Online Armor - permanent TCP connection - why?

[chris.p]

Why does Online Armor need a 24/7 connection? Never seen a firewall that needs an outside line before.

I've made it block itself in the OA rules - hah - and it still works fine of course, why would a firewall need that anyway. Funny to watch the 20% CPU loadburst every 30 seconds as it tries to find a way to get out, though - just like a trojan trying to phone home.

I don't like this and I'll probably be looking for a new firewall. Shame, it's A1 otherwise.

[MidnightCowboy]

I have no knowledge (recent anyway) of OA versions but there could be many reasons. With other firewalls this can be updates, community advisories, or just plain information gathering.

Mike Nash (OA's CEO) is always surfing and posting in the "Other Firewalls" section at Wilders so you could always ask him direct.

[MidnightCowboy]

You got some answers then?

[chris.p]

Oh boy I had some fun with this...

Only just recovered actually.

OK - I'm using an older version of OA which as it's the free one, doesn't update - 3.0.xxxx. I posted to Wilders as advised but the first thing of course is "update". Can't argue with that.

Downloaded 3.5.xxx and stuck that in. Whoops. Mega crash, totally lunched my Windoze. Went into a partial boot-shutdown-reboot continuous loop. Couldn't even boot in safe mode, got a BSOD every time.

Fun eh.

Well, I guess you need to know that I run W2K.SP4.rollup1, this is my main work machine. No probs with W2K of course, it's the best OS they ever released IMO. Very fast, instant networking, all s/ware works, no issues. What else do I need for work??

But the trouble is, it's getting harder to support. You need another machine with XP for games etc of course.

Anyway - OA's website says "W98, WME not supported, XP and Vista supported". Spot the omission. I saw that and wondered - but I shoulda wondered a bit more I s'pose...

W2K not supported, I think we can safely conclude now

So: install disk image, rebuild life, start again. Time for a new FW.

Install PC Tools ("W2K supported"). Wrong, it isn't. First install: no GUI!! The first true 'background' firewall maybe. 2nd install: crashed. Uninstall PC Tools.

Install Outpost Free. Rock and roll Houston we have liftoff.

Funny old app, Outpost. Back in the day it was the #1. Then for a few years it lost it bigtime. Now it's back with a vengeance by the look of it.

So there you go - hours of harmless fun with a PC. That I could have done without...

Hope that answers your question big fella. Now I've just about recovered my sanity I'll go back and post the same on Wilders. See what OA's boss says

[edit]
Maybe the original problem with the 24/7 connection from OA was because of version problems / update issues or something.

[MidnightCowboy]

Strange coincidence that because I too tried Outpost Free (again) this time a later version that the original, but still the same problem. It appears to be working OK but will only show me an alert for one event, no matter how many rules I configure to shove a box up on the screen. The first time I ran this program it showed me a nice box every time a DNS request went out, but this time it will only show one for DHCP 67/68. The incoming blocked alterts for crap like 135 & 445 are appearing normally. I'm assuming this must have something to do with my funny MD300 broadband modem.

It's still not recording any allowed traffic in the event log either, but I'm uncretain about this as I did post requesting evidence of someone else seeing allowed entries but got no response. I know the paid version has umpteen log filters but what about the freebie? I can see the commands greyed out (paid version only) but should I still be seeing allowed as well as blocked traffic entries?

Wot ya got on yours dude?

[chris.p]

Um, basically nothing. You can set rules but it ignores them. You can block an application but it ignores that.

The display of current traffic is about 5% as good as Online Armor, OA are really good there. I remember in the old Outpost versions you had a good realtime log of traffic, like in an FTP app. Don't know if it still has that. Nothing much in the free version, very basic.

So it it kind of works how you'd expect a bad free app to work, ie does nothing the paid-for version does. Unusual, now.

Doesn't stack up well against OA, which is a fabulous piece of kit in comparison (free v free I'm talking about).

But I'm not too worried as long as it does its main job.

Tell you what though - this looks like the best I have ever seen for a trouble-free beginners firewall, if it actually works. The Matousec tests seem to indicate that it does. Sunbelt Kerio is maybe better because it is totally silent if you turn off warnings, this one still has some messages - but very few. But in theory it works a mile better than Kerio, according to Matousec.

I'd give this one to the old auntie to use. As long as she had my phone number though - there are still some pop-ups to answer. But how can a firewall work if you just allow everything outbound.

[MidnightCowboy]

Thanks for that. Bit like I thought then really with some built in teasers towards buying the pro version.

I agree completely though about the number one spot for newbies and people with better things to do than write firewall rules.

I found once a superb free program that produced a complete log of your network traffic right down to the last fragmented packet irrespective of the source but I can't remember now what it was called. I remember trying it because I was using PC tools at the time and the logging (then anyway) was crap. Trouble is this app ran CPU constantly at 100% no matter which firewall was installed so I gave up with it. I might hunt round again to see if it's been updated.

[chris.p]

Outpost seems OK but a user like me has no chance of knowing how it really stacks up. When I was younger I used to have fun going round the trash sites and seeing what happened, but I don't have time for those fun and games now.

I'm an old engineer and I've learnt three very important things in 40 years of engineering:

1. Keep it simple. Complex things are a pig to maintain, don't last, and break at the worst possible time.

2. Always go for high quality from Day 1. If you don't aim for quality you end up with trash. Simple + quality wins out every time.

3. Never believe what you read, always do your own testing. Often you'll find your own results directly contradict what others are saying. Go with your own data. I'm wary of listening to advice from unknown sources - why listen to someone who is only repeating what somebody who didn't know what they were talking about told them.

Firewalls are too complex for non-specialists to evaluate, so other sources must be used. It's a pity there's only one reasonable testing resource, this is definitely not an optimal situation.

ps Thanks for the Wilders tip, I got a link to the last Online Armor version that works for W2K there - very useful. I'm just about to install it now.

[MidnightCowboy]

I hope you get on OK with the firewall.

We have a saying where I come from "buy cheap - buy twice!" and you are so right about quality. The same applies to freeware but unfortunately you can't make an informed decision until after you've waded through much of the rubbish.
Especially regarding firewalls, inexperienced users will maybe try three then the fourth (which might have been the best) won't work without issues because of the remnants left in their system.

There's actually an interesting thread on Wilders somewhere extolling the virtues of minimalist intervention regarding firewall components and recommending the likes of Ghostwall and Soft Perfect. Neither of course are a set and forget solution for novices but it does make me wonder sometimes especially when I've just spent ages setting up my rules in the latest toy.

I guess this is why I still like Sygate so much because I've never known another firewall that you could get so much out of for so little input. It's also the reason why I like the FortKnox I'm trialing. Everything pre-configured with nice bit buttons and an advanced section for when you get bored. Less than two minutes after install and you're all finished. OK so it doesn't top the charts at Matousec but I'm running a standalone HIPS with it anyway, although I probably don't need it.