outside Online armor and comodo are there alternative?

Just to be dead sure here, this ImproveNet generates rules for Outpost only? It sounds like these rules are privilege rules for applications to shut down others, set hooks stuff like that? I like the idea of getting these from the actual vendors of the applications rather than 1 vendor of the FW who don't always "know" what and "why" certain privleges are needed.
IMHO, one vendor could never hope to know that much.

But this is different than FW rules dealing with protocols, direction, all applications, or specific and specific ips and ports in the deny or allow rules of a FW?

Maybe these are unfair questions to put to you, if so I applogize in advance!

 

Why shouldn't it work only for Outpost? Why should Outpost share predefined rules with other vendors, while others don't?

What do you mean with "privilege rules for applications to shut down others, set hooks stuff like that?"?

The predefined rules in Outpost only give those applications the rights they need and nothing else. You may also change any rule you don't like the way it is predefined.

Not every application needs to have rights to shutdown other applications.

For example, and I'm not sure if it's already known as a well-known application by Outpost's database, Sandboxie needs rights to shutdown other applications when you terminate, for example, your browser session.
It also needs this or that right. But, nothing more than that it will be allowed to do, otherwise, why wouldn't all firewalls just make a check on Allow to everything?

So, if vendor X, developing Xx application, tells you that you need to give full permission (full permission to do whatever needs in the system and to fully communicate with the Internet (in and out)) to their application, will you?

If that's the case, why do firewalls and rules even exist?


Regards

 

Automatic rules work the best let the smart firewall setup the rules all you have to is allow it or block it on the extreme ones.. Who got the time to sit there an add rules to everything you got on your system. I've used them all over the years. Sygate Pro, Armor2net was one of the best but it was plague with dog.dll crap. Outpost, Comodo, ZA and the rest just dog the system. I just use PC Tools Firewall Plus it can run on all Windows OS (Server/Client) and it's free with free registration. I still use 3.0.14 as I've tried the new stuff they have but this version has code injection. I use the RegProt also as a double security with the firewall. PC Tools Spyware Doctor with AntiVirus SE version works with the file system protection. Other features that are disabled I use Firefox googies listed below. That's it.. Systems run quick and smooth.

MS has some free tools like Process Explorer and Autoruns must to have to check out what's going on in the system. You can disable stuff you don't want to run or terminate them. Both are free from Microsoft and they work on Windows OS Server/Client.

 

Hi m00nbl00d: Good questions, I can't answer these really because I don't use or speak for Outpost. I simply asked a question or two myself. You have added more questions so maybe Outpost will speak here to help us.

Why indeed, they have done their own work it's their system. I was trying to get my head around how OP did it, I thought they used the vendors needs for priveleges and FW access rather than try to maintain that themselves. But maybe this is wrong.

We seem to be talking past each other, one the one hand there is the HIPS rules/privileges where users may or may not be able to tweak at their own risk the privileges on how programs run. Like hooks and preventing other programs from shutting them down. The other hand is the classic rules for "pure" FW's on packet inspection, direction in out, ports etc etc.

Okay, good.

That is for sure

Okay, I don't use Sandboxie.

What a ghastly thought, if a FW just allowed everything or say ignored a user rule!

Nope, not me I tend to the opposite view and deny first. 90% of the time the results are nil.

Why indeed.

 

I should have said that, the predefined rules, apply to both the firewall and hips modules.

So, if you opt for Outpost to automatically create rules for well-known and digitally signed applications, those rules will be created for both Internet access and to what they're allowed to do in the system.

For example, let's imagine that you got some well known application, which requires access to the Internet, by making use of protocol HTTP.
You start the application, let's say, your antivirus and update it.
That would be the only rule saying that connection is allowed. It wouldn't be given full permissions, like also allowing FTP connections.

I hope this clarifies any confusion I could have caused.


Regards

 

did Agnitum ever fix the BSOD issue? I think it was related to dual core cpu's or something, from a few years ago (I stopped using it because of these randomly occuring frequent BSOD's that dissapeared once it was uninstalled. They even acknowledged it themselves that there was problems).