However, I could not find a way to configure Outpost to permit all local net traffic (on 192.168.0.*) effectively. For that reason I have uninstalled the trial copy for now, but I am prepared to give it another go if I can obtain some help, as follows.
1. In particular, the machine hosting Outpost is also to host a DHCP server (either as part of ICS, or via a third-party proxy server - see more about this below). I find that when a client broadcasts the DHCP request (from IP 0.0.0.0), it apparently gets blocked by Outpost. I have tried accepting all traffic from 192.168.0.*, and even tried adding it to the trusted zone, but that does not correct the problem. What rule(s) do I need to add to permit this traffic?
2. Trusted Zones, etc. If I add the local net to the trusted zone, or I accept all traffic from the local net, what anti-IP spoofing support does Outpost provide? In other words if a remote probe spoofs a 192.168.0.* source IP address, will it succeed? Note that all external traffic routes via a specific NIC (to a 1Mb cable modem), and the local net connects via a different NIC.
3. Firewar. Now, I have read the posts about Firewar on this forum, but I believe an essential point has been missed. Basically, Outpost is susceptible to the *technique* used by Firewar, and while it is easy to block Firewar itself (e.g., by blocking access to Paolo Iorio's site) a payload using the same technique could be delivered by different means other than ActiveX, such as Java or Javascript. I guarantee that one or more hackers will start using this technique sooner or later. It concerns me that Outpost is vulnerable to this kind of attack: can Agnitum please comment on this?
4. I have so far evaluated Outpost only with ICS. I would like to use it in conjunction with WinGate, though. Can you please explain what incompatibilities and security risks this might pose if Outpost and WinGate are used together on the same machine? Will all of Outpost's application protections still function without change (for example, will rules that apply to program X still work unchanged for X if X routes through WinGate)? I would be quite happy to disable WinGate's own firewall, if necessary, to work with WinGate.
5. I have evaluated Outpost on a Win2K system. Should I expect any problems running Outpost on WinXP Pro?
Thanks in advance for your assistance.
From what you say, it would seem that under Outpost, apps using WinGate (or other proxy) will have the same internet access rights as WinGate itself, which is not really different to the way my current firewall operates.
While there's a lot I do like about Outpost (and your support is without doubt better than our current firewall suppler!), there's not really enough there to entice me away at the moment.
I'll stay with our current firewall for now, but I'll look with keen interest at v2 when it is released.
Do you have any estimate for its release date?
I am currently using Wingate 5.0 with ENS enabled and it set up easy as pie. I would like to talk to you later about Wingate and why it opens so many ports to listen on, but we will do that later, maybe via email. Wingate is not officially supported by Outpost, but we will work with you here, no problem.
To start with, when you have a network, you use the Pro version and put the client machines IP in the Trusted Zone, as you have done. I have tested at PC Flank and they try to spoof 129.168.0.* and Outpost blocks it.
Now for Wingate. If you delete all instances of Wingate and Gatekeeper from your rules and with Outpost in the rules wizard mode, you start to surf, you should get a popup for Gatekeeper. You need to allow TCP out to localhost on remote port 808.
You should get some popups to allow Wingate Exe, so accept the rules that are suggested. You should end up with a rule to allow UDP to 192.168.0.255 on port 369. Also you should have the default ruleset for email client and the default browser ruleset.
Firewar and all known leaks have been fixed in version 2 when it gets released.
You should have no problems using Wingate with Outpost, but I do not have XP, I have 2k. Some people do have various problems with XP, but all you can do is try it and see what happens.
We will try to address any specific problems you have.
However, I could not find a way to configure Outpost to permit all local net traffic (on 192.168.0.*) effectively. For that reason I have uninstalled the trial copy for now, but I am prepared to give it another go if I can obtain some help, as follows.
1. In particular, the machine hosting Outpost is also to host a DHCP server (either as part of ICS, or via a third-party proxy server - see more about this below). I find that when a client broadcasts the DHCP request (from IP 0.0.0.0), it apparently gets blocked by Outpost. I have tried accepting all traffic from 192.168.0.*, and even tried adding it to the trusted zone, but that does not correct the problem. What rule(s) do I need to add to permit this traffic?
Currently Outpost does not support ICS under Win2K SP3, or WinXP Pro.
Originally posted by spm
2. Trusted Zones, etc. If I add the local net to the trusted zone, or I accept all traffic from the local net, what anti-IP spoofing support does Outpost provide? In other words if a remote probe spoofs a 192.168.0.* source IP address, will it succeed? Note that all external traffic routes via a specific NIC (to a 1Mb cable modem), and the local net connects via a different NIC.
I do not know for sure, but my first inclination would be yes. I would not recommend that you use a wild card in the trusted zone. That way it is less likely that they will choose the actual IP address you use.
Originally posted by spm
3. Firewar. Now, I have read the posts about Firewar on this forum, but I believe an essential point has been missed. Basically, Outpost is susceptible to the *technique* used by Firewar, and while it is easy to block Firewar itself (e.g., by blocking access to Paolo Iorio's site) a payload using the same technique could be delivered by different means other than ActiveX, such as Java or Javascript. I guarantee that one or more hackers will start using this technique sooner or later. It concerns me that Outpost is vulnerable to this kind of attack: can Agnitum please comment on this?
If you set Active content to disabled on a global basis then set the permissions on a site by site basis you should be OK.
Originally posted by spm
4. I have so far evaluated Outpost only with ICS. I would like to use it in conjunction with WinGate, though. Can you please explain what incompatibilities and security risks this might pose if Outpost and WinGate are used together on the same machine? Will all of Outpost's application protections still function without change (for example, will rules that apply to program X still work unchanged for X if X routes through WinGate)? I would be quite happy to disable WinGate's own firewall, if necessary, to work with WinGate.
root one of our mods is currently using wingate and Oupost together with no trouble.
Originally posted by spm
5. I have evaluated Outpost on a Win2K system. Should I expect any problems running Outpost on WinXP Pro?
Thanks in advance for your assistance.
See answer to question #1 and also some people have no trouble what so ever and then there are some that report all kinds of problems with XP unfortuneately there does not appear to be any common reason for this.
#If you have any other info about this subject , Please add it free.# |
