Making Outpost work

I am on XP Pro + SP1 and have taken out a trial of Outpost Pro 2.5.

I am finding it quite hard configuring this firewall. At the moment
my Opera browser gets blocked whenever my third-party clipboard
manager (Yankee Clipper) pastes a URL into the address bar.

Outpost complains about the clipboard utility trying to change a
component of the brwoser. Huh? I don't understand it and what's
worse i don't know how to prevent Outpost blocking the browser at
that point.

Can anyone advise please.

---

On a larger scale, is it worth peristing with Outpost? As it seems
like quite a headache to get right.

I do NOT REALLY NEED FEATURES for mail attachments, cookies, ActiveX,
scripts, etc. Those things my I do well enough in the browser or in
my antivirus software and I don't have a MAJOR NEED for a second line
of defense against them.

As beackground I have used:

Sygate Free 5.5 and Sygate Pro 5.5 and both were ok (reporting is
better than others but I would have like even more reporting tools).

free Kerio (2.1.5) but reporting and user interface were always a bit
too tricky to use comfortably.

Zone Alarm Pro 4.5 but I continually get alert messages about
loopback 127.0.0.1 and suspected application hijacking (EG when the
browser calls the emailer). Reporting is not good either.

Is it worth me trying a different firewall?

Franklin

Purchase a hardware device. Try ebay, and pick up a Cisco 501.




Franklin wrote:
> I am on XP Pro + SP1 and have taken out a trial of Outpost Pro 2.5.
>
> I am finding it quite hard configuring this firewall. At the moment
> my Opera browser gets blocked whenever my third-party clipboard
> manager (Yankee Clipper) pastes a URL into the address bar.
>
> Outpost complains about the clipboard utility trying to change a
> component of the brwoser. Huh? I don't understand it and what's
> worse i don't know how to prevent Outpost blocking the browser at
> that point.
>
> Can anyone advise please.
>
> ---
>
> On a larger scale, is it worth peristing with Outpost? As it seems
> like quite a headache to get right.
>
> I do NOT REALLY NEED FEATURES for mail attachments, cookies, ActiveX,

> scripts, etc. Those things my I do well enough in the browser or in
> my antivirus software and I don't have a MAJOR NEED for a second line

> of defense against them.
>
> As beackground I have used:
>
> Sygate Free 5.5 and Sygate Pro 5.5 and both were ok (reporting is
> better than others but I would have like even more reporting tools).
>
> free Kerio (2.1.5) but reporting and user interface were always a bit

> too tricky to use comfortably.
>
> Zone Alarm Pro 4.5 but I continually get alert messages about
> loopback 127.0.0.1 and suspected application hijacking (EG when the
> browser calls the emailer). Reporting is not good either.
>
> Is it worth me trying a different firewall?

h4rm5

I have a Cisco 501, yes they are excellent little firewalls, however I
am not sure they are the best solution for someone who is novice with
firewalls in general. If he is having issues with reports and usage of
kerio, which is competent for a software firewall I suspect a 501 might
be a bit more than what he can work with easily. Firewalls can be a bit
daunting for those unfamiliar with them and their terse behaviors.

I would recommend Symantec as a software firewall, and read the quick
start guide when you set it up. It has all the logging you may want and
you can tell when something (usually) is talking out. Symantec won't
see Trojans that utilize alternate data streams, but for most everything
else is works, and is fairly easy to use. I am not sure why your at
SP1, but I do recommend getting current, there are a number of patches
and exploits that SP2 addresses and follow on patches won't install
properly until you upgrade to SP2.

Symantec requires you to scan the local system for Net enabled
applications. If you do not know what something is that is trying to
communicate disallow it. If you do not use a specific feature for
example remote desktop, disallow it and let it prompt you. You should
be able to figure out what it is if it pops up the question while your
using and application. If in doubt, google it, you can usually find the
executable fairly quickly in google.

Symantec provides the following logs:

Content blocking: blocking browser sites or types of communications you
have prohibited at the firewall such as banners, popups, Applets,
activeX ect.

Connections: When what where a connection was made.

Firewall: Blocked communications when what (port and address, where,
when, and why either by rule or unsolicited commo.

Intrusion detection: IDS finger who what when where an intrusion
attempt matching a specific IDS fingerprint was attempted.

