There is an unfortunate issue in Outpost v2.1 when blocking referrers is set.
Outpost replaces the referrer original value in the referrer field with this text:
REFERER: Field blocked by Outpost (http://www.agnitum.com)
This way any website owner knows which firewall you use. This rather spoils the fact that you managed to hide your last visited site, when you concurrently reveal something else.
What do you think?
As much as I would like to belive that all webmasters are saints - the reality is that they are not. Sure it isn't likely that CNN, the BBC add eBay aren't housing malicious webmasters - but many other sites DO (and you WILL be exposed to them during searches).
Using an anonymous proxy is one way of avoiding handing out your IP address (if that really bothers you) but often (especially here in the EU) access to a relatively speedy one is limited - resulting in a significant slow-down and thus considerable 'loss of pleasure' whilst browsing. This is especially an issue with those people with a low-bandwidth connection (ie isdn).
Personally, I don't consider revealing your IP address in itself to be a security issue - but revealing both IP address and firewall to be a serious issue.
Blocking the referrer is merely a privacy issue - you are not going to come to any harm by revealing the last domain you visited to the one you are currently visiting. It provides relatively innocuous information to the webmaster which can not be used to attack your computer. Letting the webmaster know precisely WHICH firewall you are using would give a malicious webmaster an edge - and this is really unneccessary.
As I say, I use Proxomitron to filter ads and handle privacy issues (and yes, loopback is disabled), so I'm not concerned with this problem. But there are many people who bought Outpost at least in part because they expected it to handle these affairs in a responsible and sensible manner without needing to maintain an additional program beside it.
Your advice on using a proxy is good (for those with a higher bandwidth connection). For those for whom a proxy is not viable, they must consider whether to hand out innocous user refer information and thus lose a little privacy - or hand out details of their security arrangements, giving malicious persons an edge in attacking their system.
In their shoes, I know which option I would choose.
yeah, I read earlier in the thread. You can probably count my post to the bad "Me too" style posts.
Some good comments here. Has made me wonder as well why the message isn't customizable. The point is privacy, right? Not very private when your still giving away what may prove to be useful information to the wrong person. Perhaps it's Agnitum's way of having us advertise their product for them. If that's the case good luck ever seeing it changed. Guess we shouldn't complain, at least it's not as bad as having no referer control at all.
true :D , if would be great if agnitum developed a way for us to customise the refferer to our own liking or even by using something like admunchers option of always using the current domain as the refferer, might be a safer feature ..
but still youd have to get through more than just a firewall on many peoples systems , i would think that people with no firewall at all would make easier targets.
didnt someone complain about getting all these "Field blocked by outpost" entries in their server logs awhile ago on the forum , and they wanted it to be removed from outpost.
Effect of Magnetic Field Intensity on Bean Sprout ::
November 2001 http://www.springerlink.com/(1j24pjmm5m2z01yjcqs02m45)/app/home/ contribution.asp?referrer=parent&backto=issue,1,20;journal,24,30
http://answers.google.com/answers/threadview/id/588938.htmlHOME |
well i think its great publicity, lol, it proves you just cant profile outpost users...and there are the complaints to back it up.
Originally posted by PrivateEye
As racerxnet pointed out, I consider this to be a SEVERE security issue as identifying your firewall DOES make it MUCH easier to launch a successful attack.The referer issue only reveals Outpost's existence to webmasters who check their logs. It is highly unlikely that this information would be considered by an attacker whose first tactic is likely to be a portscan on your IP address.
More of a security issue should be your browser-ID. Since browser traffic is going to be permitted through the firewall, anyone with malicious intent would be better served using this to identify and exploit any known browser vulnerabilities.
It's bad enough that you can't avoid leaving your IP address behind at every web-site you visit, but letting them know which firewall you're using too is just plain too risky.If you consider your IP address a security issue then why aren't you using a proxy for Internet access? Or better yet, an anonymising proxy which encrypts traffic preventing your ISP from seeing your activities. I use one all the time (the Java Anonymising Proxy (http://anon.inf.tu-dresden.de/index_en.html)) and while it does slow down web browsing, I consider the trade-off a good one.
