PG vs Outpost Firewall

Discussion in 'ProcessGuard' started by A884126, Jun 13, 2004.

Thread Status:
Not open for further replies.
  1. A884126

    A884126 Registered Member

    Joined:
    May 16, 2004
    Posts:
    191
    Hi.

    My system is running slow everytime I am changing OP configuration.

    I just found out this in PG log (see file attached).

    Should I modify OP rules in PG?

    Cheers
     

    Attached Files:

    • OP.GIF
      OP.GIF
      File size:
      56.4 KB
      Views:
      342
  2. Rui

    Rui Registered Member

    Joined:
    Mar 28, 2004
    Posts:
    141
    Location:
    Portugal
    Hi A8884126

    I have all the programs you mention as resident ones, except NOD32, which in my case is replaced by KAV, and XP Pro SP1 fully patched too . This means I have installed PGuard v. 2000 (shareware) and Outpost Pro v. 2.1.
    As Outpost is a trusted application, I guess you could allow it more permissions.
    This is the way I have Outpost configured in PGuard:
    Allow Flsgs - Write, SetInfo, Terminate, Suspend
    Blocked Flags - Write, SetInfo, Terminate, Suspend
    Options - Close Message Handling

    This configuration has been working very well for me, with no noticeable system slowdown. I suggest you try it.
    If you have any more doubts just post here again, or send me a private message if in need of more help

    Regards

    Rui
     
  3. A884126

    A884126 Registered Member

    Joined:
    May 16, 2004
    Posts:
    191
    Thanks for the reply, however I had to change the Allowed Privileges as it asked the security code (for cookie, java...) everytime I am visiting a new site.

    I am going to wait till the end of June as the guys from OP sould come back to me to solve my BSOD issue.
    If I get no news then I will move to ZA.

    Cheers
     
  4. hojtsy

    hojtsy Registered Member

    Joined:
    Dec 28, 2003
    Posts:
    351
    I suggest to Allow also Read and GetInfo to give read access to other protected processes.
    Also note that Read privilege should also be Blocked whenever you set Close Message Handling, because otherwise a malware could directly read the random HID code from the memory space. This was originally suggested by Jason.
    -hojtsy-
     
  5. A884126

    A884126 Registered Member

    Joined:
    May 16, 2004
    Posts:
    191
    Thanks very much.

    However I just got too many BSOD yesterday (4 in one day!). I could not stand it anymore and I just moved to ZA Pro Web Filtering.

    I hope the BSOD will now disapear..

    Cheers
     
  6. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Hojtsy wrote:
    But you can give other programmes on your protection list the "read" "getinfo" allows to prevent excess logging ;) as they are already protected.
     
  7. A884126

    A884126 Registered Member

    Joined:
    May 16, 2004
    Posts:
    191
    Good news no more BSOD with ZASS! However I am not crazy about this firewall...
     
  8. brucemc

    brucemc Registered Member

    Joined:
    May 27, 2004
    Posts:
    44
    Whenever I shut down my computer I get the Close Message Handling for Outpost - anyway to avoid this?
     
  9. nick s

    nick s Registered Member

    Joined:
    Nov 20, 2002
    Posts:
    1,430
    Uncheck Close Message Handling under Options for outpost.exe.

    Nick
     
  10. Socio

    Socio Registered Member

    Joined:
    Jun 29, 2004
    Posts:
    166
    So the right way to configure Oupost is

    Allow Flsgs - Write, SetInfo, Terminate, Suspend
    Blocked Flags - Write, SetInfo, Terminate, Suspend, Read
    Options - None

    Correct?
     
  11. nick s

    nick s Registered Member

    Joined:
    Nov 20, 2002
    Posts:
    1,430
    This is my config for Outpost Pro:

    Allow Flags :- Read,Write,Terminate,Suspend,GetInfo,SetInfo
    Blocked Flags :- Write,Terminate,Suspend,SetInfo
    Option Flags :- None

    I give my security apps full Allow privileges.

    Nick
     
  12. Socio

    Socio Registered Member

    Joined:
    Jun 29, 2004
    Posts:
    166
    Ok I set mine the same way I guess you don't really need to block read if you are not going to use Close Message Handling in options.

    Thanks
     
Thread Status:
Not open for further replies.