Privacy: This log indicates every time a referer or cookie is
requested, whether it was allowed to where, when.

Private Information: This log indicates every thing you have designated
as private information was either disallowed or allowed to cross the
firewall, to whom, and when.

System: Indicates when firewall, starts, stops, tunneled connections for
all interfaces on the computer.

Configuration: This log provides messages about various connection
activities such as when it fails to secure a port or when configuration
changes etc.

Web history: Self explainitory

Alerts: log of items you have set to alert you via an alert window,
what the item was, whether you allowed it, when and to whom.

Then there is real time logging:
Real time logs display statistics about current network activity as to
things like bytes sent, received, (whether UDP or TCP ) blocked,w hat
rules have allowed or denied a session, What executables are actively
accessing the network, datagrams received sent or blocked.

Then there is a listing of all dll's that are currently allowed to
communicate. I have found it useful to review those occasionally as I
occasionally find some that I don't really want talking on the net.

While Symantec has a heavy hand on the local machine, a modern machine
of reasonable speed usually has no issue with running. If you are on an
old 400MHZ machine or something, you might want a different package.

But logging, it does very well. Only issue I have had is it has had the
rulebase corrupted once, never was sure why, but it didn't want to
communicate so I reloaded a backup config file and everything was put
right. Apparently that happens occasionally as they have an import and
export function to do this. There is more it does, but I have covered
the logging features I think of the product.

Winged












h4rm5 wrote:
> Purchase a hardware device. Try ebay, and pick up a Cisco 501.
>
>
>
>
> Franklin wrote:
>
>>I am on XP Pro + SP1 and have taken out a trial of Outpost Pro 2.5.
>>
>>I am finding it quite hard configuring this firewall. At the moment
>>my Opera browser gets blocked whenever my third-party clipboard
>>manager (Yankee Clipper) pastes a URL into the address bar.
>>
>>Outpost complains about the clipboard utility trying to change a
>>component of the brwoser. Huh? I don't understand it and what's
>>worse i don't know how to prevent Outpost blocking the browser at
>>that point.
>>
>>Can anyone advise please.
>>
>>---
>>
>>On a larger scale, is it worth peristing with Outpost? As it seems
>>like quite a headache to get right.
>>
>>I do NOT REALLY NEED FEATURES for mail attachments, cookies, ActiveX,
>
>
>>scripts, etc. Those things my I do well enough in the browser or in
>>my antivirus software and I don't have a MAJOR NEED for a second line
>
>
>>of defense against them.
>>
>>As beackground I have used:
>>
>>Sygate Free 5.5 and Sygate Pro 5.5 and both were ok (reporting is
>>better than others but I would have like even more reporting tools).
>>
>>free Kerio (2.1.5) but reporting and user interface were always a bit
>
>
>>too tricky to use comfortably.
>>
>>Zone Alarm Pro 4.5 but I continually get alert messages about
>>loopback 127.0.0.1 and suspected application hijacking (EG when the
>>browser calls the emailer). Reporting is not good either.
>>
>>Is it worth me trying a different firewall?
>
>

winged

On Sat, 19 Mar 2005 09:38:14 GMT, Franklin <> wrote:

>I am on XP Pro + SP1 and have taken out a trial of Outpost Pro 2.5.
>
>I am finding it quite hard configuring this firewall. At the moment
>my Opera browser gets blocked whenever my third-party clipboard
>manager (Yankee Clipper) pastes a URL into the address bar.
>
>Outpost complains about the clipboard utility trying to change a
>component of the brwoser. Huh? I don't understand it and what's
>worse i don't know how to prevent Outpost blocking the browser at
>that point.
>
>Can anyone advise please.


I've been using Outpost for about three years. The most recent
version seems to have some issues leading to notifications such as the
one you are seeing when no components have changed. I am thinking of
dropping Outpost because it is becoming bloated and buggy.


