Outpost Firewall Free 2009 v6.5 Released

Discussion in 'other firewalls' started by PaulBB, Apr 26, 2009.

Thread Status:
Not open for further replies.
  1. pandlouk

    pandlouk Registered Member

    Joined:
    Jul 15, 2007
    Posts:
    2,976
    'mate' as I said they were never adressed.
    If that makes you laugh good for you.

    ...meaningless is posting security issues in public forums, when the developing company already knows them.

    If you like to have a 'kidengraden talk' find someone else. I have better things to do...

    Panagiotis
     
  2. pandlouk

    pandlouk Registered Member

    Joined:
    Jul 15, 2007
    Posts:
    2,976
    I do not like repeating myself. As I said:
    The 'holes' are already addressed to the developer.
    And yes 3.9 has them too.
    In the links that I posted you will find the tools to test your inbound security.

    Panagiotis
     
  3. pandlouk

    pandlouk Registered Member

    Joined:
    Jul 15, 2007
    Posts:
    2,976
    You are welcome.

    Start here http://backtrack.offensive-security.com/index.php/Tools

    I am not talking about malware that will penetrate comodo D+.
    I am talking about 'spoofing', 'arp poisoning' and 'man in the midle attacks'. For testing you will need a network with at least 2 machines and a router (on 1 machine you must install comodo and you will use the other to perform the attacks).

    ps. Comodo vulnerabilities are significant only in networks that are not administrated correctly (for example, public wifi spots or home wifi networks open to everyone).

    Panagiotis
     
  4. pandlouk

    pandlouk Registered Member

    Joined:
    Jul 15, 2007
    Posts:
    2,976
    No, hips cannot help in these kind of attacks.

    Sorry, but I will not list them. Wilders is a security forum and not a blackhat place.

    Panagiotis
     
  5. Keyboard_Commando

    Keyboard_Commando Registered Member

    Joined:
    Mar 6, 2009
    Posts:
    690
    Comodos ARP protection isn't enabled *by default

    Might be part of the problem
     
  6. SystemJunkie

    SystemJunkie Resident Conspiracy Theorist

    Joined:
    Mar 3, 2006
    Posts:
    1,500
    Location:
    Germany
    Latest outpost 2009 free crashed too, look here:
    http://i44.tinypic.com/2eeehs8.png
    Not much difference in reality, imho. In contrary Comodo has a good ip blacklist feature that outpost 2009 free lacks.

    I always enable the tightest possible setup of a firewall, always maximum security.

    5 years are flying away if you are serious with testing, isn´t it...:D
     
    Last edited: Jun 13, 2009
  7. SystemJunkie

    SystemJunkie Resident Conspiracy Theorist

    Joined:
    Mar 3, 2006
    Posts:
    1,500
    Location:
    Germany
    If you say this then it is a serious thing, I suspect who is responsible for that.

    This ip-range is on my blacklist.
     
    Last edited: Jun 13, 2009
  8. SystemJunkie

    SystemJunkie Resident Conspiracy Theorist

    Joined:
    Mar 3, 2006
    Posts:
    1,500
    Location:
    Germany
    Which firewall can do anything against this? I don´t know any firewall that is able to resist not only mitm but especially that what I call "remotely attached poisoned http packets/traffic" or http-poisoning. This happens everywhere, everyday at least my sniffer proves it.
    If you analyzed this the whole discussion about security becomes a farce, a comedy show without purpose, nevertheless to test and experience security (that in reality does not exist) makes fun.
     
    Last edited: Jun 13, 2009
  9. pandlouk

    pandlouk Registered Member

    Joined:
    Jul 15, 2007
    Posts:
    2,976
    No "Protect the ARP cache" does not protect against 'arp poisoning' although it should.

    @ssj100
    'mate' I gave you some links where you can start learning and testing. I had enough of this BS.

    Panagiotis
     
  10. pandlouk

    pandlouk Registered Member

    Joined:
    Jul 15, 2007
    Posts:
    2,976
    Firewall with good snort rules (IPS) can protect against some of those attacks.
    For example 'Yoggie gatekeeper pico' does.

