Hi, I use trial version of utpost Pro v2. I have WinXP Pro and it seems that Outpost doesn't properly support situation where more than one users are logged at a time.
Also non-administrator users may change any settings in Outpost. Ofcourse I can password protect the settings, but still these users may configure new programs trying to access internet as they want. Only solution to this is to use background mode for Outpost, but that doesn't suit me very much since I cannot configure anything.
stoink! 1.0,nutrigenie kidney disease nutrition 4.6a,nutrigenie expert ::
stoink! 1.0,nutrigenie kidney disease nutrition 4.6a,nutrigenie expert nutritionist 7.0,super blackjack 5.8,cloud burst Agnitum Outpost Firewall Pro 4.0.
http://xtdownload.com/software-159.htmHOME |
Is this going to be addressed in next Outpost version please?
Thanks
Any ideas if this will be fixed in the next updates? After all I assume that OFP is used in many many homes and is probably targeted at home users as well. The out of the box setting isn't good because even if you don't log-off someone else can do it for you (manually or re-boot) and then have access to the firewall.
Wow,
Not bad for an engineer, even I understood that:):):)
Thanks,
Chris
Tablet, welcome to the forum..:D
i do not use windows XP so i cant help
you there, someone should be along shortly
that can give you a hand...:cool:
Your kids have probably figured out how to kill the firewall, and do whatever they want.. and then start it back up again when they're done ! :P
j/k ofcourse :)
But yea, I agree.. the implementation needs more work. I run into the exact same type of problem you mentioned. Hoping the next point release, which is due out soon, fixes this.
Review: Norton Internet Security 2009 | Geek.com::
Fast Switching is. enabled and Administrator account is hidden from Welcome Screen. Computer 2: Sunbelt VIPRE and Agnitum Oupost Pro
http://www.geek.com/articles/chips/review-norton-internet-y-2009-not-ready-2008101/HOME |
Vip.
Thanks Chris,
I have thought of one thing to add to that. But, this measure would be a real pain if the hard disk ever crashed. There is software that can encrypt the whole hard drive and then use a decrypting driver to read and write in real time. It may cause some performance degradation, but I have never noticed it on my Windows 98 system which is encrypted using software called SafeGuard Easy. There is also another application called PointSec that works well with Windows 2000 and XP systems. Crashed systems are recoverable, but as I said, it takes SEVERAL hours depending on the size of the hard drive. That would provide an added measure of protection against someone trying to get to the system files using a boot disk. My personal opinion is that this is really not necessary though. I prefer to encrypt a section of the hard drive to store data. That makes system recovery a lot quicker in the event of a hard drive problem.
Hi guitarhero and Vip,
I understand what you are saying. This can be frustrating. Fortunately, at home, I do not have to deal with this issue. I think that Outpost should allow the first administrator who logs in to be able to make all of the changes. If another administrator logs in, then my opinion is that the firewall should rightfully be locked as long as the first administrator is logged into the system. After all, it does not make sense for two administrators or another "user" to be able to change settings.
One way to handle this, for now, may be to get logged in first and stay logged into the system. That way, the other users or a second administrator could not make changes until you logged out. And if you were logged out, I believe that "users" should not be able to make changes to the firewall, even to configure an application. Only another Administrator should have such ability.
In short, I agree that the implementation may need to be changed. However, that change should be under the conditions that I have given above. In a corporate network for example, the firewall is always on and other users are not allowed to make changes to it. Only the owner of the account under which the firewall is running can make changes. That would be the firewall administrative account.
As for shutting the firewall down, there are probably many ways to do that with any software firewall. But, some precautions can be taken to mitigate risk:
1. Use an NTFS file system and only allow access to the firewall directory for the applicable administrative accounts.
2. Keep the system updated to avoid some of the latest exploits.
3. Password protect the configuration.
4. Do not allow normal users access to the Task Manager.
5. Do not allow normal users the ability to install applications. This can be a pain. But, it will avoid users installing special software and malware to kill running security applications. This one may be optional depending on the situation.
6. Password protect the BIOS and only allow bootup from the hard drive. This will avoid people killing the firewall by corrupting the installation directory by booting into DOS.
7. Disallow normal users from accessing the Control or System Management applications for Windows XP.
8. Use an application like System Safety Monitor. Password protect it and have it start up in User Mode. Also, make sure you make a selection for the system to reboot if the application is terminated. This is also optional, but can be greatly useful if you choose to allow users to install and run applications. At least, you will be able to approve or disapprove execution rights for the application.
I am sure that many other things can also be done. Those are just a few of the things that came to my mind as I was contemplating how to keep people from bypassing the firewall or stopping it. Those methods should stop all but the most persistent and skilled users or, of course, a user with Administrative rights. And, with System Saftey Monitor properly setup, it may even stop a user with Administrative rights as a password must be entered that is different from the standard login password and the system will reboot if a user attempts termination.
Sorry for being so wordy here. I have tried to address two issues at once here. Of course, the comments above are my own personal thoughts and opinions on each of the issues to which I responded. So, I respect the fact that opinions may vary from mine and of course I appreciate any constructive feedback.
Thank you. :)
I was going to mention this issue direct to Agnitum (probably after I had paid for the software).
I noticed the other day, when I logged on, that Outpost told me that I could not change anything because another user had logged on before me.
Excuse me??
I am "THE ADMINISTRATOR" - they are humble users (dumb kids!!). I get to change things, they don't. End of story.
Technically, I suppose the claim for fast user switching is true, but it's not implemented very well.
"Users" should not be allowed to change the system time (even if it is wrong) let alone mess with the firewall.
 Red Hat's Rough Recovery From CFO Exit
 Windows Live Finds a New, Pre-installed Home
|