Better to switch off this setting alltogether until Agnitum comes up with a more intelligent implementation. Makes sense if you use Proxomitron or Webwasher. Make sure though that you do disable the global "Allow Loopback" rule and create a specific rule for your browser to allow it access to Proxomitron instead - otherwise Outpost will allow any application not specifically blocked to access the Internet using your ruleset for Proxomitron (this applies to any other local proxy software also).
I was quite astonished not being able to set up rules when to block referrer and when not to. While I do enjoy this plug-in it doesn't really make sense that referrer isn't handled like the other settings in the plug.in...
Last obstacle to make it more like my old-time favourite At-Guard.
Hi Dominus,
Per site referrer blocking is in the TODO list. ( I was an AtGuard user myself until Symantec botched it up) Not a high priority but I expect it in the next version or two.
Chris
I'm afraid the bluetack link gives a (111) Connection refused error (maybe you need to have an account before accessing it?). However the other links are a useful way of checking what your browser reveals.
Personally, I like having referrers blocked because my IP Address is always given with the sites I go to. I wouldn't mind if my IP address wasn't there. I like to be more private than that. Am using Outpost now and am anxious for per-site referrer blocking.
My take on it is that your just trading one privacy issue for another. As one of many paying customers probably interested in this, I think it's is a very small feature change to be requesting. And also as a paying customer, why would I want to (or should have to) go download and learn a bunch of other software just to block one little thing that OP should be doing properly in the first place? The logic in that makes no sense. And I already have enough programs as it is running in the background. In fact it's gotten so bad at times that I have to use Startup Delayer (http://www.r2.com.au/software.php?page=2&show=startdelay) just to make sure my PC boots properly. I don't need or want more junk running in my sys tray.
Originally posted by Outposter
And also as a paying customer, why would I want to (or should have to) go download and learn a bunch of other software just to block one little thing that OP should be doing properly in the first place?Don't quite see your complaint here - Outpost is doing its job properly. As a firewall it's job is to filter network traffic. All the plugins should be regarded as icing on the cake - and the referer block is doing its job properly. It's just that people want more flexibility with it (mostly the ability to enable/disable it on a per-site basis).
Yeah, I don't know what I was thinking. I guess I just expect way too much. :rolleyes:
I mentioned this some time ago regarding the referer and the concerns regarding this. If I were hacking on the net and I know which firewall you are using, I just have that much less work to do to defeat you. As a software programmer I see this as a simple issue to fix in the design stages, or post phase for that matter.
As a proxomitron user, I have the referrer field set to return the same domain as the one I am visiting. I don't think that it would be difficult for Agnitum to do the same.
As racerxnet pointed out, I consider this to be a SEVERE security issue as identifying your firewall DOES make it MUCH easier to launch a successful attack.
It's bad enough that you can't avoid leaving your IP address behind at every web-site you visit, but letting them know which firewall you're using too is just plain too risky.
Better to switch off this setting alltogether until Agnitum comes up with a more intelligent implementation.
I would personally rather see the "Field blocked by..." than the details of my last web page! Having said that, it is non-standard (causing problems with some sites) and inflexible (cannot be set on a per-site basis). Per-site referers is one of the most requested features and there has been a suggestion that it will be included in Outpost 2.2.
For better control over the referer field, consider software like Web-Washer (www.webwasher.com) (easy to use) or Proxomitron (http://www.proxomitron.info/) (more powerful but with a fearsomely complex rules syntax - however there are plenty of rules included).
i see how easy the information about our whole system is to get , depending on your security settings. :D
the are the links i know of so far..
http://www.iprive.com/analyze/
http://privacy.net/analyze/
http://www.elfqrin.com/binfo.shtml
http://www.interlacken.com/tricks/exec/trick02/egyprop.asp
http://www.gemal.dk/browserspy/
and what do you think of this links page of proxy programs to try and protect your privacy , along with outpost of course :D
http://www.bluetack.co.uk/forums/index.php?showtopic=56
I would rather have the last site I visited then devulge my firewall software of choice to every site I visit. Afterall it just shows your browsing habits.
If you do online banking, then you should be clearing your cache and closing your browser after every session anyway and thats really the only types of sites you want to protect...atleast thats me. I could care less if someone found out I came from http://www.texturizer.net/firefox/ before I hit their site.
 Where's The Advantage In Windows Genuine Advantage?
 Stocks Bounce After S&P Joins Bear Market
|
Privacy vs. Referrers 
PRINT
Add to favorites