>
>---
>
>On a larger scale, is it worth peristing with Outpost? As it seems
>like quite a headache to get right.
>
>I do NOT REALLY NEED FEATURES for mail attachments, cookies, ActiveX,
>scripts, etc. Those things my I do well enough in the browser or in
>my antivirus software and I don't have a MAJOR NEED for a second line
>of defense against them.
>
>As beackground I have used:
>
>Sygate Free 5.5 and Sygate Pro 5.5 and both were ok (reporting is
>better than others but I would have like even more reporting tools).
>
>free Kerio (2.1.5) but reporting and user interface were always a bit
>too tricky to use comfortably.
>
>Zone Alarm Pro 4.5 but I continually get alert messages about
>loopback 127.0.0.1 and suspected application hijacking (EG when the
>browser calls the emailer). Reporting is not good either.
>
>Is it worth me trying a different firewall?

I am leaning towards Sygate Free.

I do have an OpenBSD firewall protecting my home network, however, I
need a Windows-based firewall for my notebook for those times when I
am travelling.

Mike

> I am on XP Pro + SP1 and have taken out a trial of Outpost Pro 2.5.
>
> I am finding it quite hard configuring this firewall. At the moment
> my Opera browser gets blocked whenever my third-party clipboard
> manager (Yankee Clipper) pastes a URL into the address bar.
>
> Outpost complains about the clipboard utility trying to change a
> component of the brwoser.
I'm not familiar with this utility, but you should try to understand what
it's doing. Aside from that you can configure component control in OP - you
can even disable it but that's not recommended. Read the manual and go to
the OP forum at http://www.outpostfirewall.com/forum/ where you will get a
lot of help.

> Huh? I don't understand it and what's
> worse i don't know how to prevent Outpost blocking the browser at
> that point.

Just because you have a lack of understanding doesn't mean that there are
no threats around. As a matter of fact they are becoming more and more
severe. Protecting a computer is a complex task, and gaining some knowledge
about it is inevitable. In my view, OP offers a level of protection no
other PFW does. E.g., it protects against nearly all known leaktests
contrary to other competing products. But it's only one element of
protection - others are: a good antivirus program, replacing IE and Outlook
by Firefox and Thunderbird, surfing only under a restricted user account,
keeping one's brain switched on (probably the most important one).


>
> I do NOT REALLY NEED FEATURES for mail attachments, cookies, ActiveX,
> scripts, etc. Those things my I do well enough in the browser or in
> my antivirus software and I don't have a MAJOR NEED for a second line
> of defense against them.

Are you sure? The big advantage of OP is its abilty to block all the Active
Content you mentioned by default thus protecting you against the associated
risks. On the other hand you can selectively allow one or several of these
active elements for specific sites which you consider trustworthy - a great
feature.
>
> As beackground I have used:
>
> Sygate Free 5.5 and Sygate Pro 5.5 and both were ok (reporting is
> better than others but I would have like even more reporting tools).
>
> free Kerio (2.1.5) but reporting and user interface were always a bit
> too tricky to use comfortably.
>
> Zone Alarm Pro 4.5 but I continually get alert messages about
> loopback 127.0.0.1 and suspected application hijacking (EG when the
> browser calls the emailer). Reporting is not good either.
>
> Is it worth me trying a different firewall?

Well, I've tried all above firewalls before I switched to Outpost. OP
offers the best protection and value for me. It's getting better and better
with each new version, and it's very stable.

Thomas Ludwig

On Tue, 22 Mar 2005 23:19:29 +0100, Thomas Ludwig
<> wrote:

