Posted by jack in scaesar.com
Hi,
do I understand correctly that marking a network connection as "Trusted" allows all communication between the local machine and any other machine on this network, regardless of any rules that may or may not exist?
On the same dialog, what effect does marking a connection as "NAT zone" have?
Regs,
VGER
Thank you, that was very helpful to me.
Just one thing for clarification: Is it correct that it should be possible to achieve the same result as setting a network to "trusted" by modifying all the other levels of configuration?
To name an example, I can only get nmap to work if I set the used connection to "trusted". (BTW, I found the same problem with another application that uses nothing "dirty" like WinPCap, just a simple windows managment tool.) Should it be possible to set the configuration in such a way that I can remove the "trusted" mark from the network and still have these applications working or does "trusted" do something that can't be done with the rest of the settings?
Regs,
150d
inserting a single IP or IP/mask range will allow all comms between the local pc and the ip or members of the range. plugins/app rules/global rules with the 'ignore component control flag' are processed first tho. see also 1. op2008 is similar, within it own limits. see also the blurb on agnitum's site (http://www.agnitum.com/support/kb/article.php?id=1000120&lang=en)
excerpt:
rule processing order: Outpost 2.5 onwards
Plugins
Application/Global Rules with "Ignore Component Control" flag
Trusted/NetBIOS Zones
Global NetBIOS Block Rules
Global Rules with High Priority flag
Blocked/Trusted Application Settings
Application Rules
Global Rules
Outpost Policy
Allow NAT Packets
Transit Rule
From another thread via search on 'nat zone' -> Linky (http://outpostfirewall.com/forum/showpost.php?p=161965&postcount=5)
do I understand correctly that marking a network connection as "Trusted" allows all communication between the local machine and any other machine on this network, regardless of any rules that may or may not exist?
On the same dialog, what effect does marking a connection as "NAT zone" have?
Regs,
VGER
Just one thing for clarification: Is it correct that it should be possible to achieve the same result as setting a network to "trusted" by modifying all the other levels of configuration?
To name an example, I can only get nmap to work if I set the used connection to "trusted". (BTW, I found the same problem with another application that uses nothing "dirty" like WinPCap, just a simple windows managment tool.) Should it be possible to set the configuration in such a way that I can remove the "trusted" mark from the network and still have these applications working or does "trusted" do something that can't be done with the rest of the settings?
Regs,
150d
excerpt:
rule processing order: Outpost 2.5 onwards
Plugins
Application/Global Rules with "Ignore Component Control" flag
Trusted/NetBIOS Zones
Global NetBIOS Block Rules
Global Rules with High Priority flag
Blocked/Trusted Application Settings
Application Rules
Global Rules
Outpost Policy
Allow NAT Packets
Transit Rule
From another thread via search on 'nat zone' -> Linky (http://outpostfirewall.com/forum/showpost.php?p=161965&postcount=5)
#If you have any other info about this subject , Please add it free.# |