Hello folks, I guess you've all heard about the tempting offer Agnitum is making and I'm one of those who couldn't resist. So, I bought the OSS and received the key today. I must say that I'm a total newbie when it comes to firewalls, I'm more of an antivirus guy. So I'm kind of sitting infront of the screen staring at the interface and don't know what to do to make it more comfortable and most importantly secure for me! Are there any experts out there who are willing to share some useful information on how to SET UP this suite propely so I can make maximum power out of it? What values should be set and what should be deactivated/activated? Something like a small guide would be highly appreciated Happy NEW year guys, hope 2009 won't hit you badly and may your antivirus and firewalls protect you from any kind of threats!
Ok here are some "small" guides. Parts of them are still valid. http://www.outpostfirewall.com/guide/rules/system.htm Recommended: http://www.outpostfirewall.com/forum/showthread.php?s=&threadid=9858
ImproveNet is a nice feature of OSS which provides rule sets based on community behavior and supervised by Agnitum engineers. These rule sets are automatically updated. So you do not have to create rules for common applications yourself. http://www.agnitum.com/support/improvenet/technical.php
Minimax2000:s links for rule sets is great...If you, however, want a more simple method you can let the "rule wizard" be on for a week or so, adjust your existing apps network access acc. to your wish in application settings (what you allow/not allow to connect)...Then after a week change the "rules wizard" to " block most" ( tray icon goes from blue to green...) In most cases I think this will be enough...
Thanks alot Minimax! EDIT: In the task manager, the acs.exe process sometimes takes over 80.000 K of memory, but sometimes only 40.000 K. Are these values ok? I mean, it's alot for a suite isn't it?
Another tip. Make a port scan here: https://www.grc.com/x/ne.dll?bh0bkyd2 And see which ports are open or vulnerable to intrusion. OSS should stealth most ports, meaning it will not answer to outer port requests. You probably do not need NetBIOS for files sharing thus disable it in OSS under Firewall -> LAN Settings and untick the checkbox.
It may be worth to run a tool such as this one to close some ports on your computer: Windows Worms Doors Cleaner http://www.firewallleaktester.com/wwdc.htm And it may be worthwhile to get a NAT router to relieve the Firewall of OSS. Regarding memory consumption see this http://www.outpostfirewall.com/forum/showthread.php?t=23184&highlight=acs.exe I have also 75 MByte PrivateBytes for acs.exe here according to Process Explorer at the very moment. After some time the memory allocation decreases here to 42MByte therefore don't worry.