Outpost 4

[bionic]

Quote:

Agnitum's Outpost Firewall Pro 4.0 boasts even greater and more proactive security.

The following features are new:

- This version delivers proactive security functionality that blocks all currently-known techniques for bypassing security protection (leak tests), so it fully prevents sensitive data leakage from individual PCs. Its new Anti-Leak Control integrates Hidden Process Control and Process Memory Control technologies available in previous versions and provides a set of additional anti-leak features that allow to prevent such actions of malicious processes as control over another application, components injection, application window control, application launch with command line parameters, and others.

- Its new spyware signature analyzer provides even more accurate spyware detection to increase users’ protection against all known and even modified and new versions of malware. The spyware scanner besides calculating checksums using the entire file, can detect malware by the unchanged unique part of a file to more precisely evaluate threats.

- Outpost Firewall Pro 4.0 uses a new, ultra powerful Secure Hash Algorithm (SHA) 256 verification routine to identify applications while automatically creating network access rules through ImproveNet. This enables Outpost Firewall to be much more precise in identifying an application in order to ensure the creation and distribution of optimum rule sets. This algorithm replaces the old MD5 algorithm that could be bypassed by recently discovered hacking techniques, which, of course, significantly reduced the ability of this commonly used algorithm to protect users’ machines.

- Outpost Firewall Pro 4.0 makes it much easier to create the most secure configurations with its new macro definitions for applications and global rules. These can be used, for example, to designate the local network as LOCAL_NETWORK or all DNS servers simply as DNS_SERVERS. This gives advanced users the ability to quickly define security rules for their Intranet communications as well as some Windows-based services (for example, DNS).

- Outpost Firewall Pro 4.0 also provides a specially designed Entertainment mode that avoids distracting the user’s attention or interrupting a game yet still protects the system when you are playing or watching movies online. While in this mode, the protection is active without bothering the user with numerous prompts or alerts.

- For those who want to decrease the number of prompts, yet still want to have full control, Outpost Firewall Pro 4.0 suggests the Low level of Component Control, which does not warn about every changed or added application component, but warns only about executable files.

- Finally, Outpost Firewall Pro 4.0 features a new self-protection mode. With self-protection turned on, Outpost Firewall Pro protects itself against termination caused by viruses, Trojans or spyware. Even attempts to simulate user keystrokes that would otherwise lead to firewall shutdown are detected and blocked. Outpost Firewall Pro also constantly monitors its own components on the hard drive, registry entries, memory status, running services, and so on, and disallows any changes by malicious applications.

Version 4.0 improves overall usability and performance, and is available for 64-bit operating systems.

More info and download

Code:

http://www.agnitum.com/products/outpost/whatsnew40.php

[banzibaby]

Cheers for the info m8

I doubt i be upgradin to it, this release is basically still a beta (RC 4 was released on the 25th & folk were still reportin bugs & problems with it but agnitum still released it as final 2 days later.

The self protection is a pain as it locks the registry & folders on the HD (reg cleaners & defrags will error out when scannin or tryin to defrag its files, i couldnt even copy my cfg files into the OP folder with SP on) Most will turn it off & forget to turn it back on & it has no exclusion list.

The anti leak IMHO is only in there as they have been losin users to Comodo (which has always done great in leak tests) OP has always been bad with leak tests.

