Outpost Host Protection problem

Discussion in 'other firewalls' started by mvdu, Sep 25, 2009.

Thread Status:
Not open for further replies.
  1. mvdu

    mvdu Registered Member

    Joined:
    Oct 14, 2003
    Posts:
    1,151
    Location:
    PA
    Hi,

    I'm using the just-released Outpost Pro version on a 64-bit Windows Vista machine. I have enabled "warn about starting new or unknown executables," but I get no popups for any files I run. I wonder what else in Host Protection might not be working. I know that in a test, even after blocking all activity, a rogue ended the AntiVir GUI process (though it couldn't terminate the AV process.) Is there anything to try?

    One thing I've noticed is that every file seems to be added to exclusions.
     
  2. wat0114

    wat0114 Guest

    Hi mvdu,

    check under; General-> Improvenet settings and ensure they are as per the screenshot, so that OP is not automatically creating rules for your applicatins.
     

    Attached Files:

  3. mvdu

    mvdu Registered Member

    Joined:
    Oct 14, 2003
    Posts:
    1,151
    Location:
    PA
    Hi, wat0114 - thanks for the suggestion, but unfortunately, it did not help.
     
  4. King Grub

    King Grub Registered Member

    Joined:
    Sep 12, 2006
    Posts:
    814
    After you unchecked those boxes, did you also remove the files that have already been added as "Known components"? In Settings, under Host protection; click View list.
     
  5. wat0114

    wat0114 Guest

    In addition to king Grub's suggestion, you will also need to go in the application rules and check the General tabs to ensure that "Allow all activity" is changed to "Use custom rules", then you may have to modify the "Anti-leak control" rules that OP would have automatically created for those apps that are getting too liberal system privileges.
     
  6. twl845

    twl845 Registered Member

    Joined:
    Apr 12, 2005
    Posts:
    4,186
    Location:
    USA
    Are the above settings the best settings generally speaking, or just for this posters problem?
     
  7. King Grub

    King Grub Registered Member

    Joined:
    Sep 12, 2006
    Posts:
    814
    If you want to pass all leaktests, then yes, perhaps, but if you want to balance max security against ease of use, then perhaps not. I use default settings for the most; I'd rather be a few percent less protected against theoretical threats (threats I've never been the target of during many years of internet use) than have to be bothered with pop-ups as soon as something happens in the operative system. Someone else might prioritize 100% security and passing all leak tests instead, and would rather deal with allow/deny-questions every day. Personally, an overly intrusive firewall/HIPS would give me more headaches and botheration than I've had from malware, so I think default is fine for the average user.
     
  8. wat0114

    wat0114 Guest

    Those settings give the user full control over creating rules, otherwise OP will auto-create rules on the fly, which will lead to to overly liberal and unnecessary rules for most applications.
     
  9. twl845

    twl845 Registered Member

    Joined:
    Apr 12, 2005
    Posts:
    4,186
    Location:
    USA
    OK thanks for the heads up King Grub and Wat0114. :)
     
  10. mvdu

    mvdu Registered Member

    Joined:
    Oct 14, 2003
    Posts:
    1,151
    Location:
    PA
    Hi, all - I did what everyone said, and it alerts for added components, but not starting a program.
     
  11. King Grub

    King Grub Registered Member

    Joined:
    Sep 12, 2006
    Posts:
    814
    If all else fails, you could alway do an uninstall and then, after re-installing, don't let it create any rules on its own or create any trusted files this time.
     
Loading...
Thread Status:
Not open for further replies.