We believe this is the best personal firewall ever, bar none, but the final word is up to all of you. You can download your copy here.
What’s so great about this new release?
The most important upgrade, we believe, is the improvement in outbound security. Outpost Firewall Pro 4.0 "knows" almost every data theft technique in use today by trojans, spyware, worms, viruses and other malware. Use of these data theft techniques can be simulated with so-called "leak tests" - special utilities that test how well personal firewalls prevent data leakage. Currently 18 leak tests are available, and several new ones are in development. We’re delighted to say that Outpost 4.0 passes all the leak tests available today, as well as some that have not yet been released.
Besides the anti-leak protection, there is also Outpost’s new ability to protect itself against being deactivated by malware, and stronger anti-spyware. Plus, we took care of some usability enhancements in the ImproveNet service. More info on the new functionality can be found on this page.
So you may ask - "What’s next?"
The answer is - "This is just the beginning".
As you can see from the release of version 4.0, Outpost is now far more than just a firewall; it’s on its way to becoming a proactive security suite. And as our mission statements says, we will continue to take care of your security by improving functionality and ease of use well into the future.
Watch this space!
Mikhail Penkovsky,
Director of Sales and Marketing, Agnitum Ltd.
Wednesday, September 27, 2006
Tuesday, September 26, 2006
Symantec Calls Out Microsoft Over Vista Security Center
An interesting battle is developing between Symantec and Microsoft. The latest skirmish has Symantec challenging Microsoft to turn off the Windows Defender anti-spyware. The story is that Microsoft agreed to turn off their firewall (which had been on by default) in Vista but continues to refuse to do the same with the antispyware.
The rationale behind Microsoft's decision seems pretty clear to us: while the personal firewall market is smaller than the anti-spyware market, anti-spyware requires frequent updating - an ongoing revenue opportunity which largely does not apply to firewalls, at least in the eyes of most users. So turning off antispyware would turn off the revenue stream from update subscription renewals. Despite what both sides are publicly saying, companies are in business to make money, and that would appear to be at the root of what's going on here.
By the way, it is actually a myth that personal firewall does not need updating between major version releases. Outpost's ImproveNet is a continuously self-updating service that enables registered users to receive updated secure firewall rules as soon as they are approved by Agnitum security engineers. This allows us not only to deliver the most accurate and secure firewall rules possible (which is very important for any firewall), but also to quickly react to network vulnerabilities by releasing tighter firewall rules to control a topical security problem.
With best wishes
Mikhail Penkovsky,
Director of Sales and Marketing, Agnitum Ltd.
The rationale behind Microsoft's decision seems pretty clear to us: while the personal firewall market is smaller than the anti-spyware market, anti-spyware requires frequent updating - an ongoing revenue opportunity which largely does not apply to firewalls, at least in the eyes of most users. So turning off antispyware would turn off the revenue stream from update subscription renewals. Despite what both sides are publicly saying, companies are in business to make money, and that would appear to be at the root of what's going on here.
By the way, it is actually a myth that personal firewall does not need updating between major version releases. Outpost's ImproveNet is a continuously self-updating service that enables registered users to receive updated secure firewall rules as soon as they are approved by Agnitum security engineers. This allows us not only to deliver the most accurate and secure firewall rules possible (which is very important for any firewall), but also to quickly react to network vulnerabilities by releasing tighter firewall rules to control a topical security problem.
With best wishes
Mikhail Penkovsky,
Director of Sales and Marketing, Agnitum Ltd.
Monday, September 25, 2006
Outpost Firewall Pro 4.0 Release Candidate Four is now available!
As we mentioned earlier, we've just posted Release Candidate version 4 for the upcoming Outpost Firewall Pro 4.0. If you have a previous version installed, you can install RC4 on top of a previous released or release candidate version.
