Your opinion of Online Armor Personal Firewall

Why is "Install mode" so important?
I always use the "Learning mode" for installations and updates, the only thing left to do is to delete some rules or trust some apps afterwards, "my pending files" in OA Free.

Cheers

 

"delete some rules"

I guess that can be a problem for the not so experienced or lazy users!?!

 

There's no need to delete the rules, really. Although, for tidy up I suppose that we could write something to trim this down automatically from time to time

 

But how if I am installing something in learning mode, and surfing at the same time in the internet. Then I might have to check afterwards that a not a bad application sneaked into my system and got some rules auto-created.

Or am I wrong?

 

That wasn't the point I was making - the point I was making was that a few extra rules don't cause much of a problem.

Nevertheless, I would not recommend learning mode as a replacement for install mode if you're going to run around doing other things at the same time because as you correctly point out - bad behaviours can be learned too.

It's the same reason I don't recommend programs that do uninstalls (total uninstall was one that I played with) because you never know whats going to get removed if you don't know what else happens during the install process.

Certainly, some of the support issues we have had are caused by programs like this.


Mike

 

So better just to switch HIPS of during installation? --- something bad may sneak in, but at least it does not get any rules created and next time it wants to run I get a popup. Or not? (Excluding the worst case, i.e. an application that take already control over my security suite.)

The problem why I thought I need an install mode is because I am working with application like "cygwin" or "miktex-latex". They are frequently updated and they contain a lot of exe and dll files --- just to many to confirm every during installation. Later I might just use a small fraction of these files at a time, so no problem to confirm each separately at that point; but not during installation

 

In your case, if you're getting too many prompts, the paid version might be best for you. You can exclude the directory, or use install mode.

 

Thanks, but I am not so much into security. I am just playing with free apps

 

Being a fearless installer is a cool game. And when you get bored, you play russian roulette with yourself?

 

but I am running my free security suite here.

I just meant, I like to play with apps: comodo, OA, etc. I guess they all protect me well.
And it is a lot of fun: always having the newest version, setting it up correctly, seeing what other people have to say, etc ... and it is free!

if it would be for my business, sure I would pay for a good service ...

 

Hi,

I am sorry that I was unprecise with "delete some rules", what I meant were especially the leftovers in the temporary folder after installations and updates.
I delete this files periodically and so it's easy to see in OA Programs that there are dead links.
But it is not necessary to delete them, it's just for making the ruleset smaller.

Cheers

 

Just uninstalled permanently. Every time you update or patch a program you get more pop ups. " A trusted program has changed" . No kidding it changed I was the one who did it.

 

If you install a firewall and/or HIPS that doesn't warn about a changed program, you can uninstall it too.
It's Firewall/HIPS job to warns you about any checksum change in a program

MaB

 

Exactly. Heck, even Kerio 2 keeps MD5 hashes and if it detects that the application's exe has changed,it asks you if you want to apply the existing rules for the changed exe. And Kerio 2 is something like 6 years old.

It would be unthinkable for a current firewall with integrated HIPS to ignore changes in an application. How would it understand the difference with malware code injection?

 

My opinion is that OA should support Vista as soon as possible.
Just my obsession to try it.

 

I understand but when your a gamer such as myself and you patch a game like WOW<COD4,BF2,TF2,HL2 you dont need a firewall telling you that a trusted program changed when you know you were the one who changed it. I have never seen or heard of a spyware/trojan changing any game files. Yes changing your browser but thats different. All my pings are lower with Online Armor also.

 

I think maybe there is an option to change this. Not sure. I went somwhere else for my firewall needs.

 

This is an opinion post and everybody has there right to an opinion. Correct. Relax my friend.

 

Dieselman, my friendly advice is : Don't fight it. You said it yourself:

"I always come back to ZA".
https://www.wilderssecurity.com/showthread.php?t=197219

I think that by now it is safe to say, that you should stay with ZA. It's useless to try over and over again the same firewalls that you have already said they don't satisfy your needs.

 

I know what I said but in another thread ZA is now screwing up my Logitech gaming devices. Went to Comodo.

 

You're correct that the notification is unnecessary because you caused the change, but how can the firewall know? You have to tell it somehow.

 

Comodo or any other firewall never asked me this. If a program is trusted then it should stay trusted.

 

I understand Peter but what I mean is that it should not apply to trusted program like games. A firewall should know and learn that a program that you clearly marked as trusted should basically stay trusted. New program should set off bells and whistles. This is just my opinion.