WhatPC? - search::
BOClean runs automatically in the background without. Outpost Pro has some useful features, such as ad-blocking (all types) and image blocking which can
http://www.whatpc.co.uk/search/?reference=2163586&title=SMS+phishing+attacks+hit+mobile+usersHOME |
Hi
Please excuse what may be a naive question from a new user. I'm just switching from Norton Internet Security.
I have NOD32 and BOClean and am trialling Outpost Pro (in Rules Wizard mode).
I guess this can't be an uncommon combination but at present BOClean is unable to update itself. I've downloaded the various manuals - User Guide, Quick Start, Beginner Guide & Maintenance Guide, and have tried searching the forums but I haven't found an answer.
Is there something really obvious I need to do to resolve this please?
Many thanks.
Steve :confused:
You could add mine as a second rule.
I originally had both rules your remote host as rule one and the one I gave you as rules two. (don't know why)
I saved my config, deleted updater form the apps list and reran it. In the new popup I created custom rule and allowed. When I opened it up to check it, I had what I gave you.
Updater works. this way, and when I loaded my old config, it works with the two rules.
How about DNS resolution? what is your rule for that?
Chris
Is your PC connected to the Internet itself or are you sharing an Internet connection between multiple PCs using Windows' ICS? (Internet Connection Sharing). If the latter, check to see if BOClean can be updated from the ICS gateway machine - if this works then you may need to follow the instructions in the 1 FAQ to get ICS working fully with Outpost, but be aware that ICS is a sub-par method of sharing an Internet connection (a router using NAT is a better option that gives fewer problems and more protection).
If your PC is standalone then try disabling the DNS Cache plugin. If this doesn't help then check the Allowed log for BOClean related entries and report what you find.
As for ProcessGuard, while it can provide considerable protection from malware, it does not check DLLs (though it will prevent DLL injections into protected programs) so Outpost's Component Control will still be useful.
Great suggestion Bassbag. that should work just fine. I am not familiar with ICS either, in fact, I hate it. Routers are so much easier :)
Regards all,
Chris
Hi all,
I have gone back to v4.0.1025 from v6 (v2008) due to this particular problem and not liking the layout in v6 (v2008).
PC security - How to make and keep computers secure from hackers ::
"Microsoft Customer, This is the latest version of security update, the "April 2006, .. keeps coming up and blocking the download of an update from a particular site . Comodo BOClean : Anti-Malware Version 4.25 - . Outpost Firewall - Win9.x/2000/XP - Free and Pro paid-for versions - very good reviews -
http://www.pcbuyerbeware.co.uk/Security2.htmHOME |
Does anybody else have a problem with BOClean not updating in Outpost v6 (v2008)?
My Outpost rules allow all download manager connections and DNS UPD connection for BOC4UPD.exe. A connection is made when I use v6 (v2008) at the Comodo download location, but nothing actually downloads.
Although I am not planning to use v6 (v2008) for now, I would be grateful for any advice on how to get BOClean to update for when I eventually move to Vista.
Since there are not any other postings on this, I assume there is a new setting in v6 (v2008) which I need to manually configure to allow this to work?
Thanks for any help.
Best regards,
Lee
Delete BOC4UPD.EXE from your applications list.
Rerun updater and you will be prompted for a rule. Select custom, and check allow.
Open upp the ruleset, modify and add " ignore compnent control" (you have to scroll down in the middle box where you select allow)
Take care,
Chris
Do you mean Global Application and System Rules?
I just have the default of "Where the protocol is TCP and where the direction is Outbound and packet type is local and where the remote port is Domain Allow it".
Thanks for persevering!
Hi chrisclu
Thankyou for the post but unfortunately it hasn't worked. I'm still getting the block - details as in my second post above.
New Nortons Liveupdate - Virtual Dr Forums-Computer Tech Support::
15 posts - 5 authors - Last post: Jan 24, 2004I had trouble with Live update too and it turned out to not have . Zone Alarm that is blocking Symantec Liveupdate so I don't know why this is the fix. Win98SE, IE6 Sp1, NOD32, OutPost Pro, BOClean, TrojanHunter,
http://discussions.virtualdr.com/showthread.php?t=154627HOME |
:( :( :( :confused: :confused: :confused:
Steve
I'm using BoClean and having no problems at all with Outpost Security Suite
Welcome to the forums Smbruce,
For any problem you suspect to be Outpost related, the first thing to check should be the Outpost logs. Specifically review the Blocked, Attack Detection, Component Control and Alerts Tracker (which covers Open Process Control) sections for anything relating to BOClean.
Entries in the Blocked log mean that a rule is required, any in the Attack Detection log may mean that the BOClean server needs to be made a trusted host (this is unlikely though), Components Control problems can be handled by either globally disabling it or adding the IgnoreCC action to application rules to disable it for that application only (see the 1 FAQ for more information). The Alerts Tracker handles Open Process Control prompts and this could well hold the cause - if you see entries here for BOClean then review the Known Issues section of Outpost 2.5 - what to expect (http://outpostfirewall.com/forum/showthread.php?t=11836) for workarounds.
