Agnitum Outpost Firewall
Jelentkezz be a hozzászóláshoz.
#528
Mindenképpen kipróbálom majd, de még jó a 3.51 egyenlõre. Mióta Outpost+nod32 van(kb 2-3 hónapja), egy darab baci sincsen. Pedig az outpost alapon van. Amit adtál multkor a profi konfigurációt, azt hagytam, túl bonyolultnak tünt, inkább nem nyulok hozzá a falamhoz, föleg hogy igy is jo. 😊
Chaos Anno Domini
#527
Outpost Firewall Pro 4.0 RC2
Build number is 947.582
This stage of beta testing will continue till 15.09.2006
This version can be installed on a clean computer as well as over
Outpost Firewall 3.51 and 4.0 beta/rc
Még 10 napot tesztelünk, aztán jön a végleges! Meglátjátok, tuti lesz. Kicsit még instabil, de egyre jobb.
Build number is 947.582
This stage of beta testing will continue till 15.09.2006
This version can be installed on a clean computer as well as over
Outpost Firewall 3.51 and 4.0 beta/rc
Még 10 napot tesztelünk, aztán jön a végleges! Meglátjátok, tuti lesz. Kicsit még instabil, de egyre jobb.
Fortuna fortes adiuvat.
#526
Egyszer volt egy data crashed az outpostban és azóta service módban indul, ha én bezárom és elindítom, akkor normál módban indul, ezt hogy tudom kijavítani?
Másik meg az hogy szeretném ha a torrenthez lefordítanátok magyarra a beállításokat, mert ugyan értem, de biztosra magyek ha magyar is van. Köszi elõre is.
Másik meg az hogy szeretném ha a torrenthez lefordítanátok magyarra a beállításokat, mert ugyan értem, de biztosra magyek ha magyar is van. Köszi elõre is.
#525
Nincs véletlen IE-sPYAD TELEPÍTVE? vagy Spywareblaster? Szokta AZ IE restricted zónában lévõ játékososokat kémnek látni.😊
Fortuna fortes adiuvat.
#524
az outpost 3.51 kiirja 5000 kémprogramot taálát hogy kell ezeket kiirtanni?
My CPU: AMD Athlon 64(tm) 3200+,2GB DDR Ram,Ati X1600Pro 512Mb, Genius 5.1(hangfal)BenQ FP737s-D 1W(80Gb)2W(120Gb)
#523
hát de azzal a probléma továbbra is fennáll, csak épp nem jelenti nemde? 😊
AsRock Z68 Extreme3 Gen3, Intel i5 2500k, Corsair Vengeance 2x4GB DDR3, PNY GTX570 XLR8 Enthusiast Edition, Dell U2311H, Kingston 120Gb SSD + 4Tb WD HDD
#522
Echo reply - Out
http://www.winportal.net
#521
Hali! én egy csomószor kapok olyan hibaüzenetet, hogy a cFosSpeed által küldött adatcsomagok nem értek célba.... az icpm beállításoknál hova tegyek pipát, hogy jó legyen?
AsRock Z68 Extreme3 Gen3, Intel i5 2500k, Corsair Vengeance 2x4GB DDR3, PNY GTX570 XLR8 Enthusiast Edition, Dell U2311H, Kingston 120Gb SSD + 4Tb WD HDD
#520
Egyet értek! 
#519
Ma kijött a 4.0 -es utolsó Bétája. Aug. 31-ig tesztelhetjük. Ez sokkal stabilabb, mint az elõzõk, sok bugot megjavítottak benne.
Fortuna fortes adiuvat.
#518
Szóval még nem üzemkész😊
Fortuna fortes adiuvat.
#517
Beta Testers Only!
Outpost Firewall Pro Beta 4
build 916.570.040
Changes:
Object is completely deleted after being detected by spyware real-time protection (not only file is removed but registry entries also)
Signature-based search is enabled and optimized (pay attention to performance)
Lists of vulnerable ports added in Attack Detection plug-in
Fixes:
Self-protection improvements (including known false positives, process protection is added, similar events are not reported (Diskeeper)
Incorrect content processing in Content plug-in (which resulted in unavailability of some pages)
Rules editing issues
Update issues, including spyware-signature database
Game mode issues (including crashes on entering Game mode, false positives, settings were not rolled back on exiting Game mode)
Outpost Firewall could crash on system startup
Leaktests were failed (AWFT #1, Wallbreaker #3, Breakout #2)
Using macro addresses issues (incorrect address value detection)
Outpost Firewall could crash after changing plug-in settings
No default settings for Attachment Quarantine and Ads plug-ins after installation
Found spyware were displayed incorrectly
Issues with process name detection in Anti-Leak prompts
When scanning lnk files using context scan, files in the target location were found instead of the file itself
Outpost Firewall could not start after Windows restart or logging off/on
CPU usage 100% after logging in the system
Windows Explorer could hang after Outpost Firewall installation
eMule could crash while verification of the downloaded file
Multiple interface and localization issues
Several more issues
Outpost Firewall Pro Beta 4
build 916.570.040
Changes:
Object is completely deleted after being detected by spyware real-time protection (not only file is removed but registry entries also)
Signature-based search is enabled and optimized (pay attention to performance)
Lists of vulnerable ports added in Attack Detection plug-in
Fixes:
Self-protection improvements (including known false positives, process protection is added, similar events are not reported (Diskeeper)
Incorrect content processing in Content plug-in (which resulted in unavailability of some pages)
Rules editing issues
Update issues, including spyware-signature database
Game mode issues (including crashes on entering Game mode, false positives, settings were not rolled back on exiting Game mode)
Outpost Firewall could crash on system startup
Leaktests were failed (AWFT #1, Wallbreaker #3, Breakout #2)
Using macro addresses issues (incorrect address value detection)
Outpost Firewall could crash after changing plug-in settings
No default settings for Attachment Quarantine and Ads plug-ins after installation
Found spyware were displayed incorrectly
Issues with process name detection in Anti-Leak prompts
When scanning lnk files using context scan, files in the target location were found instead of the file itself
Outpost Firewall could not start after Windows restart or logging off/on
CPU usage 100% after logging in the system
Windows Explorer could hang after Outpost Firewall installation
eMule could crash while verification of the downloaded file
Multiple interface and localization issues
Several more issues
Fortuna fortes adiuvat.
