Help Configuring Outpost Pro

I am a former ZoneAlarm user. Need help configuring the latest version of Outpost.

I'd like to:
1 - Block incoming netbios
2 - Block incoming ping
3 - Block other incoming icmp
4 - Block incoming igmp
5 - Block/DisableIPv6

Create secure rules for svchost.exe
Create secure rules for TOR.

Finally: I'm on a WLAN in the form 192.168.0.1 and I'd like to block all nodes except the gateway. Should I block broadcast and multicast?

 

you think too much complicated. outpost has fine rules for current applications
and other stuff - use them. you can refine outpost settings if you are more
familiar with it - not earlier - otherwise you mess up anything.

igmp = multicast
http://www.wikipedia.org/wiki/Internet_Group_Management_Protocol

icmp is important for a proper internet
http://www.wikipedia.org/wiki/Internet_Control_Message_Protocol
outpost has some rules for system, check settings there.

 

Welcome to Wilders Security Forums Francophile

I'd like to:
1 - Block incoming netbios


Settings/Firewall/LAN Settings/
For all addresses listed, Disable by unticking the boxes for: NetBIOS, Trusted, NAT Zone

Results = Limited access to LAN, NetBIOS communications are blocked, all other communications are handeled by
application and global rules.


I'd like to:
2 - Block incoming ping


Settings/Firewall/Network Rules/ICMP Settings/ICMPv4/
Settings/Firewall/Network Rules/ICMP Settings/ICMPv6/
The default settings allow: outbound ping
The default settings disallow: inbound ping and traceroute

Settings/Firewall/Run in stealth mode/
Enabled by default rendering the computer invisable to the Internet. Port scans are silently blocked.
All outbound or inbound packets sent to unused ports are ignored without notifying the source via ICMP or TCP message.

Results = Leave the settings at the defaults.


I'd like to:
3 - Block other incoming icmp


Settings/Firewall/Network Rules/ICMP Settings/ICMPv4/Block not listed types of ICMP messages/
Settings/Firewall/Network Rules/ICMP Settings/ICMPv6/Block not listed types of ICMP messages/
Enabled by default ICMPv4 and ICMPv6 protocol communications are restricted to the listed types of allowed or
disallowed messages/communications blocking all other messages/communications.

Results = Leave the settings at the defaults.


I'd like to:
4 - Block incoming igmp


Settings/Network Rules/System-Wide Rules/Low-Level Rules/Block IGMP/
Blocked by default

Results = Leave the setting at the default.


I'd like to:
5 - Block/Disable IPv6


Agnitum Security Products can not disable IPv6, IPv6 can only be disabled in the Microsoft Windows Registry.

Results = Comment on disabling IPv6 by Outpost Forum Moderator Manny Carvalho:
http://www.outpostfirewall.com/foru...ional-x64-Outpost-6-7-x64&p=182852#post182852


I'd like to:
Create secure rules for svchost.exe


The Default Rule Set for svehost.exe created by Agnitum Outpost Firewall Pro is secure and reliable.

Results = Allow Outpost Firewall Pro to create the Rule Set for svchost.exe

Here is my Rule Set for svchost.exe:
https://www.wilderssecurity.com/showpost.php?p=1558852&postcount=87

If creating custom rule sets for applications, Outposts "Rules auto-creation" feature must be changed from:
Auto create and update rules to: Auto create rules,
to prevent Outposts Automatic Updates from reconfiguring the custom rule sets to Agnitums updated rule sets.

The configuration can be found at: Settings/General/ImproveNet/Rules auto-creation/


I'd like to:
Create secure rules for TOR


I am unfamiliar with TOR

Results = Allow Agnitum Outpost Firewall Pro to "Auto create rules" for TOR (TOR may need IGMP ?)


I'd like to:
I'm on a WLAN in the form 192.168.0.1 and I'd like to block all nodes except the gateway


Settings/Firewall/LAN Settings/
Following the instructions for: [I'd like to: 1 - Block incoming netbios] will block all nodes except for the gateway.
Agnitum Outpost Firewall Pro will keep the Networks that it discovered and configured secure.

Results = Follow the instructions for: [I'd like to: 1 - Block incoming netbios] Outpost is securing the Networks.

Alternatively, disable by unticking the box: Detect new networks automatically, and deleting all Networks from the
Network window. Then click on: Add, and enter the IP Address of the Router (Gateway) 192.168.0.1 to the list in the
Network window leaving the boxes for: NetBIOS, Trusted, NAT Zone disabled by leaving them unticked.
192.168.0.1 only with no subnet mask of (255.255.255.0)


HKEY1952

 

HKEY1952, Very Nice!!
Great help

 

HKEY1952,
That was very helpful. I was also able to make a few changes to Outpost as well. Thank you...

 

Thank you very much, HKEY1952. I feel like I'm in the right place. Very helpful information, you have answered most of my questions. I am getting more familiar with Outpost now. It just takes some time when switching to a new product but I think Outpost Firewall is more powerful and has some very advanced features. ZoneAlarm has become to bloated.