Hi again bassbag
I've just included the following under Rawsockets access and the update is now working:-
C:PROGRA~1NSCLEANBOCLEANBOCLEAN.EXE
Is that what you meant or have I done something risky here?
Thanks again. Hope this has solved it!
Regards.
Steve
OK, here is my rule for Boclean updater.
rule #1
protocol TCP
direction Outbound
remote host ftp.nsclean.com (209.23.116.91)
remote port FTP
allow it and ignore CC
No its not what i meant ,although reading the helpfile on the rawsockets subject i would say its safe enough for a trusted application.Be sure to tick the alrt box though as apparently it will give you a visual alert if any application (other than what you have allowed) tries to use rawsocket access.Im not exactly sure whether it acts a "trusted"app only at a lower level?Im sure someone will explain and advise us both very shortly :)
me
Im not familiar with ICS as i just have the one computer.All i know is that the update requires DNS access....you can use the "enable global DNS" preset rule in options>system>global system and rawsocket rules,or put your ISPs dns address and just use that as i have.Heres my log for the update...
.................................................. .................................................. ..
1:08:31 c:program filesnscleanbocleanboc4upd.exe OUT TCP 209.23.116.91 38115 FTP DATA Connection
21:08:30 c:program filesnscleanbocleanboc4upd.exe OUT TCP 209.23.116.91 FTP FTP connection
21:08:30 c:program filesnscleanbocleanboc4upd.exe OUT UDP 212.135.1.36 DNS UK Online And Tiscali DNS Resolving
21:08:29 c:program filesnscleanbocleanboc4upd.exe OUT UDP 212.135.1.36 DNS UK Online And Tiscali DNS Resolving
21:05:40 c:program filesnscleanbocleanboc4upd.exe OUT TCP 209.23.116.91 44261 FTP DATA Connection
21:05:39 c:program filesnscleanbocleanboc4upd.exe OUT TCP 209.23.116.91 FTP FTP connection
21:05:39 c:program filesnscleanbocleanboc4upd.exe OUT UDP 212.135.1.36 DNS UK Online And Tiscali DNS Resolving
21:05:38 c:program filesnscleanbocleanboc4upd.exe OUT UDP 212.135.1.36 DNS UK Online And Tiscali DNS Resolving
.................................................. ...............................................
I guess though that it may be an ICS problem if the update works ok on the other puters.Im sure someone with ICS may help you soon.
me
Thanks very much for your help and this information. :)
I will save this advice for future reference and apply it when using v6 (v2008).
Best regards,
Lee
Paranoid2000 - many thanks for the response. Could I ask you to hold my hand a bit further please?
When I try and update BOClean, Attack Detection and Alerts Tracker don't reveal any activity. Component Control shows four entries which look harmless - "Checking application components" and "Component checking completed" - each twice - which to me looks OK (perhaps I misunderstand) BUT the "Blocked Log" immediately reveals an entry "SYSTEM OUT REFUSED TCP 82.152.69.45 2413 FTP Block Transit Packets". (The Remote Port (2413 above) changes slightly on each instance I try and update.)
I guess therefore I need a rule but I don't know what this needs to say - I'd really appreciate any help. (Sorry again if I should be able to work this out. I've looked at the User Guide but can't apply what it says to my situation.)
Also - when I've got everything working correctly I'm thinking of installing ProcessGuard. Does this mean at that stage I can, or I should, disable Component Control in Outpost?
Thanks again.
Steve
Thanks again Chris.
The only difference between your rule and mine (following your suggestion), is that against "remote host" mine just says 209.23.116.91 rather than ftp.nsclean.com (209.23.116.91).
I guess there's something I can do to alter that but presumably you wouldn't expect that to change anything? (EDITED: I have now just input the ftp.nsclean.com address and this hasn't helped.)
Thanks for trying!
Regards.
Steve
Hello LeeH,
The option tab for the application can be changed to block the content filter. That should solve the problem with the FTP update version of BO. My understanding is that 4.26 uses HTTP and works without a change.
Thanks again Paranoid2000.
At present my main PC is connected via ASDL USB Modem and this PC has Outpost (DNS Cache Plugin Disabled). A second PC accesses the internet via the main PC using ICS and at present (temporarily) just uses the Windows XP firewall. (I note what you say about using a Router and am probably going to switch to that method before too long.)
Presently BOClean on the second PC updates correctly but BOClean on the main PC has the problems.
The Allowed Log reads:-
3:12:54 PM alg.exe IN TCP 82.152.69.45 3181 Allow ALG Redirect
3:12:54 PM boc4upd.exe OUT TCP localhost 1026 Allow ALG Redirect
3:12:54 PM boc4upd.exe OUT TCP ftp.nsclean.com FTP BOC4UPD Rule #4
(BOC4UPD Rule #4 was my attempt to create a rule to solve this and reads "Where the protocol is TCP and where the direction is Outbound Allow it.")
Thanks also for the info on ProcessGuard & Component Control.
Thanks bassbag - but... still no joy! Still being blocked.
Steve
I just use the FTP connection preset , which is this...
protocol = tcp
direction =outbound
remote port=ftp
me
 Microsoft Unleashes Visual Studio .NET
 IBM's iPhrase Buy Adds to WebSphere
|
HOME