#516
Nem kezdõknek való. de meghálálja a törõdést, hidd el. Én most a 4.0-s verziót (Béta)tesztelem -hivatalosan-zseniális! Önvédelem, Game-üzemmód (nincs prpmpt), Anti-leaking technológia, Makrók a beállításokhoz, új pluginek stb.
Viszont ha rosszul konfigurálod, sok bosszúság forrása!
Viszont ha rosszul konfigurálod, sok bosszúság forrása!
Fortuna fortes adiuvat.
#515
Köszi. Bár kicsit bonyolultnak néz ki, de megbirkózok vele.<#wink>
Chaos Anno Domini
#514
Itt a link:
Outpost Beállítás
Outpost Beállítás
Fortuna fortes adiuvat.
#513
Olvasd el ezt:
Post A Guide to Producing a Secure Configuration for Outpost
What follows is a guide I have produced with feedback and help from the other forum moderators on configuring Outpost with the emphasis on security. It provides comprehensive details on every part of Outpost's configuration and covers several topics that have been discussed elsewhere in this forum.
As there is a 10,000 character limit on posts, I have had to spread this guide across several posts. For those who would prefer one document that can be read offline, a zipped copy in Rich Text Format is also enclosed.
Anyone with queries or suggestions about this guide is invited to post them in the General Discussions forums.
Recent Updates
The guide has been updated to version 1.01:
* Section added for Outpost Free.
* Terminology changed - "DNS Heavy" now described as "Application DNS", "DNS Lite" as "Global DNS".
* Recommendation for ICMP Destination Unreachable packets altered.
* Global DNS section includes reference to application rules for services.exe/svchost.exe.
* Application DNS section now mentions DNShell leaktest.
* Added HTTP block rule to Email Client (to stop images being downloaded for spam emails).
* Sections G7-9 added for Blockpost, HTTPLog and SuperStealth plugins.
* Document History section added.
Copying This Guide
You may take and distribute copies of this guide, in full or in part, subject to the following conditions:
* You must include mention of the guide's original location (either a link to this thread or a mention of the www.outpostfirewall.com forum will suffice);
* You may make additions to the guide (while not modifying existing content) but they must be clearly labelled as such and include your contact information to allow anyone with queries to raise them with you.
Attached Files
File Type: zip secure configuration-v101.zip (40.3 KB, 4900 views)
Post A Guide to Producing a Secure Configuration for Outpost
What follows is a guide I have produced with feedback and help from the other forum moderators on configuring Outpost with the emphasis on security. It provides comprehensive details on every part of Outpost's configuration and covers several topics that have been discussed elsewhere in this forum.
As there is a 10,000 character limit on posts, I have had to spread this guide across several posts. For those who would prefer one document that can be read offline, a zipped copy in Rich Text Format is also enclosed.
Anyone with queries or suggestions about this guide is invited to post them in the General Discussions forums.
Recent Updates
The guide has been updated to version 1.01:
* Section added for Outpost Free.
* Terminology changed - "DNS Heavy" now described as "Application DNS", "DNS Lite" as "Global DNS".
* Recommendation for ICMP Destination Unreachable packets altered.
* Global DNS section includes reference to application rules for services.exe/svchost.exe.
* Application DNS section now mentions DNShell leaktest.
* Added HTTP block rule to Email Client (to stop images being downloaded for spam emails).
* Sections G7-9 added for Blockpost, HTTPLog and SuperStealth plugins.
* Document History section added.
Copying This Guide
You may take and distribute copies of this guide, in full or in part, subject to the following conditions:
* You must include mention of the guide's original location (either a link to this thread or a mention of the www.outpostfirewall.com forum will suffice);
* You may make additions to the guide (while not modifying existing content) but they must be clearly labelled as such and include your contact information to allow anyone with queries to raise them with you.
Attached Files
File Type: zip secure configuration-v101.zip (40.3 KB, 4900 views)
Fortuna fortes adiuvat.
#512
Hali! Tudna valaki adni egy biztos beállítási sémát? 3.51.759-es verzióm van. köcc
Chaos Anno Domini
#511
köszi, fordítás menni fog, remélem ezekután a letöltés is! naki is állok megcsinálni aztán jelentkezem! 😄
AsRock Z68 Extreme3 Gen3, Intel i5 2500k, Corsair Vengeance 2x4GB DDR3, PNY GTX570 XLR8 Enthusiast Edition, Dell U2311H, Kingston 120Gb SSD + 4Tb WD HDD
#510
Szökevény - remélem le tudod fordítani😊
Fortuna fortes adiuvat.
#509
There should be little difference between this application to any other Bittorrent application in terms of what rules should be allowed or denied.
Principles
1. All clients(torrent software) usually use HTTP,HTTPS for tracker and updates, etc.
Protocol: TCP, direction: Outbound, Remote port: HTTP,HTTPS, Allow it
2. The client will normally need Inbound and Outbound loopback(usually only Inbound)
Protocol: TCP, direction: Inbound, Remotehost: 127.0.0.1, Allow it
3. The client will need to have outbound access to the peers you will be connecting to, clients you connect to should be using a port between 1024-65535.