Outpost Firewall Pro 4 RC4 32-bit version download:
www.agnitum.com/download/OutpostProInstall40_Release_Candidate4.exe
Outpost Firewall Pro 4 RC4 x64 download: www.agnitum.com/download/OutpostProInstall40_Release_Candidate4_x64.exe
To submit a bug report, please use this form: http://www.agnitum.com/support/forms/submitabug.php
Yours sincerely,
Alexander Kariagin
Thursday, September 21, 2006
A Big Thank you to Everyone Who Participated in our Public Testing!
Last week, we posted the long-awaited first public release candidate of Outpost Firewall Pro 4.0, which sparked a huge response – more than 50,000 people in ten days have downloaded the product many are already calling "the best firewall in history". And this is just the beginning!
But these download numbers would mean nothing if those users did not participate in the testing process. The Outpost user community once again made the difference, proving to be the most dedicated, professional and helpful group of Internet security product users around.
I’m sure you all could have been doing something more exciting and entertaining than testing products and submitting bug reports, so – a big thank you to all of you from all of us. We remain incredibly impressed with all the input you gave us to help us deliver the best product we possibly can.
Here is the latest update on the status of the release candidate version. This week we posted (http://www.outpostfirewall.com/forum/showthread.php?t=18418) another version - RC3.1 (Build 954.582.54). This is specifically for those of you who reported “micro pauses” and “mini freezes” during operation of the software; it fixes only these problems, so if you didn’t experience these, there’s no need to download a new version.
We are planning to release another release candidate addressing some other minor issues this Friday or Monday, and we expect this new release candidate will be the final release version. We can’t predict the exact release date but – fingers crossed – we are almost there.
In closing, let me say a final thank you for your patience while we complete the most significant development cycle in our history – which is only fitting for what we believe is the best product we have ever produced. We are sorry that we kept you waiting for so long, but I know you will agree that it has been worth the wait when you finally get your hands on Outpost Firewall Pro 4.0!
With best wishes
Mikhail Penkovsky,
Director of Sales and Marketing, Agnitum Ltd.
But these download numbers would mean nothing if those users did not participate in the testing process. The Outpost user community once again made the difference, proving to be the most dedicated, professional and helpful group of Internet security product users around.
I’m sure you all could have been doing something more exciting and entertaining than testing products and submitting bug reports, so – a big thank you to all of you from all of us. We remain incredibly impressed with all the input you gave us to help us deliver the best product we possibly can.
Here is the latest update on the status of the release candidate version. This week we posted (http://www.outpostfirewall.com/forum/showthread.php?t=18418) another version - RC3.1 (Build 954.582.54). This is specifically for those of you who reported “micro pauses” and “mini freezes” during operation of the software; it fixes only these problems, so if you didn’t experience these, there’s no need to download a new version.
We are planning to release another release candidate addressing some other minor issues this Friday or Monday, and we expect this new release candidate will be the final release version. We can’t predict the exact release date but – fingers crossed – we are almost there.
In closing, let me say a final thank you for your patience while we complete the most significant development cycle in our history – which is only fitting for what we believe is the best product we have ever produced. We are sorry that we kept you waiting for so long, but I know you will agree that it has been worth the wait when you finally get your hands on Outpost Firewall Pro 4.0!
With best wishes
Mikhail Penkovsky,
Director of Sales and Marketing, Agnitum Ltd.
Wednesday, September 13, 2006
What happens when Windows is under attack – from the Ethernet?
There always seems to be a percentage of the population that believes Windows is able to withstand network attacks—and with every new version of Windows, that percentage grows—perhaps in the hopes that eventually Windows security will improve.
If these individuals were security professionals, their outlook would not be quite so rosy.
Fortunately for them, Microsoft seems to be making some progress by recasting the network stack in Vista. Because let’s see what can happen if Windows XP or Windows Server 2003 is subjected to an ARP attack from a local network. (Smart Address Resolution Protocol (ARP) filtering protects users from fake requests to initiate communication and shields wireless networks (WiFi LANs) against unauthorized connections.)
