Outpost Firewall 4 Help with Settings

Discussion in 'other firewalls' started by dja2k, Sep 29, 2006.

Thread Status:
Not open for further replies.
  1. dja2k

    dja2k Registered Member

    Joined:
    Feb 15, 2005
    Posts:
    2,040
    Location:
    South Texas, USA
    I just installed Outpost 4 and I am a bit rusty on it. I remember that if you had a static ip and router , you had to do some special settings or something along that line. I want to make the utorrent rules, but notice some use advanced rules using specific DNS address specific to my router and putting them in the rules. Do I have to change some of the global rules to use the specific address of my router? There are a lot of different rules for different torrent downloaders in the Outpost forum and don't know which to follow anymore for utorrent. Can anyone help out here?

    dja2k
     
  2. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    Hi dja2k,
    If your using the default Global DNS rules, then you dont need to change anything in OP4, as the DNS rules now contain "Macro" rules (these pick up the required info from the system).
    So if you enter a fixed IP/DNS servers into your windows Internet protocol properties, then OP4 will pick these up.

    Edit
    Have you set up your PC with a fixed IP?
     
    Last edited: Sep 29, 2006
  3. dja2k

    dja2k Registered Member

    Joined:
    Feb 15, 2005
    Posts:
    2,040
    Location:
    South Texas, USA
    Ah damn, I found "A Guide to Producing a Secure Configuration for Outpost" and was changing it to that. Does this mean I don't have to follow that anymore?

    I have a fixed IP and DNS server to my router's IP.

    I was actually in the "D - Global/Systems Rule Changes" part.

    dja2k
     
  4. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    With OP4, only networked enabled applications can access the DNS client.

    OP4 is now far more secure.
    You do not need to add your DNS server IP`s, these are already in place
     
  5. dja2k

    dja2k Registered Member

    Joined:
    Feb 15, 2005
    Posts:
    2,040
    Location:
    South Texas, USA
    Any other settings I do need to change?

    I was following this guideline:

    GENERAL OUTPOST 4.0 SETUP

    * Firewall policy BLOCK MOST.
    * Automatic Rules Creation DISABLED.
    * Component Control Level MAXIMUM.
    * NO PRESET RULES.
    * Outpost 4.0 Self Protection ENABLED.
    * Anti Leak Control ENABLED and set to PROMPT.
    * Outpost generally set to reflect "A Guide to Producing a Secure Configuration for Outpost by Paranoid 2000" .

    Found HERE

    dja2k
     
  6. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    You should be O.K. with those settings,
     
  7. dja2k

    dja2k Registered Member

    Joined:
    Feb 15, 2005
    Posts:
    2,040
    Location:
    South Texas, USA
    Ok, I will not set anything that is stated in the "A Guide to Producing a Secure Configuration for Outpost by Paranoid 2000" for now until further researching on things like the ICMP settings.

    dja2k
     
  8. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    As you are behind a router, you can leave the ICMP settings as they are set (by default installation)
     
  9. dja2k

    dja2k Registered Member

    Joined:
    Feb 15, 2005
    Posts:
    2,040
    Location:
    South Texas, USA
    Yeah I am behind a router and manually setup a static ip for port-fowarding. I use p2p programs like utorrent and shareaza. Its quite a pitty how Outpost firewall has Currently Active Users: 89 (7 members and 82 guests) and I get the fastest help from Wilders. Thanks Stem!

    dja2k
     
  10. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    There is a ruleset included with OP4 for Utorrent, but you would need to check the port settings.
     
  11. dja2k

    dja2k Registered Member

    Joined:
    Feb 15, 2005
    Posts:
    2,040
    Location:
    South Texas, USA
    Yeah the allow all udp and tcp rule. Don't make me laugh! :D I know how to manually set it up with the help of a ruleset which there are a lot of them that are shared at the Outpost forum, but they all do their changes here and there and loose in the way. I had a ruleset for it from another version of outpost, but it doesn't seem to work the same.

    dja2k
     
  12. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    Is that what it is,... I have never used it,..
    If you want any help with setting up a tight ruleset for Utorrent, I will run through this with you.

    Edit,
    o_O I see what you mean now about the Utorrent ruleset :D
     
    Last edited: Sep 29, 2006
  13. Fumens

    Fumens Registered Member

    Joined:
    May 5, 2005
    Posts:
    23
    I tried ruleset for BitTorrent Clients and seems it works with uTorrent and BitComet.

    HTTP: TCP, outbound, remote port: 80-83, Allow
    HTTPS: TCP, outbound, remote port: 443, Allow
    Inbound TCP: TCP, inbound, localport: 54321, Allow
    Outbound TCP: TCP, outbound, remote port: 1025-65535, Allow
    DHT: UDP, remote port: 1025-65535, local port: 54321, Allow
    Block outbound TCP: TCP, outbound, Block
    Block inbound TCP: TCP, inbound, Block
    Block UDP: UDP, Block

    So far it works smooth with BitComet and uTorrent, any corrections will be helpful


    regards,
    Fumens
     
    Last edited: Sep 30, 2006
  14. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    Hi Fumens.
    I did run a quick download to check how OP4 would react, and all went well,.. I used virtually the same ruleset as you have posted, apart from the HTTPS connection (remote port 443),.. is this needed?
     
  15. dja2k

    dja2k Registered Member

    Joined:
    Feb 15, 2005
    Posts:
    2,040
    Location:
    South Texas, USA
    I came upon the same ruleset after checking and comparing different ones. Works well.

    dja2k
     
  16. JRCATES

    JRCATES Registered Member

    Joined:
    Apr 7, 2005
    Posts:
    1,203
    Location:
    USA
    Not intending to hijack here, dja2k....but are Outpost's "default" rules ("out of the box") good to go, or is there some "tweaking" to do? I don't game, but do P2P....other than that, primarily just the usual web browsing, etc.
     
  17. dja2k

    dja2k Registered Member

    Joined:
    Feb 15, 2005
    Posts:
    2,040
    Location:
    South Texas, USA
    The rules made by outpost might be ready to go but some might be to broad. Like the one for utorrent giving access to all udp and tcp. Check them first and you might want to cross check them with posts from Outpost froum. Some people harden the rules created by defualt for browsers as well.

    dja2k
     
  18. Fumens

    Fumens Registered Member

    Joined:
    May 5, 2005
    Posts:
    23
    Hi Stem

    I inserted HTTPS connection coz I saw in uTorrent and BitComet for tracker connection there are choices to use HTTP, HTTPS, and Socks. I just took HTTP and HTTPS from Outpost browser ruleset.

    Do you think BitTorrent clients should include HTTPS connection?
     
  19. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    Hi Fumens,
    I dont use torrent/P2P very much,... I use mainly just to see how a firewall reacts to such software,... Its just I have never seen this type of connection made by any of the P2P/torrent clents I have installed. You could leave the rules in place (with logging), and let me know if the rule is ever used.
     
Loading...
Thread Status:
Not open for further replies.