Protocol: TCP, direction: Outbound, Remote port: 1024-65535, Allow it
4. Now your client will need a listening port. This will have to be what ever is specified from within utorrent i.e. 34259(default port).
Protocol: TCP, Direction: Inbound, Remote Port: 1024-65535, Local Port: 34259, Allow it
5. Alot of clients now use UDP, this is used for DHT/Distributed Database, etc. Again check your clients configuration as it will usually display a configurable UDP port number, we'll assume it's default as above.
Protocol: UDP, Remote port:1024-65535, Local Port: 34259, Allow it
6. Finally we need to add the Block All coverage rules to prevent further rules prompts.
Protocol: TCP, Direction: Inbound, Block it
Protocol: TCP, Direction: Outbound, Block it
Protocol: UDP, Block it
With these principles in mind it should be fairly obvious how to apply them in rules wizard. If not, then setup your rules prior to launching utorrent and check your blocked logs for any problems.
Hope this helps.
Principles
1. All clients(torrent software) usually use HTTP,HTTPS for tracker and updates, etc.
Protocol: TCP, direction: Outbound, Remote port: HTTP,HTTPS, Allow it
2. The client will normally need Inbound and Outbound loopback(usually only Inbound)
Protocol: TCP, direction: Inbound, Remotehost: 127.0.0.1, Allow it
3. The client will need to have outbound access to the peers you will be connecting to, clients you connect to should be using a port between 1024-65535.
Protocol: TCP, direction: Outbound, Remote port: 1024-65535, Allow it
4. Now your client will need a listening port. This will have to be what ever is specified from within utorrent i.e. 34259(default port).
Protocol: TCP, Direction: Inbound, Remote Port: 1024-65535, Local Port: 34259, Allow it
5. Alot of clients now use UDP, this is used for DHT/Distributed Database, etc. Again check your clients configuration as it will usually display a configurable UDP port number, we'll assume it's default as above.
Protocol: UDP, Remote port:1024-65535, Local Port: 34259, Allow it
6. Finally we need to add the Block All coverage rules to prevent further rules prompts.
Protocol: TCP, Direction: Inbound, Block it
Protocol: TCP, Direction: Outbound, Block it
Protocol: UDP, Block it
With these principles in mind it should be fairly obvious how to apply them in rules wizard. If not, then setup your rules prior to launching utorrent and check your blocked logs for any problems.
Hope this helps.
Fortuna fortes adiuvat.
#508
Hali!!
valaki le tudná nekem írni, hogy uTorrentet hogyan engedjem ki Outposton keresztül?? meg van még egy router is, egy SMC Barricade 7004VBR
köszi
valaki le tudná nekem írni, hogy uTorrentet hogyan engedjem ki Outposton keresztül?? meg van még egy router is, egy SMC Barricade 7004VBR
köszi
AsRock Z68 Extreme3 Gen3, Intel i5 2500k, Corsair Vengeance 2x4GB DDR3, PNY GTX570 XLR8 Enthusiast Edition, Dell U2311H, Kingston 120Gb SSD + 4Tb WD HDD
#507
Próbáld meg megkérdezni: számomra a netes játékok tabula rasa.
Outpost Hivatalos Fórum
Outpost Hivatalos Fórum
Fortuna fortes adiuvat.
#506
#472 <#rinya><#nemtudom><#conf><#fejvakaras> plíz vki!44
"a takarítón? az ?rület határát súrolja, aztán a légifolyosót mossa föl"
#505
OK, a többit nem vágom
Fortuna fortes adiuvat.
#504
Kössz, ismerem a DropMyRights mûködését és most megint megpróbáltam és a skype -al megy is. Kétségtelen, hogy korábban egy régebbi verziójú skype -al nem ment.
#503
Úúgy tûnik az sg fórummotor megkajálja a photobucket -es képlinket.
Ha simán leírom akkor meg nem tölti be képnek:
http://i52.photobucket.com/albums/g4/zoleehun/op.png
Ha simán leírom akkor meg nem tölti be képnek:
http://i52.photobucket.com/albums/g4/zoleehun/op.png
#502
Cél: C:\Drop\DropMyRights.exe "C:\Program Files\Skype\Phone\Skype.exe"
(Ha innen indul a Drop My Rights)
Indítás helye: C:\Drop
(Ha innen indul a Drop My Rights)
Indítás helye: C:\Drop
Fortuna fortes adiuvat.
#501
Nem lehet képet feltölteni?
Fortuna fortes adiuvat.
#500
When you are finished, these rules should be the only rules in your ruleset for Skype. Please create the rules in the exact order given here.
Where the protocol is: TCP
Where the direction is: Outbound
Where the REMOTE PORT is: 80
Allow It
Where the protocol is: TCP
Where the direction is: Outbound
Where the REMOTE PORT is: 1024-65535
Allow It
Where the protocol is: UDP
Where the REMOTE PORT is: 1024-65535
Allow It
Where the protocol is: UDP
Where the LOCAL PORT is: 1024-65535
Allow It
Where the protocol is: TCP
Where the direction is: Outbound
Deny It
Note: This rule will BLOCK all outbound TCP connections except for the connections that you have defined above. This will help avoid uncecessary rules creation popups for outbound TCP connections. So, it is very necessary for you to have the rules in the exact order that I have given here.
Where the protocol is: TCP
Where the direction is: Inbound
Deny It
Note: This rule will BLOCK all inbound TCP connections except for the connections that you have defined above. This will help avoid uncecessary rules creation popups for inbound TCP connections. So, it is very necessary for you to have the rules in the exact order that I have given here.
Where the protocol is: UDP
Deny It
Note: This rule will BLOCK all UDP connections except for the connections that you have defined above. This will help avoid uncecessary rules creation popups for UDP connections. So, it is very necessary for you to have the rules in the exact order that I have given here.