It is also rips of lots of ideas from ZA, ZA has a entertainment mode (less alerts while playin games. DVD's etc) so OP has to get it, ZA has anti spyware so OP has it (Op's version is based on their old Tauscan anti trojan app which has the worst detection of any AT, the AS plugin is well known for mostly flaggin false positives (even one of the OP mods says that)

This so called final version still spikes Ur CPU up to 50-70% when loadin a web page, it still allows apps to call out before the GUI loads even if the service is set to stop all till the GUI loads (NOD can update no probs before OP even loads, it still pops up the shutdown dialog periodically while tryin to reboot & it stil cause a blue screen just after the boot screen on my PC (if i uninstall OP i dont get them at all)

Quote:

Version 4.0 improves overall usability and performance, and is available for 64-bit operating systems

Im suprised Agnitum can even say that as it is more unstable now (durin install it flags Flashget as a app that causes system instability & adds it to some form of exclusion list) I have never ever had stability issues with FG, OP yes, FG no ) & it has taken them this long to put in x64 support & it will BSOD like mad on dual core systems

Its a shame they have screwed up what was once the best firewall goin

BaNzI

[bionic]

That bad eh
Barely tried it, got some flashget trouble(100% cpu usage and an unresponsive flashget ui) So i went back to 3.51 which (except for the p2p issues) does a fairly good job.

Ive been dreading what they would do to this release as i have the last couple of releases. Im gradually loosing interest, dont even bother with their betas anymore.

Im already contemplating jetico and have been for a while, just waiting for v2 to be out of beta.
Anything you have in your sights as a successor?

[banzibaby]

Yee, i had the same flashget probs, funny how OP 3.51 & earlier versions never caused any probs with flashget

Agnitum are obviously tryin to make it look like other apps are causin probs but it really the fact OP has probs with certain well known apps.

I very wary of OP now as it had a startup & shutdown vunerability that was in all 2x & 3x versions (where incomin & outgoin connection could be made, they say they fixed the shutdown one in 3.51 but never bothered with the startup one (which i have a strong feelin is still in v4x despite what Agnitum says, how else would NOD be able to update when the startup policy is set to block all & firewall mode is set to block most, it should stop all traffic till the OP GUI loads but it doesnt.

Op 4 was supposed to be released in the middle of August but was constantly delayed due to the tiny number of beta testers doin a bad job is pointin out the bugs, the only reason agnitum released a public RC was due to the fact the firewall was almost unusable & bug ridden & had numerous probs, they only did it so they could fire it out & make money on it quicker, not because they wanted to get others to help (they have never done a public beta before)

Im curious to see if they can get the number of popups down a bit with Jetico 2x, should be a good firewall when it out of beta (think they will be chargin for it where 1x was free)

Comodo seems to be shapin up to be a good firewall as well, the dev's always post on its forums & are really interested in what their users want, they also fix any probs very quickly.

It does excellent in the leak tests if they are important, the rule makin sysyem could do with a few improvements & features

Their CEO was unfairly banned from Wilders because a OP moderator was there complainin about him postin a email from agnitum in the comodo forum in which they basically tried to accuse them of usin faked screenshots to pass leaktests, the Wilders admin then banned him sayin he had threatened him in the thread (not true) & in a pm (prolly not true as well) It obvious the OP mod then complained to the admin & got him banned IMHO.

All i can say is at least the Comodo devs actively take part in the forums whereas the OP forum is run by fanboy fanatics & the devs rarely visit.

Sorry for the long post but the way agnitum ignore the users & do buisness (constantly addin new feautures while not fixin well known bugs) just really winds me up, i have recommended their app to over 20 of my close family & friends, not anymore.

Edit: one example of a bug in OP (& i have written many emails to agnitum support about it) is when U close a torrent app (Azureus & utorrent) it starts to block the UDP connections but still lets thru the TCP connections meanin U have to reboot to get it to block them.

[LTR12101B]

On my 3rd reinstall of it - update over 3.51 barfed, the procedure to fix that also failed.

Uninstalled - my previous config that I'd tried to preserve was long dead, reinstalled.

3 possible install modes, inadequately documented, none of them striking a really comfortable balannce between easy setup and options - always preferred one where you can have the defaults, see them and adjust before applying.

[banzibaby]

Exactly m8.

I had the same cfg probs, it borked the cfg i had spent ages settin up & makin as secure as poss.

