Question for Paranoid2000 or someone about outpost

Discussion in 'other firewalls' started by TECHWG, Nov 14, 2005.

Thread Status:
Not open for further replies.
  1. TECHWG

    TECHWG Guest

    Hi

    i was just wondering a) whats your total opinion obn outpost pro (latest) for swecurity

    b) What does outpost do when it blocks an app from net access? because most firewalls when you block say like For example Internet explorer, It will sit there and sit there and sit there and about 2 seconds or so you will see cant be displayed or something or timed out . . With outpost when you block something the program IE internet explorer will go Instantly BOOMPF nothing. How does outpost block with such speed? Everything you block the programs know and dont even wait to time out they just dont access it and they dont seem to even try to access. ??

    I have had this information thorn in my side thats not been pulled out. Please tell me!!!
     
  2. hollywoodpc

    hollywoodpc Registered Member

    Joined:
    Feb 14, 2005
    Posts:
    1,325
    Hi Tech . (1) As secure a software firewall that you can buy . It is excellent !

    (2) There is an area in OP that allows you to block a site for any length of time you wish . Default is 5 minutes . Check out the pic .
    I hope that helps . You can set it to 0 if you like . OP is detecting an intrusion at the sites you speak of . If you feel they are safe , You can add those sites to a type of safe list OR you can do as stated above . It is in the attack detection area .
     

    Attached Files:

    • op.png
      op.png
      File size:
      30.8 KB
      Views:
      34
  3. TECHWG

    TECHWG Guest

    Great thanks ! i love this firewall and i have tested Lots . . Believe!
    But what i was refering to is the ability to block programs access to the internet.
    Take this following Example.


    Sygate. load Internet Explorer, and then right click it in sygate and hut block. Now close internet explorer and reload it and try to surf . . . and watch it
    . . . . . it will sit there and sit there and sit there and sit there and sit there until eventually it will time out.

    Outpost. goto application settings and right click Internet explorer and hit always block. Load internet explorer and try to surf . . No net
    Boof its instant Pow nothingness. No timeout no retrys nothing Wow Poof Boom etc its completely instant No network access. Why does this firewall do that and no other. me personally i love this feature alone! The ability to block a programs access withought the program sitting there and keep trying to access the internet then for it to time out and continue with programs operation. Click block and the programs function withougt trying to time out trying tryine trying to access. try it you will see what i mean.

    Its one of the first things i picked up on in the early versions of v2.xx

    I have tried Zonealarm pro, Sygate, Norton, Mcafee, Bit defender, ghostwall, Tiny personal firewall pro, F-secure (firewall funtion) and the best i have seen from my own personal testing is Outpost. The only thing really i dont like is the making rules. For example on sygate if i say "PROGRAM.EXE, Deny, Incoming, TCP, All APPS" then that program can surf the web But NOT accept any server connections to it. Now if you do that with outpost it will completely block any inbound trafic even it it was initiated as a client request. so if you say to your web browser "IE.exe, Deny, Incoming, TCP," its not going to be able to access anything. For this its not as good as sygate in the fact of making custom rules for security network server softwares against INTERNET access. I prefer sygate for this. Apart from that i see no other firewall that can even contest to the power of Outpost Pro 3
     
  4. hollywoodpc

    hollywoodpc Registered Member

    Joined:
    Feb 14, 2005
    Posts:
    1,325
    I apologize Tech .
    Not quite sure what you are attempting . In Outpost , click application , right click IE , and choose modify rules OR custom to block any part of IE you wish . This way , I believe , IE will still be able to load but , without whatever it is you want NOT to load . Confused yet ? I think I am . Lol . Sorry . I hope that kinda helps
     
  5. auriell

    auriell Registered Member

    Joined:
    Feb 9, 2005
    Posts:
    105
    Location:
    Warsaw, Poland
    I am not sure what you meant, but if you want to have blocked apps showing sth like "can not connect" simply remove them from blocked apps, and set Outpost into "block most" mode.

    For me the best solution is to create the rules only for apss I know they have to access the Internet using "rules wizard" (no blocked and no trusted). When I have a full list of partially allowed apps I switch OP into "block most" mode. It allows me to see than, when any other app is trying to start and run, but has no net connection.
     
  6. TECHWG

    TECHWG Guest

    :) Yes we are Lol

    basically all i am saying is that when you block a program on most firewalls i have ever seen the program will keep trying to access the internet until they time out. Outpost somehow convinces the program not to even try to access or even attempt to reconnect. Once you block a program on outpost it does not even try to access anything online past 1 try. Do you get me now ??:rolleyes:
     
  7. TECHWG

    TECHWG Guest

    :) ok, i know how to use my ouotpost firewall, I know how to set it up and i know its working and i dont need what you might term "help" with this. What i am saying is about the System "technique" that outpost uses to prevent programs access to the internet. Basics - Firewall can block a program - program cant access internet or anything ok?

    well all firewalls do that, But 99% of them when you block a program, That blocked program will try and try and try until it times out . . . Because it was blocked . . .

    Now outpost when you block a program it it cant access anything and it does not even rtry and try . It Instantly times out on the spot with no waiting. Making this firewall my choice over all of them just even based on this function alone. But what i am saying is WHY?? Why can this do this and why dont other firewalls do it. Is it more secure to do blocking this way? or less secure? Accidental programming? o_O? I dont know thats why i am asking. i tried to explain it as simple as i could but i dont know how to make my self any clearer :oops: I think you will understand now since i hope i explained a little more ?
     
  8. hollywoodpc

    hollywoodpc Registered Member

    Joined:
    Feb 14, 2005
    Posts:
    1,325
    ROFLMAO !!!
    Yep Tech . we ARE !!
    Anyway . I would claim it is just very good coding . Is it safer ? I do not think it matters but , of course , if something is blocked , it should be blocked . OP is excellent as you have already discovered . I cannot answer your " questions " 100 % accurate as I can only guess about whether it is good coding but , I have to think that it is seeing as how OP is excellent at about everything it does .
     
  9. manzz

    manzz Registered Member

    Joined:
    Oct 6, 2005
    Posts:
    55
    @Techwg
    I believe you will find that some firewalls stop "net access" and some just stop "internet connections"

    The firewalls that just stop the "internet connection" means the pgm gains "net access" and then times out waiting for a connection that is blocked.
     
  10. TECHWG

    TECHWG Guest

    Yes manz i like that . . .

    hey check thgis out i found a lovely nice Real low level Super freat on resources firewall to go with outpost. Its basically a Ip firewall (theres no application control its all ip) its good for stopping trojans from opening ports etc

    http://wipfw.sourceforge.net/

    There is a GUI built for it. its a lil complicated at times to work out how to make the config save. But It goes well with outpost and if nothing else you can use it as a backup and install-deny mode so that it would work simply like a router firewall where you can not accept any incoming connections . . . I persopnally use this and allow msn and my ftp server and everything else is stealthed, But its a simple double click from being stopped. its KERNEL MODE driver based :)

    Or the CHX that people talk about it very good too. i think this one i like the most . . .
     
    Last edited by a moderator: Nov 16, 2005
Loading...
Thread Status:
Not open for further replies.