Note: This is a little different than the way I have generated TCP and UDP Coverage Rules in the past. The main difference is that I have included a separate rule for inbound and outbound TCP traffic coverage. The only reason is because the latest version of Outpost, soon to be released, now requires that TCP rules have direction. Previously, I just specified one TCP rule without direction. However with the pending release of the next version of Outpost this is no longer possible and it is necessary to start instructing users to write separate TCP outbound and inbound Coverage rules for applications that they want to secure from further rules creation popups.
I hope that ruleset works for you. I recommend that you give it a try and report your results.
Where the protocol is: TCP
Where the direction is: Outbound
Where the REMOTE PORT is: 80
Allow It
Where the protocol is: TCP
Where the direction is: Outbound
Where the REMOTE PORT is: 1024-65535
Allow It
Where the protocol is: UDP
Where the REMOTE PORT is: 1024-65535
Allow It
Where the protocol is: UDP
Where the LOCAL PORT is: 1024-65535
Allow It
Where the protocol is: TCP
Where the direction is: Outbound
Deny It
Note: This rule will BLOCK all outbound TCP connections except for the connections that you have defined above. This will help avoid uncecessary rules creation popups for outbound TCP connections. So, it is very necessary for you to have the rules in the exact order that I have given here.
Where the protocol is: TCP
Where the direction is: Inbound
Deny It
Note: This rule will BLOCK all inbound TCP connections except for the connections that you have defined above. This will help avoid uncecessary rules creation popups for inbound TCP connections. So, it is very necessary for you to have the rules in the exact order that I have given here.
Where the protocol is: UDP
Deny It
Note: This rule will BLOCK all UDP connections except for the connections that you have defined above. This will help avoid uncecessary rules creation popups for UDP connections. So, it is very necessary for you to have the rules in the exact order that I have given here.
Note: This is a little different than the way I have generated TCP and UDP Coverage Rules in the past. The main difference is that I have included a separate rule for inbound and outbound TCP traffic coverage. The only reason is because the latest version of Outpost, soon to be released, now requires that TCP rules have direction. Previously, I just specified one TCP rule without direction. However with the pending release of the next version of Outpost this is no longer possible and it is necessary to start instructing users to write separate TCP outbound and inbound Coverage rules for applications that they want to secure from further rules creation popups.
I hope that ruleset works for you. I recommend that you give it a try and report your results.
Fortuna fortes adiuvat.
#499
megköszönöm <#worship>
#498
Addig:
can't connect to Skype from work or due to a restrictive firewall. Which ports need to be opened in order to use Skype?
If you aren't familiar with firewalls or ports, it may be a good idea to ask a system administrator or tech-savvy friend to help you. The minimum requirement is that Skype needs unrestricted outgoing TCP access to all destination ports above 1024 or to ports 80 and 443 (the former is better, however). If you don't allow either of those, Skype will not work reliably at all. Voice quality and some other aspects of Skype functionality will be greatly improved if you also open up outgoing UDP traffic to all ports above 1024, and allow UDP replies to come back in.
In the quest for even better voice quality, it is also advisable to open up incoming TCP and/or UDP to the specific port you see in Skype Options. This port is chosen randomly when you install Skype. In the case of firewalls, this should be easy to arrange. In some routers, however, you cannot configure incoming UDP at all (but you still can configure incoming TCP port forwarding, which you could/should do).
The randomness in port selection is to improve NAT traversal for cases where several users are behind the same NAT; if they all used same ports, many NATs would behave in a way that would reduce Skype voice quality.
can't connect to Skype from work or due to a restrictive firewall. Which ports need to be opened in order to use Skype?
If you aren't familiar with firewalls or ports, it may be a good idea to ask a system administrator or tech-savvy friend to help you. The minimum requirement is that Skype needs unrestricted outgoing TCP access to all destination ports above 1024 or to ports 80 and 443 (the former is better, however). If you don't allow either of those, Skype will not work reliably at all. Voice quality and some other aspects of Skype functionality will be greatly improved if you also open up outgoing UDP traffic to all ports above 1024, and allow UDP replies to come back in.
In the quest for even better voice quality, it is also advisable to open up incoming TCP and/or UDP to the specific port you see in Skype Options. This port is chosen randomly when you install Skype. In the case of firewalls, this should be easy to arrange. In some routers, however, you cannot configure incoming UDP at all (but you still can configure incoming TCP port forwarding, which you could/should do).
The randomness in port selection is to improve NAT traversal for cases where several users are behind the same NAT; if they all used same ports, many NATs would behave in a way that would reduce Skype voice quality.
Fortuna fortes adiuvat.
#497
Na ez az utso photobucket -es képbeszúrás próbám...
http://i52.photobucket.com/albums/g4/zoleehun/op.png
#496
Skype-ra adok Neked. privátban megy a film után. Az UDP-t engedni kell (UDP-szabályokhoz egyébként is ritka az irámnymegjelölés).
Fortuna fortes adiuvat.
#495
a lemeradt kép:
#494
Azt nem értem, hogy egges progiknál miért nem megy a DropMyRights. Persze most mondhatjátok, hogy miért nem a DropMyRights topic-ba írom azomban ha pl, Skype -ot tûzfal nélkül DropMyRights -al indítom akkor semmi bibi de jobb szeretnéma a Skype és a uTorent is DMR -el menne.
A másik, hogy nekem a Skype és a uTorrent is csak akkor megy rendesen ha zöldlámpás 'mindent elfogad' -ba teszem eggyik szabály sablon sem jó neki.
Ez a 8 nyitott port egyébként jónak számít?
A másik, hogy nekem a Skype és a uTorrent is csak akkor megy rendesen ha zöldlámpás 'mindent elfogad' -ba teszem eggyik szabály sablon sem jó neki.