Let’s start with a computer running Windows XP or Windows Server 2003 and 30,000 times per second we’ll report that machine that its IP address is already in use. In itself, this is quite easy, but to send ARP packets, we’ll need an NDIS protocol driver, such as WinPCap; in our tests, we’ll use a specially-created high-performance driver that was built for our test environment. We’ll use a network with a 100 Mbit bandwidth and a Pentium 4 630 with 2 GB of RAM as our test PC.
Using the Performance snap-in, with information refreshing every second, we will start sending packets and see what we get.
Note the areas circled in red.
In area 1, packets are just starting to pass through the system and CPU usage begins to rise sharply.
In area 2, we see the system become so overloaded that the performance counters could not be updated. Also note the dramatic change in Paged Kernel Memory usage.
Between the second and third areas, CPU usage stays very high, even though packets have already stopped passing.
In area 3, CPU usage finally drops and I captured the screenshot.
Now let’s take a look at the System Log using Event Viewer:
At this point, we must ask ourselves—how is this scenario even possible? Fortunately, this pattern of activity would only affect unroutable Ethernet networks, which may be a company’s local network, a public airport network, or a discrete segment of a university network. So at least the effect of the attack is contained.
So what does this experiment tell us? Quite simply, the act of plugging your computer into a local network can put it at high risk if that computer is vulnerable to IP spoofing or other ARP-related attacks. The result might be anything from interfering with a university exam, to disrupting a public presentation, to preventing a busy executive catching up with work between flights—all because of IP address conflicts.
But would this happen if your computer had Outpost Firewall Pro installed? Of course not (otherwise, I wouldn’t mention it!). Since Outpost Firewall Pro 3.0 was launched this time last year, the program has been able to detect and block this type of attack. An Outpost-protected computer simply will not accept ARP replies if no ARP request was sent before, and the stream of ARP garbage shown in our test Event Log above would be ignored. Zone Alarm Pro also provides a level of protection against this type of attack.
Would the CPU usage still run up? Unfortunately, yes it would. It always costs dearly in terms of CPU cycles for the Windows network stack to receive packets, especially a high number of packets. Fortunately, the increase in CPU usage is not so great that it would interfere with normal PC activities.
Suppose you are a victim of this kind of attack and you neither have Outpost Firewall Pro nor Zone Alarm Pro—how can you isolate the attacker? Unfortunately, the only way to fight back against an attack like this is to disable your network segments one by one until you find the source of the attack. Doing this with a wireless network, however, is close to impossible and most likely you would need to disable the entire network to stop the attack—which is of course what the attacker wants you to do.
Microsoft developers are making significant efforts to give Vista a fundamentally different level of security and reliability, and the recasting of the network stack and other changes should make network managers very happy. But whether these efforts are actually going to improve security for the majority of Windows networks is a whole different story.
Watch this space for my thoughts on that subject.
Alexey Belkin,
Chief software architect at Agnitum
Tuesday, September 12, 2006
Outpost Firewall Pro 4.0 Release Candidate
We are happy to tell you that the long-awaited Outpost Firewall Pro 4.0 Release Candidate is finally available for public download and testing. Remember, this is pre-release software and you use it at your own risk (but please use the bug report form to let us know of any problems you encounter).
We look forward to hearing what you think!
Download Outpost Firewall Pro 4.0 Release Candidate
Alexander Kariagin,
PR & Marketing, Agnitum
Monday, September 04, 2006
Software updating as a security measure - it's not the only solution, but it IS important
We've tackled this somewhat controversial issue in the latest issue of Security Insight. The article discusses the need for regular software updating from a security standpoint and covers the goal of updates, the different types of updating that you can do, the downsides of updating (yes, there are a couple you should be aware of), and other relevant issues. It's a handy one-stop information source on updates - check it out!
Alexander Kariagin,
PR & Marketing, Agnitum
Alexander Kariagin,
PR & Marketing, Agnitum
Subscribe to:
Posts (Atom)