    Panagiotis
     
  11. hayc59

    hayc59 Updates Team

    Joined:
    Feb 9, 2002
    Posts:
    2,843
    Location:
    KEEP USA GREAT
    How in the world a simple Outpost Firewall Free 2009 v6.5 Released
    thread turned into a Comodo thread...very strange indeedie *puppy* *puppy*
     
  12. BlueZannetti

    BlueZannetti Registered Member

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    To all,

    This is an Outpost Firewall thread. Let's not randomly drag other products into the discussion.

    Blue
     
  13. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    Bad to think some maturity would be present after my absence.

    I will look through these posts now, as I see mention of ARP protection, which I certainly know about.

    Stop the childish behavior. This is a security forum, not a playground. I have my own problems without c%^p here.


    - SteM
     
  14. hayc59

    hayc59 Updates Team

    Joined:
    Feb 9, 2002
    Posts:
    2,843
    Location:
    KEEP USA GREAT
    Stem, quick question and you can remove this
    or pm me?? why is your pm feature turned off? makes for a funny afternoon
    when you cannot contact you[moderator of an important section] for help and or advise
    thank you sir that is all...Gordon
     
  15. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    Probably pi%%ed off at the time. PM back on.
    I have only limited time. If I answered all PM then I would have no time on forum.
     
  16. hayc59

    hayc59 Updates Team

    Joined:
    Feb 9, 2002
    Posts:
    2,843
    Location:
    KEEP USA GREAT
    thank you sir :)
     
  17. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    I am looking to attempt what is going on. However, off topic replies to this thread I will remove.

    [Complain to ya mom.]


    -Stem
     
  18. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    OK,

    Any comparison etc, then start a new thread.

    I will not remove posts, whats the point? We will see similar tomorrow in another thread.

    -Stem
     
  19. hayc59

    hayc59 Updates Team

    Joined:
    Feb 9, 2002
    Posts:
    2,843
    Location:
    KEEP USA GREAT
    Last edited: Jun 13, 2009
  20. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Latest release of Outpost Free is really running well :thumb:
     
  21. SystemJunkie

    SystemJunkie Resident Conspiracy Theorist

    Joined:
    Mar 3, 2006
    Posts:
    1,500
    Location:
    Germany
    Agree. Why should a mini computer be able to stop something what nobody else can stop, also not Outpost.
    I think outpost 2009 free needs a ip-range blacklisting ability to be equal to comodo (free) in relation to restrict http-attacks and http-smuggling. First priority should be to harden HTTP otherwise all efforts are meaningless.
     
  22. hayc59

    hayc59 Updates Team

    Joined:
    Feb 9, 2002
    Posts:
    2,843
    Location:
    KEEP USA GREAT
    Nice to hear that Kees...its pretty cool proggie
     
  23. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Well I just need a baseline intrusion prevention (always using policy management to contain risk), what I like is that I can set it to my liking and keep it quiet. Just defending the Windows-NT subsystem (without dll injection) plus registry and keyboard loggers thats it. No single pop-up by the host intrusion prevention since install (while Comodo or Malware Defender configured in the same way would pop-up), so very happy with it. :thumb:
     
  24. pandlouk

    pandlouk Registered Member

    Joined:
    Jul 15, 2007
    Posts:
    2,976
    You agree on what? That ssj100 has no clue what I was talking about?
    For the record the http attacks that you describe (at least that was my understanding) are called 'http splitting' and 'http smuggling' attacks that target http headers and are very, very difficult to intercept.
    I already answered you that a firewall with (deep packet inspection) and snort rules can prevent some of them. Yoggie Gatekeeper Pico was only an example since it has snort IDS/IPS included in it's Linux OS.

    Outpost free (or paid) and most of the personal firewalls (at least those that I have tested) cannot handle these http attacks.
    If you want to prevent them (some of them) simple install snort on your machine allong with your firewall.

    Panagiotis
     
  25. pandlouk

    pandlouk Registered Member

    Joined:
    Jul 15, 2007
    Posts:
    2,976
    If, after configuring it you set it in 'block most' mode you will never see a popup again. :D

    Panagiotis
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.