Ez a 8 nyitott port egyébként jónak számít?
#493
Akkor hogy? Keress rá...Nálam mûködik, az egészet hosszú lenne elmondani.
Néztem a Naplót, megnéztem, hova ment ki (akar kimenni), milyen távoli portot használ, és ennek alapján szûkítettem a Beállítások, Alkalmazások, Módosítás alatt (rákattintva a módosítandó elemre, és hozzáadva pld. a megfelelõ hostot). Én minden egyes Netre menõ alkalmazás szabályait megszigorítottam, és pld. a svchost.exe is csak pontosan meghatározott szabályok szerint mehet a netre. De itt pld. 10, különálló szabályom van, a meghatározott sorrendben. Mondjuk én a 4.0-s(Béta) Outpostot használom, ami sokkal fejlettebb és felhasználóbarátabb.
Néztem a Naplót, megnéztem, hova ment ki (akar kimenni), milyen távoli portot használ, és ennek alapján szûkítettem a Beállítások, Alkalmazások, Módosítás alatt (rákattintva a módosítandó elemre, és hozzáadva pld. a megfelelõ hostot). Én minden egyes Netre menõ alkalmazás szabályait megszigorítottam, és pld. a svchost.exe is csak pontosan meghatározott szabályok szerint mehet a netre. De itt pld. 10, különálló szabályom van, a meghatározott sorrendben. Mondjuk én a 4.0-s(Béta) Outpostot használom, ami sokkal fejlettebb és felhasználóbarátabb.
Fortuna fortes adiuvat.
#492
bár ezt eddig is tudtam, mondjuk a 3.5-ös verziónál egyáltalán nem így van...
az a bajom, h csak egy adott ip tudok beírni, tartományt ná :c
az a bajom, h csak egy adott ip tudok beírni, tartományt ná :c
\"It\'s gonna be legen... wait for it... dary!\"
#491
htx
\"It\'s gonna be legen... wait for it... dary!\"
#490
Tanulóra állítod. Amikor kérdez, akkor "szabályalkotás" "egyedi", és kijelölöd a megfelelõ local és remote portot, a megfelelõ remote hostot. Beállítod, hogy engedélyez, vagy blokkol (esetleg FTP-nél Stateful Inspection).
Szabályhierarchiában elõször a feljebb levõ szabályt veszi figyelembe.
Valahogy így van a sorrendiség (Outpost 2,5 -tõ felfele)
Outpost 2.5 onwards
Plugins
Application/Global Rules with "Ignore Component Control" flag
Trusted/NetBIOS Zones
Global NetBIOS Block Rules
Global Rules with High Priority flag
Blocked/Trusted Application Settings
Application Rules
Global Rules
Outpost Policy
Allow NAT Packets
Transit Rule
Szabályhierarchiában elõször a feljebb levõ szabályt veszi figyelembe.
Valahogy így van a sorrendiség (Outpost 2,5 -tõ felfele)
Outpost 2.5 onwards
Plugins
Application/Global Rules with "Ignore Component Control" flag
Trusted/NetBIOS Zones
Global NetBIOS Block Rules
Global Rules with High Priority flag
Blocked/Trusted Application Settings
Application Rules
Global Rules
Outpost Policy
Allow NAT Packets
Transit Rule
Fortuna fortes adiuvat.
#489
hi
azt hogy tudom beállítani, hogy egy adott program csak egy adott ip tartományból/nak fogadjon/küldjön adatot?
azt hogy tudom beállítani, hogy egy adott program csak egy adott ip tartományból/nak fogadjon/küldjön adatot?
\"It\'s gonna be legen... wait for it... dary!\"
#488
De van, csak nekem automatizálva tölti le a Blocklist Manager. Nagyon jó, Te választod ki, hogy melyik listákat rakja össze, gyúrja át Outpost formátumba, és aztán exportálja a megfelelõ helyre (Az Outpost folderbe). De a Blocklist manager bonyolult, ezért elküldöm Neked azt, amit én a Blocklist Managerrel állítottam össze és frissítek rendszeresen.
Aztán megkeresem Neked a pontos címet, ahonnan le tudod tölteni, txt formátumban.
Privátban add meg a mail-ed!
Aztán megkeresem Neked a pontos címet, ahonnan le tudod tölteni, txt formátumban.
Privátban add meg a mail-ed!
Fortuna fortes adiuvat.
#487
Köszi szépen!
Nem tudsz egy elõre elkészített listáról, amit netán a Blockpostba importálni tudok, és a legzûrösebb címeket blokkolná?
Nem tudsz egy elõre elkészített listáról, amit netán a Blockpostba importálni tudok, és a legzûrösebb címeket blokkolná?
#486
Blockpost plugint felrakhatod, jól mûködik vele.
Good to hear you have success with Blockpost and BLM. Ezt írta nekem a program fejlesztõje:
Originally Posted by cooldoc66
Congratulations for Blockpost! I came to like this extension - it's a magical duo with Bluetack's Blockmanager!
Now I use Outpost 4...
Question is - should I /can I use Blockpost?
So far it seems to be working properly.
Thanx in advance!
As far as I know Blockpost will work nicely in Outpost 4 without modification or recompilation (kronckew have tested this).
Regards,
Jon aka Fazion
Forward Message
Good to hear you have success with Blockpost and BLM. Ezt írta nekem a program fejlesztõje:
Originally Posted by cooldoc66
Congratulations for Blockpost! I came to like this extension - it's a magical duo with Bluetack's Blockmanager!
Now I use Outpost 4...
Question is - should I /can I use Blockpost?
So far it seems to be working properly.
Thanx in advance!
As far as I know Blockpost will work nicely in Outpost 4 without modification or recompilation (kronckew have tested this).