I have only used the so called improvenet part of it once, thats where it makes the rules automatically, i let it do that then tested it at GRC & PCflank, it failed miserably

Changed it to non auto rules & cleared all the rules & made my own it passed

They really have made a mess of what used to be one of the best firewalls goin

They even have the nerver to blame its instability on other apps lol

BaNzI

[bionic]

Quote:

Originally Posted by banzibaby

Sorry for the long post but the way agnitum ignore the users & do buisness (constantly addin new feautures while not fixin well known bugs) just really winds me up, i have recommended their app to over 20 of my close family & friends, not anymore.

Who wouldnt be agravated bud.
Your sentiments are well recognized indeed, i hate being an involuntary beta tester

[LTR12101B]

Absolutely! - it started as a pretty good port rules firewall, in the days when Zonealarm (spit!) was king.

Then they had to go and make it "noddy", but didn't make a very good job of it.

On the "advanced" side, most of the advanced features throw so many false alarms and need so much tuning, that you just give up and turn them off. Very much more "wizarding" is needed, to get to a decently secure setup for a relatively standard system without acres of prompting.

My NTOSKRNL.EXE tries to modify it, according to the alert, but having scanned with other things, it's probably just another junk prompt.

[scarecrow]

Outpost 4.X passed all PC Flank tests with flying colors, which isn't something terribly good, if it's THAT tricky to set up...
Jetico 2.X beta is working fine for me, on the single instance I've installed it, and on my main box I do not have a firewall (it's Linux, and the router's SPI firewall is more than enough- no need for sandbox, antivirus and outgoing traffic filtering).

[serjer]

did tried a 4x beta in the past,was buggier than the 3x series,so reverted back to 2.7 which is far more stable

[banzibaby]

Before version 4 OP didnt have hardly any probs with other apps, now with version it has probs with flashget, avast, spysweeper, most av's & other sercurity scanners.

The whole self protection feature while a good idea has been badly implemented.

Yes it does well at PCflank but then so did earlier version (just not with the new leak test)

I like Bionic & others object to being used as a beta tester for agnitum, they have beta testers & i gotta say they seem not to be doin a good job as each new Final version has more bugs than before.

I seems they are flinin in new features just be a clone of ZA & Comodo.

BaNzI

[roadworker]

Using beta 3 ATM,it works quite well on my win2003 partition.....nothing strange,optimal connection speed,no FlashGet or NetTransport hickups....
Comodo will become a great firewall,am using it on a XP partition.
However,if you install a new app that asks for updating directly after install,Comodo doesn't pop up for internet permission of that app.....only after closing and re-opening the fresh installed program....

[LTR12101B]

Could have done with a week or a month longer in beta, and working context help, so it releases with a load of new features which will inevitably be configured either so tight that something breaks, whereupon the users then resorts to setting them so loose that they are ineffective, or bails back to 3.51 in desperation.

I sure as hell wouldn't want to have an investment in Agnitum, especially not with Microsoft giving one hell of a kick in the teeth to security vendors in Vista - though having used OP4, I'd welcome a half-decent firewall from Microsoft, though there record on vulnerabilities does not inspire confidence... guess I'm gonna have to learn and learn to love Linux.

[banzibaby]

Totally agree m8

It need another month of two in beta till the ironed out all the probs & put in proper exclusion lists for the self protection etc.

I annoyed at them as i actually ended up buyin it & renewed a couple o months ago

Still Comodo seems to be comin on in leaps & bounds, not bad for a freebie

BaNzI

[LTR12101B]

If you want a truly evil one to configure, try this one
http://force.coresecurity.com/

Not only does it firewall IP connections, but it also firewalls files, directories, registry keys, while the community profile development helps to alleviate some of the complexity. I guess if you know what you're doing, you can do content control, install prevention, protect things like homepage settings etc.

Agnitum blew out most of their community when they discontinued the Preset.LST - that was the beginning of their drive down the wrong path, alienating many of the more technical users.