the attack detection pluging showing no attack or suspect pakets anymore.
plugin is enabled but donīt work.
outpost version is 2.5 370
i dont know what to do.. reinstall outpost ?
Could you use a new configuration? Back up your present .ini and .cfg files first, just in case.
I have another idea, but I am not sure it is safe to suggest as it would involve handling another .ini file!
the attack detection pluging showing no attack or suspect pakets anymore.
plugin is enabled but donīt work.
outpost version is 2.5 370
i dont know what to do.. reinstall outpost ?
Hello sirmaniac,
Are you behind a router or have a DSL Modem Router? If so then this may explain why you are not showing any attacks. You might check your settings.
When I swapped from Dialup to DSL then my attack detection virtually stopped showing anything. My modem was blocking or filtering all of the garbage on the net. So OutPost did not have to work as hard.
What are your blocked logs showing?
i have installed a older version with the config file from 370 and have the same problem
maybe outpost is blocking itself in some way ?
Sorry for not getting back sooner....caught up in work......i have always felt that although i receive no sound or popup, i am still being protected...... this may help someone ....
i just installed an update to my crappy Gainworld GeForce FX 5200 card and BINGO...
OP popups and sound file are now working :)........this is sweet after so long without them :).................i am kinda half expecting it all to stop........i will post back should this happen..............whatever...i still can't say enough about how i truly like this firewall.
I see, if you use dialup then I know of no such capability. There has been some work done on this plugin and it does work better to differentiate between attacks and normal traffic. Try changing the alarm level to high and see what happens.
Here are the new modifications to the Attack Detection plug-in:
- Option to play sound when attack or port scanning is detected
- Option to unblock the IP that was blocked by Attack Detection plug-in after attack or port scanning
- Ability to turn on and off detection of attacks of particular type
- Exclusion list of IPs from which port scanning would not be detected
- Exclusion list of ports to which port scanning would not be detected
- Customizing a weight of danger for port to trigger Port Scanning detection warning
- Customizing a weight of danger to trigger Port Scanning detection warning for Low, Normal and Maximum modes
- Fine tuning of attack and scanning detection internal parameters
@ minoka..thanks for response..."Suspicious packets in the Attack Detection log?".......yes, lots............i also changed alarm trigger to '1' so as to test but still nothing at all. I have always felt that i am being protected, nonetheless i do want to see and hear the warning.......any other thoughts ?
@P2k...thanks for getting back....."Open the Outpost log viewer, go to File/Log Cleanup Settings and check that the "Display Alerts" box is ticked. Check that "Show visual alerts..." in the Attack Detection Properties box is checked also."
Things have always been this way......
Hi Rainwalker,
I have EnableLogging=0 in my outpost.ini file.
I thought the value for '0' was OFF and the '1' was ON .......
Is the path to warning.wav correct, is EnableDetection set to yes (in yourownconfig.ini's [Protect] section)? Can you post the first 4 lines of the section entitled [Protect] after resetting the normal alert to default? I'd like to compare with mine; in the AD properties, I have all actions checked and block intruder ip for 2 minutes. Can you do the same before posting the lines? Perhaps we can eliminate things. Do not edit this file with op running.
P.S. Have you tried scanning at shields up with a new configuratiopn?
Grrrrrrrrr......rebooted and popup/ wav file no longer working....went to GRC...i have the block set for two minutes.
I can not locate Enable Detection in ini files, but i did see this....[Blockpost]
Enabled=no.........is this as it should be?...i am using Blockpost to block some sites.
Since my previous post, I have found a way to alter the duration of Alert messages. In the Outpost.ini file there should be a line in the [Interface] section reading ReportCloseTimer=14. Adjust this value to vary the alerts' duration.
Greetings P2k.....I just saw this post and i still do not receive a popup nor log attacks. I did notice this in the Install ini config>>> Enabblelogging=0
Is this right ?
BTW...whenever i reinstall OP the Popup and Wave file will do as their supposed to, but only once then no more untill i reinstall :(
BTW...whenever i reinstall OP the Popup and Wave file will do as their supposed to, but only once then no more untill i reinstall :(Open the Outpost log viewer, go to File/Log Cleanup Settings and check that the "Display Alerts" box is ticked. Check that "Show visual alerts..." in the Attack Detection Properties box is checked also.
Some do. Most don't. A standalone router is getting to be very inexpensive.
Chris
What are you saying? Is it possible for there to be a 'hidden ' router between me and the web? If the answer is yes, then i ask is there a test to determine this?