Regards,
Jon aka Fazion
Forward Message
Fortuna fortes adiuvat.
#485
Én kikapcsoltam a Spyware-t, de az egyik Super Moderator ugyaneztr mondta a fórumon. A reklámblokkolás sem kell, ha van Firefox alatt AdBlock(Plus).
Fortuna fortes adiuvat.
#484
Megvan a probléma. Csakis a végleges verzió lesz frissíthetõ.<#wow3>
#483
OutpostFirewallPro.v4.0.916.570.Beta
#482
Neked frissít mindent rendesen? Nekem letölti a frissítést, de úgytûnik nem alkalmazza, még újraindítás után sem. Szóval újra és újra letölti a frissítéseket... a Spyware adatbázis out of date-et jelez.<#szomoru1>
#481
We plan to release version 4.0 early summer this year. First beta version will be released in May. If you would like to participate in beta program please visit http://www.agnitum.com/products/outpost/betatest.php . If you may test Outpost x64 please mention it in your application because we are especially interested in such testers.
1. Prevention of application’s attempts to inject components into another process
Windows operating system by design enables installing system interceptors (hooks) through which foreign code can be injected into other processes. Usually this technique is used to perform common, legitimate actions - for example - switching the keyboard layout or launching a PDF file within the web browser window. However, it can be likewise used by malicious programs to embed malicious code and thus hijack the host application.
An example of leak test using such technique to stage a simulated attack is a PC Audit program (http://www.pcinternetpatrol.com/).
New Outpost will control the installation of a hook interceptor in a process’s address space. This will be implemented via the interception of functions that are typically used by malicious processes (Trojans, spyware, viruses, worms etc.) to implant their code into legitimate processes (i.e. Internet Explorer or Firefox). The behavior of a DLL file invoking such functions will be considered suspicious and will trigger legitimacy verification.
The old system of Process Memory/Component Control was reactive in a way that Outpost would block access to processes where a new component had been detected. In 4.0, Outpost will prompt which processes you want to allow to embed components into other processes, and those which should be denied such an action. This gives more control over what’s happening on a PC, and enables you to confront spyware programs that use such techniques to defend themselves.
2. Detection of application’s attempts to gain control over another application
DDE technology is used to control applications. Most famous browsers are DDE servers and can be used by malicious programs to transfer private information into the network.
With 4.0, every attempt to use the DDE intercommunication is monitored with no exclusion, whether the process is open or not.
One example of this technique is Surfer leak test (http://www.firewallleaktester.com/leaktest15.htm). ZABypass is another example of a leak test using this method.
New DDE inter process communication control will enable Outpost Firewall Pro to control the methods used by applications to get control over the legitimate processes. It will prevent malware from hijacking the legitimate program and will check whether such DDE-level interactivity is allowed to be performed upon the network-enabled applications. In case such attempt is detected, it will trigger legitimacy verification.
3. Use of SHA256 identification algorithm
Starting with version 4.0, Outpost will utilize the SHA256 verification routine to identify applications during the process of automatic creation of network access rules through the ImproveNet. This will enable to provide absolute precision in identifying an application, ultimately bringing more security.
In the near future the SHA256 algorithm will be used only to identify applications because even on new PCs the SHA256 calculation might take quite a long time.
4. Suppression of attempts to launch browser with command-line parameters
Several firewalls are exposed to a vulnerability of a predatory code launching the default web browser with command-line parameters, allowing to circumvent the existing protection because the firewall is made to believe the legitimate application is performing the legitimate actions. However, in those command-line parameters some piece of private or critical data may be contained, along with the host name as a target recipient of thereof.
The example of using such technique is Wallbreaker leaktest (http://www.firewallleaktester.com/leaktest11.htm)
With new Outpost, your browser will be better protected against tampering thanks to the restricted list of processes that are allowed to start default browser with command line parameters.
Beyond traditional browsers, command-line launch control would apply to all network-enabled applications which are present in the configuration and/or the preset.conf file.
5. Low-Level Network Access Control
Some network drivers allow direct access to network adapter bypassing the standard TCP stack. These drivers can be used by sniffers and other malicious programs to get low-level network access and pose an additional risk for the system as traffic passing through them cannot be screened by a firewall.
New Outpost will allow controlling applications requesting network access bypassing standard methods. This feature strengthens the overall network security level preventing outbound data leakage. http://www.insecure.org/nmap/download.html.
The user will be able to control an application’s attempts to open a network-enabled driver, meaning that without the user’s authorization, an application won’t be able to send even the ARP or IPX data.
6. Definition of Preset Macros for Advanced Users
In the current Outpost version there is no possibility to create “quick” rules allowing advanced users to handily define security rules for their Intranet communications and some Windows-based services (for example, DNS).
On the other hand, this is a non-trivial task for the ordinary computer user. To make the process of creating the most secure configurations easier, Outpost will feature macro definitions for applications and global rules, which can be used, for example, to designate local network as LOCALNET or all DNS servers as DNS.
The list of available macro addresses is as follows: DNS Servers, Local Networks, Gateways, WINS Servers, My Computer, All possible My addresses, Broadcast addresses, and Multicast addresses.
7. Double DNS resolution control
DNS Client service contains potential vulnerability called DNS tunneling. The main point is that malicious code can transfer and receive any information using correct DNS packets to the correctly configured operating DNS server.
The example of using this technique is DNSTester leaktest (http://www.klake.org/~jt/dnshell/).
Outpost version 4.0 will perform double verification of access to the DNS Client service, providing a more secure system. This enables control access to DNS API even with the DNS Client service on, benefiting users who, out of compatibility concerns, cannot disable this service themselves.
This new inclusion will allow assigning permissions to a specific process for using the DNS Client service.
