The Web Hikers guide to
Outpost Firewall

Home > Rules > System

System

Bottom

There are the following Global Application and System Rules:

Allow DNS Resolving
Allow Outgoing DHCP
Allow Inbound Identification
Allow Loopback
Allow GRE Protocol
Allow PPTP control connection
Block Remote Procedure Call (TCP)
Block Remote Procedure Call (UDP)
Block Server Message Block Protocol (TCP)
Block Server Message Block Protocol (UDP)
Deny Unknown Protocols

Glossary Bottom Top

Allow DNS Resolving

Protocol: UDP
Remote Port(s): DNS (53)
Action: Allow It

What it's for

This rule is used whenever an application tries to contact a host (like if your put www.google.com in to your browsers address bar, your browser will then perform a DNS query to discover the IP address associated with the domain name www.google.com).

To optimize

Add an Event for 'Remote Host' and specify the 'Remote Host' as your ISP's DNS servers. Most ISP's will have more then one DNS server .You can either e-mail your ISP for there DNS server details or try and browse the Internet and check either your Allowed log or the DNS Cache log both of which should give you the IP number or host name of your providers DNS servers. Then enter the domain names of the servers as 'Remote Host'.

Some people prefer to turn off this rule and create DNS rules for each application. You can do this if you wish, but there is not much advantage in doing so that I can see.
Back to System

Glossary Bottom Top

Allow Outgoing DHCP

Protocol: UDP
Remote Port(s): bootps (67), bootp (68), dhcpv6-client (546), dhcpv6-server (547)
Action: Allow It

What it's for

This rule is used by dialup users to obtain an IP address for themselves when they connect to their ISP.

To optimize

If your not using a dialup modem you can turn off or disbale this rule.
Back to System

Glossary Bottom Top

Allow Inbound Identification

This rule is turned off by default
Protocol: TCP
Direction: Inbound
Local Port(s): AUTH (113)
Action: Allow It

What it's for

This rule allows others to identify you using the AUTH service. Servers (like POP and SMTP) do this to identify a user of a particular TCP connection. It can be used to retrieve your OS name and the character set you are using as well as other things.

To optimize

Your e-mail provider may use this service to verify who you are when you try and collect mail. If you find your e-mail collection is slowed down after installing Outpost turn this rule on and it should fix the problem. If you don't need this rule either delete it or keep it turned off.
Back to System

Glossary Bottom Top

Allow Loopback

Protocol: TCP
Remote Host: localhost (127.0.0.1)
Action: Allow It

What it's for

This rule allows allows applications to connect to from your PC to your PC. 127.0.0.1 is your PC's IP address (plus any that you may have from your Internet connection), it is known as the Loopback address and the DNS name for the Loopback address is localhost.

To optimize

You may not want all applications to be able to use the Loopback service. If you run a local proxy (like The Proxomitron) for instance, applications will be able to connect to the proxy and this would give them Internet access (even if you hadn't created rules for the application because the application would be use this rule to connect to the Proxy. You can turn it off if you want and create rules for applications on an individual basis. If you do this most of the time you can create a rule for an application like this:

• (application name) local connection
  Protocol: TCP
  Remote Host: localhost
  Remote Port(s): 1024-5000
  Action: Allow It

You should try and restrict the ports to localhost to between 1024-5000 but this is not always possible. For example, NOD32's pop scanner uses ports (assuming you don't change them) starting in the range 10500+ so your e-mail client (if you use NOD32) will need to be able to connect to localhost on these ports.

Most applications won't need local connections and you can delete or turn of this rule.
Back to System

Glossary Bottom Top

Allow GRE Protocol

Protocol: IP and the type is GRE (IP protocol 47)
Action: Allow It

What it's for

GRE (Generic Routing Encapsulation) is used to send information where the sender and the receiver use different protocols. This is done by encapsulationg the information to be sent using GRE.

'(GRE) A protocol which allows an arbitrary network protocol A to be transmitted over any other arbitrary network protocol B, by encapsulating the packets of A within GRE packets, which in turn are contained within packets of B.' - Quote from the Free Online Dictionary of Computing

The most common use of the GRE protocol is by Microsoft's VPN. The Generic Route Encapsulation (GRE) protocol is used in conjunction with Point-to-Point Tunneling Protocol (PPTP) to create virtual private networks (VPNs) between clients or between clients and servers.

To optimize

If you don't use VPN's you can turn off or disbale this rule.
Back to System

Glossary Bottom Top

Allow PPTP control connection

Protocol: TCP
Remote Port(s): PPTP
Local Port(s): 1024-65535
Action: Allow It

What it's for

GRE (Generic Routing Encapsulation) is used to send information where the sender and the receiver use different protocols. This is done by encapsulating the information to be sent using GRE.

'(GRE) A protocol which allows an arbitrary network protocol A to be transmitted over any other arbitrary network protocol B, by encapsulating the packets of A within GRE packets, which in turn are contained within packets of B.' - Quote from the Free Online Dictionary of Computing

The most common use of the GRE protocol is by Microsoft's VPN. The Generic Route Encapsulation (GRE) protocol is used in conjunction with Point-to-Point Tunnelling Protocol (PPTP) to create virtual private networks (VPNs) between clients or between clients and servers.

To optimize

If you don't use VPNs you can turn off or disable this rule.
Back to System

Glossary Bottom Top

Block Remote Procedure Call (TCP)

Protocol: TCP
Direction: Inbound
Local Port(s): DCOM
Action: Reject It

What it's for

Blocking RPC. RPC allows a program on one computer to execute a program on another.
Back to System

Glossary Bottom Top

Block Remote Procedure Call (UDP)

Protocol: UDP
Direction: Inbound
Local Port(s): 135
Action: Reject It

What it's for

Blocking RPC. RPC allows a program on one computer to execute a program on another.
Back to System

Glossary Bottom Top

Block Server Message Block Protocol (TCP)

Protocol: TCP
Direction: Inbound
Local Port(s): Microsoft DS (445)
Action: Reject It

What it's for

Blocking SMB. SMB allows a client on one computer to connect toa server on another computer and access the servers files.
Back to System

Glossary Bottom Top

Block Server Message Block Protocol (UDP)

Protocol: UDP
Direction: Inbound
Local Port(s): Microsoft DS (445)
Action: Reject It

What it's for

Blocking SMB. SMB allows a client on one computer to connect toa server on another computer and access the servers files.
Back to System

Glossary Bottom Top

Deny Unknown Protocols

Protocol: Unknown Protocol
Action: Deny It

What it's for

This rule is used to block any protocols that Outpost doesn't recognize.
Back to System

Glossary Top

Outpost and the Outpost logo are ©Agnitum Software

This is an unofficial guide, the information expressed here may differ from Agnitum's. There is a support forum (no longer run by Agnitum, but by users) if you need more help this is a good place to start. Where information here conflicts with what Agnitum have told you always go with the information given to you by Agnitum.

Guide/site and images ©Stephen Cox