My suggestion: Try a port scan at shields up and see what happens with your "new" setting...
https://grc.com/x/ne.dll?bh0bkyd2
choose common ports. Be sure and uncheck block intruder ip (Attack detection plugin) before the scan. Check it again when you are done.
When I do the common ports scan with alarm level set to normal in OP, I do get the popup and the sound (rather faint!).
Let us know what happened....
Yes, i have long since tried all of that :(
Is the path to warning.wav correct, is EnableDetection set to yes (in yourownconfig.ini's [Protect] section)? Can you post the first 4 lines of the section entitled [Protect] after resetting the normal alert to default? I'd like to compare with mine; in the AD properties, I have all actions checked and block intruder ip for 2 minutes. Can you do the same before posting the lines? Perhaps we can eliminate things. Do not edit this file with op running.
P.S. Have you tried scanning at shields up with a new configuratiopn?
It's not hidden but a feature of some modems. My Speedstream 5200 modem, for example, acts as a router and blocks unsolicited traffic, if the feature is turned on. In addition it has a firewall built in. Look at your modem configuration screen or its documentation to find out. Or tell us what you have and maybe we can help.
A hint, if you get no external traffic blocked then you got one. If you really want to test it go online with a modem and see if you notice any differences in your inbound traffic and blocked logs. If DSL traffic is quiet in comparison - you got one.
i have no router no network
normal dsl with dsl modem.
the only thing that has changed is the outpost update to 2.5 370
the log schows the standard 135 445 port blockings
attack log schows nothing
suspect paket log shows only things from yesterday
Could you use a new configuration? Back up your present .ini and .cfg files first, just in case.
I have another idea, but I am not sure it is safe to suggest as it would involve handling another .ini file!
I have done a couple of super clean re-installs and as i said it works up until the first attack then no more........................minoka, what about running your idea by P2k
My suggestion: Try a port scan at shields up and see what happens with your "new" setting...
https://grc.com/x/ne.dll?bh0bkyd2
choose common ports. Be sure and uncheck block intruder ip (Attack detection plugin) before the scan. Check it again when you are done.
When I do the common ports scan with alarm level set to normal in OP, I do get the popup and the sound (rather faint!).
Let us know what happened....
Rainwalker,
Your posts from the alert messages popup - time to stay (http://outpostfirewall.com/forum/showthread.php?t=10119) have been merged into this thread since this is where you originally posted your problem. Please restrict further posts to this thread to avoid duplication of previous advice.
Hi Rainwalker,
I have EnableLogging=0 in my outpost.ini file.
Is there ever anything listed under Suspicious packets in the Attack Detection log?
What are the properties of your Attack Detection plugin? Mine is set to normal and I seldom get a popup. Search for alarm level in the built-in help. There is a good explanation on what the various levels mean (the topic is called Setting the Alarm Level).
Hope this is what you meant.
P.S. I removed your post in "Pop-up alerts display less than a second". It was the exact duplicate of your post above.
It's not hidden but a feature of some modems. My Speedstream 5200 modem, for example, acts as a router and blocks unsolicited traffic, if the feature is turned on. In addition it has a firewall built in. Look at your modem configuration screen or its documentation to find out. Or tell us what you have and maybe we can help.
A hint, if you get no external traffic blocked then you got one. If you really want to test it go online with a modem and see if you notice any differences in your inbound traffic and blocked logs. If DSL traffic is quiet in comparison - you got one.
Thanks for getting back Manny.....i use only dialup and prior to installing the 2.5 update my attack logs were always busy logging....all what i have been writing about has happened with 2.5......yes, i first thought it was an OP and/or OS problem as some people were complaining of similier issues. I tried a number of very clean re-installs to no avail...........i then installed the 2.5 'patch'/latest update and still no logging or alarms...........so MAYBE it is something on my OS, in that the other's past complaints have ceased. ....................any thoughts ?
Some do. Most don't. A standalone router is getting to be very inexpensive.
Chris
@ minoka.......thanks for hanging in there.....i will do what you mentioned later today.
@ Pk2.......long ago i wrote them about this, but there was never a response.
@ GoonMan.........i too am having the same problem......this has been this way for last two OP updates........with the latest update/patch i showed a few popup warnings for a very short time then they simply stopped.....i am not behind a router and am on a stand alone using dialup.............Question: is it possible to be behind a hidden router 'out there' somewhere :confused:
Do ADSL modems have a router build in or something like that?
 Microsoft Unleashes Visual Studio .NET
 IBM's iPhrase Buy Adds to WebSphere |