8. Advanced Control of Applications’ Memory
In version 4.0 the entire memory space used by any active application on a computer will be scrutinized by Outpost (not just that of a network-enabled application). In case of malware trying to modify any legitimate application’s memory Outpost will detect it and display a pop-up prompt asking for your decision. This feature will protect against even “unknown” malware not detected by antivirus and anti-spyware vendors.
The examples of using this technique are THERMITE and COPYCAT leaktests (http://www.firewallleaktester.com/leaktest8.htm, http://www.firewallleaktester.com/leaktest9.htm)
While the old system was reactive—Outpost blocked network access to processes whose memory had been modified—the new system works proactively: it allows you to permit or deny the modification of memory of other processes at the application level. For example, Visual Studio 2005 would be able to modify memory, while the “copycat.exe” leak test would be disallowed from doing so.
9. Spyware Signature Analyzer
The spyware analyzer will be improved to better protect from varieties of one single spyware sample, including even “unknown” samples and variants. Spyware Scan will use the unchanged part of the file, not the whole one to better analyze the results.
10. Active Desktop Control
Installing the specific HTML file for Active Desktop, malicious processes can transfer private data on behalf of Windows Explorer. The example of using this technique is Breakout leaktest (http://www.firewallleaktester.com/leaktest16.htm). Outpost will control such attempts to steal data by bamboozling the firewall.
11. Prevention of attempts to control other application’s windows
Windows allows applications to exchange window messages between processes. Malicious processes can get control over other applications sending them window messages and imitating user input from keyboard and mouse clicks. The example of using this technique is Breakout leaktest (http://www.firewallleaktester.com/leaktest16.htm).
Here the point is program interactivity through the SendMessage, PostMessage API, and so on. This technique is sometimes used for legitimate inter-process interactivity, but can likewise be used for nefarious purposes by perpetrators.
Outpost will control such attempts.
12. Prevention of attempts to modify critical registry entries
Malicious processes can modify registry to get network access on behalf of other application, for example, Windows Explorer.
The example of using this technique is Jumper leaktest
http://www.firewallleaktester.com/leaktest17.htm
These attempts will be temporarily controlled by Outpost’s internal Anti-Leak mechanism. This “proactive” capability will be extended—and even now it offers to select whether you want to allow embedding an object into a certain area of the registry.
13. x64 Support
14. Added later Self-protection mode
With self-protection turned on, Outpost protects itself against termination caused by viruses, Trojans or spyware. Even attempts to simulate user keystrokes that would otherwise lead to firewall shutdown are detected and blocked. Outpost also constantly monitors its own components on the hard drive, registry entries, memory status, running services, and so on, and disallows any changes by malicious applications. This self-protection enables Outpost to erect a so-called "defense shield" around itself and all of its components.
Reply With Quote
1. Prevention of application’s attempts to inject components into another process
Windows operating system by design enables installing system interceptors (hooks) through which foreign code can be injected into other processes. Usually this technique is used to perform common, legitimate actions - for example - switching the keyboard layout or launching a PDF file within the web browser window. However, it can be likewise used by malicious programs to embed malicious code and thus hijack the host application.
An example of leak test using such technique to stage a simulated attack is a PC Audit program (http://www.pcinternetpatrol.com/).
New Outpost will control the installation of a hook interceptor in a process’s address space. This will be implemented via the interception of functions that are typically used by malicious processes (Trojans, spyware, viruses, worms etc.) to implant their code into legitimate processes (i.e. Internet Explorer or Firefox). The behavior of a DLL file invoking such functions will be considered suspicious and will trigger legitimacy verification.
The old system of Process Memory/Component Control was reactive in a way that Outpost would block access to processes where a new component had been detected. In 4.0, Outpost will prompt which processes you want to allow to embed components into other processes, and those which should be denied such an action. This gives more control over what’s happening on a PC, and enables you to confront spyware programs that use such techniques to defend themselves.
2. Detection of application’s attempts to gain control over another application
DDE technology is used to control applications. Most famous browsers are DDE servers and can be used by malicious programs to transfer private information into the network.
With 4.0, every attempt to use the DDE intercommunication is monitored with no exclusion, whether the process is open or not.
One example of this technique is Surfer leak test (http://www.firewallleaktester.com/leaktest15.htm). ZABypass is another example of a leak test using this method.
New DDE inter process communication control will enable Outpost Firewall Pro to control the methods used by applications to get control over the legitimate processes. It will prevent malware from hijacking the legitimate program and will check whether such DDE-level interactivity is allowed to be performed upon the network-enabled applications. In case such attempt is detected, it will trigger legitimacy verification.
3. Use of SHA256 identification algorithm
Starting with version 4.0, Outpost will utilize the SHA256 verification routine to identify applications during the process of automatic creation of network access rules through the ImproveNet. This will enable to provide absolute precision in identifying an application, ultimately bringing more security.
In the near future the SHA256 algorithm will be used only to identify applications because even on new PCs the SHA256 calculation might take quite a long time.
4. Suppression of attempts to launch browser with command-line parameters
Several firewalls are exposed to a vulnerability of a predatory code launching the default web browser with command-line parameters, allowing to circumvent the existing protection because the firewall is made to believe the legitimate application is performing the legitimate actions. However, in those command-line parameters some piece of private or critical data may be contained, along with the host name as a target recipient of thereof.
The example of using such technique is Wallbreaker leaktest (http://www.firewallleaktester.com/leaktest11.htm)
With new Outpost, your browser will be better protected against tampering thanks to the restricted list of processes that are allowed to start default browser with command line parameters.
Beyond traditional browsers, command-line launch control would apply to all network-enabled applications which are present in the configuration and/or the preset.conf file.