>> I am on XP Pro + SP1 and have taken out a trial of Outpost Pro 2.5.
>>
>> I am finding it quite hard configuring this firewall. At the moment
>> my Opera browser gets blocked whenever my third-party clipboard
>> manager (Yankee Clipper) pastes a URL into the address bar.
>>
>> Outpost complains about the clipboard utility trying to change a
>> component of the brwoser.
>I'm not familiar with this utility, but you should try to understand what
>it's doing. Aside from that you can configure component control in OP - you
>can even disable it but that's not recommended. Read the manual and go to
>the OP forum at http://www.outpostfirewall.com/forum/ where you will get a
>lot of help.
>
>> Huh? I don't understand it and what's
>> worse i don't know how to prevent Outpost blocking the browser at
>> that point.
>
>Just because you have a lack of understanding doesn't mean that there are
>no threats around. As a matter of fact they are becoming more and more
>severe. Protecting a computer is a complex task, and gaining some knowledge
>about it is inevitable. In my view, OP offers a level of protection no
>other PFW does. E.g., it protects against nearly all known leaktests
>contrary to other competing products. But it's only one element of
>protection - others are: a good antivirus program, replacing IE and Outlook
>by Firefox and Thunderbird, surfing only under a restricted user account,
>keeping one's brain switched on (probably the most important one).
>
>
>>
>> I do NOT REALLY NEED FEATURES for mail attachments, cookies, ActiveX,
>> scripts, etc. Those things my I do well enough in the browser or in
>> my antivirus software and I don't have a MAJOR NEED for a second line
>> of defense against them.
>
>Are you sure? The big advantage of OP is its abilty to block all the Active
>Content you mentioned by default thus protecting you against the associated
>risks. On the other hand you can selectively allow one or several of these
>active elements for specific sites which you consider trustworthy - a great
>feature.
>>
>> As beackground I have used:
>>
>> Sygate Free 5.5 and Sygate Pro 5.5 and both were ok (reporting is
>> better than others but I would have like even more reporting tools).
>>
>> free Kerio (2.1.5) but reporting and user interface were always a bit
>> too tricky to use comfortably.
>>
>> Zone Alarm Pro 4.5 but I continually get alert messages about
>> loopback 127.0.0.1 and suspected application hijacking (EG when the
>> browser calls the emailer). Reporting is not good either.
>>
>> Is it worth me trying a different firewall?
>
>Well, I've tried all above firewalls before I switched to Outpost. OP
>offers the best protection and value for me. It's getting better and better
>with each new version, and it's very stable.


I just wish they would fix the bugs in it, like the one that
continually warns about changed components when none have changed....

Mike

1~~

Franklin <> wrote in news:961E6208F2A2271F3M4@
204.153.244.156:

> I am on XP Pro + SP1 and have taken out a trial of Outpost Pro 2.5.
>
> I am finding it quite hard configuring this firewall. At the moment
> my Opera browser gets blocked whenever my third-party clipboard
> manager (Yankee Clipper) pastes a URL into the address bar.
>
> Outpost complains about the clipboard utility trying to change a
> component of the brwoser. Huh? I don't understand it and what's
> worse i don't know how to prevent Outpost blocking the browser at
> that point.
>
> Can anyone advise please.
>
> ---
>
> On a larger scale, is it worth peristing with Outpost? As it seems
> like quite a headache to get right.
>
> I do NOT REALLY NEED FEATURES for mail attachments, cookies, ActiveX,
> scripts, etc. Those things my I do well enough in the browser or in
> my antivirus software and I don't have a MAJOR NEED for a second line
> of defense against them.
>
> As beackground I have used:
>
> Sygate Free 5.5 and Sygate Pro 5.5 and both were ok (reporting is
> better than others but I would have like even more reporting tools).
>
> free Kerio (2.1.5) but reporting and user interface were always a bit
> too tricky to use comfortably.
>
> Zone Alarm Pro 4.5 but I continually get alert messages about
> loopback 127.0.0.1 and suspected application hijacking (EG when the
> browser calls the emailer). Reporting is not good either.
>
> Is it worth me trying a different firewall?

Hi. I don't know what kind of reporting you need.I use Sygate myself. But
have always thought the software firewalls more or less are very similar -
except for windows firewalls, which are close to useless. Here is a link to
comparisons. There are other tests if you google.

http://www.firewallleaktester.com/tests.htm

If you are thinking of possibly adding an additional hardware device that
acts like a firewall, you may get the added reporting you need. A Cisco 501
is a little extreme.

I try to find useful and user friendly implementations of Linux. I have
found 2 products that are quite easy to use and have a nice friendly
support community where you can aks questions an not recieve rude replys. I
deploy both.

smoothwall - http://smoothwall.org/
build on linux. you can install it on a machine with quite low hardware
specs, depending on the features you need. i have heard of people running
it on a PII with 64mb RAM. A great way to re-use old machines.

monowall - http://m0n0.ch/wall/
Build on bsd. Similar to above. More options and a little less user
friendly. Added bonus is it's designed to work on soekris hardware thats
optimized for firewall, router functionality and designed to be running
24/7.

In both cases you can extract very indept reporting from them.

Cheers

1~

--
"Why do they call it rush hour when nothing moves?", Robin Williams

Darko Gavrilovic