Nash:

Please take this post in the spirit it is intended, positive and with ideas for consideration.

You chaps seem to have your own thing going and that is good if in the end me and other "semi advanced users" end up with a stronger more powerful tool, leaving aside the 75 year old grandmother, I like her already.

Suggest you split off your discussion off line and identify all the areas where you agree and disagree or have concerns and then knock off the easy ones visa via solutions, there is always a solution hiding in there trying to escape.

Mike, I mentioned somewhere here or at OA, that it seems to me that you have the solution in hand already. Two modes of operating, a standard "mom" mode with the improved FW etc working quietly in the background. This is better than her making errors replying to techi pop ups. This mode is quiet. It is my understanding that this improved standard mode is # 1 at OA at the moment.

The second mode is advanced/ expert mode. This mode you have agreed to improve SPI etc some blocking rules etc etc. No need for a list. You have that list building daily. As learning/trials/testing goes along here and at OA the list will grow. This is the concept of continuous improvement.

With a better FW and open to editing the rules expert's could hopefully fine tune the FW to their own set up. Binding ip's to application rules, adding port restrictions and ranges turning popup on and off at will. Dealing with all protocols that come at our PC's. Being able to trust/untrust the router etc etc. No need to prattle on here.

When suggesting the Kerio 2.1.5 design as a base model for such an expert FW I wasn't kidding. In that application I could restrict email to only my email client MS Outlook in my case and block all other applications from sending silent emails. This is NOT a frill feature. ZA Pro handled that as well. I would want to know how the enhanced OA FW worked, are rules processed in order top to bottom? Are the rules such that they are the only rules used and any connection in or out NOT specifically allowed by those rules will be blocked?

Now some will say I'm trying to tell you how to run your business. Not so.

I am providing you ideas good or bad but they are free!

If they are not welcome or they are wrong then let those critics produce better ideas. Better ideas exclude personal attacks.

I am actually using OA 2 in production right now, I want it too succeed.

If this thread continues as a battle ground, no one will learn anything and I would have to consider my options on that. I have 3 options in mind. But none of them are needed if we can get back to work.

Please answer my last technical question on ICMP default changes, I laid open my attempt at improving my set up of this tab. We did it with the host file and the blacklisted country thing, lets finish what was started.

 

Re: Hints on using Online Armor FW-a Learning Thread 4

To Mr.Michael Nash,Esquire,

Dear Sir,

I object strongly to your discrimination against 75 year old grandmothers-Mr.Michael-I am one myself!

You are implying that I,and all the other poor purple haired dears like my good self-DONT KNOW POO FROM CLAY-well dear Sir-this is not the case-poo is all sort of squishy.

Furthermore,you launched into a completely unprovoked attack against poor old Tiny,a dear cow I once owned until she was laid to rest by foot and mouth.

I would suggest you are suffering from foot in the mouth,after all your nasty attacks.

I am awake to your idea of poisoning that nice man Mr.Stern,who you invited to your office for a cup of Nescafe.

Whats wrong with a nice cup of tea,which we grannies drink-coffee is only for foreigners.

In conclusion My Dear Sir,I am thinking of complaining to those nice Anti Discrimination people,or even the Tax office.

When they lock you up and throw away the key,you'll be wishing a granny was there to look after you and wash your smalls,wont you!

Rest assured,next time our paths cross,I will clobber you with my (golf )umbrella!

 

Re: Hints on using Online Armor FW-a Learning Thread 4

 

Re: Hints on using Online Armor FW-a Learning Thread 4

When I can be "fairly lighthearted" about internet security, I will stop posting.

Mate?

Look as you will, I do. I care not for a product, I only look at what a product can do for the end user.

I thought you where beyond reports, and followed needs.

I did not mention an "alert", I mention actual protection from inbound attack.

What, again? We went down this path before. You put forward the possible inclusion on protection, such as IDS based on "snort", do I need to ask over and over?

Listen,.... see above.

 

Re: Hints on using Online Armor FW-a Learning Thread 4

It seems that the present release has been rushed out in order to pass some leak tests just in time for Xmas. Unfortunately, some features and the general product quality (and the help file) suffered in the process.

I didn't spend much time on OA, until the learning thread started. Reading posts here and there, I had the impression that OA was a solid product. Maybe the previous release?

 

Re: Hints on using Online Armor FW-a Learning Thread 4

The prior release of Online Armor passed all of the leaktests as well, it just wasn't tested by Matousec.

This is the FIRST release of the free version, and as such we submitted it for testing.

I think that's pretty unfair coming from someone who has publically stated that you're not going to install it until the help file is upgraded. You're basing your opinion on reading a few support forum posts - where people who have had problems or questions go to get help and advice.

You have no way of knowing how many installs of Online Armor Free have been made since it was released, and what proportion of users experienced a problem. I do - and it is *tiny*.

I don't deny for a moment we have had some issues. What's important, I think is the way we respond to them - working individually with the person who reports it as needed, and get it fixed as fast as possible.

You got me on the help file - although I don't think it's *quite* so bad as you keep pointing out and we're working on it, and FAQ's as fast as we can.

 

Re: Hints on using Online Armor FW-a Learning Thread 4

Thanks Stem,

We're about to start on reviewing some of the filtering in the firewall kernel drivers, so I have spent a bit of time re-aquainting myself with Snort and it's capabilities during the course of the day.

Once I figure out how this plays within OA's framework we'll get started on it. I don't expect that this will be a trivial undertaking, but we'll begin as soon as we can.


Mike