5. Low-Level Network Access Control
Some network drivers allow direct access to network adapter bypassing the standard TCP stack. These drivers can be used by sniffers and other malicious programs to get low-level network access and pose an additional risk for the system as traffic passing through them cannot be screened by a firewall.
New Outpost will allow controlling applications requesting network access bypassing standard methods. This feature strengthens the overall network security level preventing outbound data leakage. http://www.insecure.org/nmap/download.html.
The user will be able to control an application’s attempts to open a network-enabled driver, meaning that without the user’s authorization, an application won’t be able to send even the ARP or IPX data.
6. Definition of Preset Macros for Advanced Users
In the current Outpost version there is no possibility to create “quick” rules allowing advanced users to handily define security rules for their Intranet communications and some Windows-based services (for example, DNS).
On the other hand, this is a non-trivial task for the ordinary computer user. To make the process of creating the most secure configurations easier, Outpost will feature macro definitions for applications and global rules, which can be used, for example, to designate local network as LOCALNET or all DNS servers as DNS.
The list of available macro addresses is as follows: DNS Servers, Local Networks, Gateways, WINS Servers, My Computer, All possible My addresses, Broadcast addresses, and Multicast addresses.
7. Double DNS resolution control
DNS Client service contains potential vulnerability called DNS tunneling. The main point is that malicious code can transfer and receive any information using correct DNS packets to the correctly configured operating DNS server.
The example of using this technique is DNSTester leaktest (http://www.klake.org/~jt/dnshell/).
Outpost version 4.0 will perform double verification of access to the DNS Client service, providing a more secure system. This enables control access to DNS API even with the DNS Client service on, benefiting users who, out of compatibility concerns, cannot disable this service themselves.
This new inclusion will allow assigning permissions to a specific process for using the DNS Client service.
8. Advanced Control of Applications’ Memory
In version 4.0 the entire memory space used by any active application on a computer will be scrutinized by Outpost (not just that of a network-enabled application). In case of malware trying to modify any legitimate application’s memory Outpost will detect it and display a pop-up prompt asking for your decision. This feature will protect against even “unknown” malware not detected by antivirus and anti-spyware vendors.
The examples of using this technique are THERMITE and COPYCAT leaktests (http://www.firewallleaktester.com/leaktest8.htm, http://www.firewallleaktester.com/leaktest9.htm)
While the old system was reactive—Outpost blocked network access to processes whose memory had been modified—the new system works proactively: it allows you to permit or deny the modification of memory of other processes at the application level. For example, Visual Studio 2005 would be able to modify memory, while the “copycat.exe” leak test would be disallowed from doing so.
9. Spyware Signature Analyzer
The spyware analyzer will be improved to better protect from varieties of one single spyware sample, including even “unknown” samples and variants. Spyware Scan will use the unchanged part of the file, not the whole one to better analyze the results.
10. Active Desktop Control
Installing the specific HTML file for Active Desktop, malicious processes can transfer private data on behalf of Windows Explorer. The example of using this technique is Breakout leaktest (http://www.firewallleaktester.com/leaktest16.htm). Outpost will control such attempts to steal data by bamboozling the firewall.
11. Prevention of attempts to control other application’s windows
Windows allows applications to exchange window messages between processes. Malicious processes can get control over other applications sending them window messages and imitating user input from keyboard and mouse clicks. The example of using this technique is Breakout leaktest (http://www.firewallleaktester.com/leaktest16.htm).
Here the point is program interactivity through the SendMessage, PostMessage API, and so on. This technique is sometimes used for legitimate inter-process interactivity, but can likewise be used for nefarious purposes by perpetrators.
Outpost will control such attempts.
12. Prevention of attempts to modify critical registry entries
Malicious processes can modify registry to get network access on behalf of other application, for example, Windows Explorer.
The example of using this technique is Jumper leaktest
http://www.firewallleaktester.com/leaktest17.htm
These attempts will be temporarily controlled by Outpost’s internal Anti-Leak mechanism. This “proactive” capability will be extended—and even now it offers to select whether you want to allow embedding an object into a certain area of the registry.
13. x64 Support
14. Added later Self-protection mode
With self-protection turned on, Outpost protects itself against termination caused by viruses, Trojans or spyware. Even attempts to simulate user keystrokes that would otherwise lead to firewall shutdown are detected and blocked. Outpost also constantly monitors its own components on the hard drive, registry entries, memory status, running services, and so on, and disallows any changes by malicious applications. This self-protection enables Outpost to erect a so-called "defense shield" around itself and all of its components.
Reply With Quote
Fortuna fortes adiuvat.
#480
Várj, idemásolom angolul. A lényeg: kevesebb RAM,CPU, anti-leaking (minden teszten átmegy), fejlettebb összetevõ-ellenõrzés, önvédelem (nem engedi módosítani a file-jait), új naplózás, elõregyártott makrók pld. a SDNS-szervereidre, a Local Networkre, az összes hálózati címedre (nem kell bíbelõdni a szabályalkotásnál)
Stabil, egyszer sem omlott össze. nem muszáj haladóra rakni: rakhatod normálra, akkor szinte alig kérdez,beállítja magát. És a játékosoknak legfontosabb: GAME-Mode: nem zavar mag játék, ill. filmnézés közben feugró promptokkal (be kell állítani). Röviden ennyi!
Stabil, egyszer sem omlott össze. nem muszáj haladóra rakni: rakhatod normálra, akkor szinte alig kérdez,beállítja magát. És a játékosoknak legfontosabb: GAME-Mode: nem zavar mag játék, ill. filmnézés közben feugró promptokkal (be kell állítani). Röviden ennyi!
Fortuna fortes adiuvat.
#479
Mégis mit tud? még mindi csak béta nem? (ui: ha sokst kérdez sokan nem fogják komázni)
/Gripen az égből/