Outpost Distribution Tool

 

HomeProjects & InfosCommodore16Bit ComputerCP/M ComputerCP/M Software
Detection of a virus 
Protect yourself 
Forensics 
Linux BootCDs 
Analyzing Tools 
Obvious Virus places 
ProxyFailover 
EXE Types 
FreeDOS CD 
Display Driver Error 
Changing VGA cooler 
Outpost Distribution Tool 
Overclocking PIII 
Transfer service 
Flea market 
About Z80 
About me 

 

Outpost Personal Firewall Distribution Tool

THIS IS MEANWHILE OBSOLETE STUFF. Agnitum updated their stuff several times and I'm sure this will not work with the newest version. For archive purposes, I do not delete it, and the idea behind can work also for other solutions.


This information is a functional description of the first version of the program (see below to download the file)
I will go on to develop a more sophisticated version as soon as possible. Please give me feedback about the implementation and I am happy also to get new ideas...

In short words - what is the main goal of this program ?

This program should distribute a (hopefully better and) newer configuration.cfg to clients. This is very useful if these clients are located outside the company LAN, but will also work perfectly inside the LAN.
The program have to stop and restart the Personal Firewall to make the new ruleset be valid.
It also has to compare if the file was already distributed and if so, it should do nothing.
And finally, it has to be totally invisible for the "normal" user.

The requirements of the program:

- An installed Outpost Personal Firewall 1.0.1817.x or 2.0.x
- Older versions have a different behaviour under Windows 2000/XP, so older versions will only work under Windows 9x with this program.
- Any kind of Windows should run, any kind of TCP/IP network should already exist.
- Any kind of a configurable FTP-Server/Demon with at least two FTP users, one for updating the file(s) on the FTP server, one just for the program itself (read access only).

What will happen after starting the program...

- The program tries to reach the network where the FTP server is located (this should normally be your LAN).
- If the program has no success, it will sleep for 2 seconds and tries it again.
- If the program figure out that the FTP (your network) is reachable, it tries to connect the FTP server.
- If this fails (for any reason), it quits. If this does not fail, it looks for a special file extension ".config1"
- If there is a file with that name, it tries to separate the filename for getting a date (so the filename must follow a rule !)
- If on the local directory is a similar file located, it separates also the date from this local file and compares the two dates.
-   If the remote file is newer, the file from the FTP server will be downloaded and Outpost will be stopped.
-   The filename will be unchanged, the old file will be deleted (so a newer file is now present).
-   The original firewall ruleset will be overwritten (of course with the filename "configuration.cfg").
-   Now all is done and Outpost can be started again (and it will).
- If there is no similar date-coded file on the local directory, except the old file deletion, all other steps will be made (like above) also.
- If the comparison have the result that the local file was already up to date, nothing (no firewall shutdown) will happen.
- The last step for all conditions - the program quits. It will not loop again and again. I am sure one try per user login (or boot) is enough. This will not be a solution for PCs which aren't shutdown after a normal working day (for servers e.g.).

What and how could be preconfigured ?

There are no interactive dialogs. All parameters could be set up via registry entries.
If there is no preconfiguration, the program have some harmless defaults:

[HKEY_LOCAL_MACHINE\SOFTWARE\OutpostFWRuleDist]
"Host"="localhost"
"UserID"="fwdist"
"Password"="secret"
"Port"="21"
"IPClass"="10."
"ConfigFileName"="configuration.cfg"    NEW
"Debug"="0"

This looks like this in REGEDIT:
 

Except the "Debug" Parameter, all kind of variations are possible. The "Debug" should only set to "0" or "1", but please remember, this parameter is only for debugging purposes.

The "IPClass" should be equal to the IP Class used in your LAN, e.g. "10." or "192.168." - it would be wise to use a dot at the end.
Normally the FTP port is equal to "21".
The "Host" parameter could be set to a valid IP address or to a valid hostname.
The two parameters "UserID" and "Password" should be the same as used (created) on the FTP server with read access.
To use this tool with the newer Outpost Version 2.0, you have to preset "ConfigFileName" to "configuration1.cfg" or, if you are using OP with an other language but english, with a filename like "Konfiguration1.cfg" (german) or similar.
The "Debug" Parameter now has a different function as before, now if set to "1" a log file named "fwtool.log" is generated (in the directory fwtool was executed) with a lot of helpful comments.

There is now a small possibility to update the program (or other things as well):
If a second file is placed in the server ftp directory with a name rule like this: "CMD_nnnnnnnnnnn.exe", where nnnnnnn can be any kind of combination of chars, this file will be downloaded and started (by calling shell_exec).

There were a few minor glitches with the first version published a few month before (fixed in the new version !):
- The FTP server had to be set to 'type image' as a default setting
- There was no chance to get the updated file if the file was the only one in the root directory of the used ftp user
- The configuration file name can't be preset, was a problem when using the new OP 2.0 version.


Installation on a client

The program could be placed into the Outpost program directory or in an other place if you like.
After this, you should place a shortcut of the program into the "Startup Folder". May be you could place it also in the "Run" Branch in the registry, but remember the network should already be up. A small setup program to automate this job is downloadable below

Installation on a FTP server

No other programs are required. Just copy the derivated "configuration.cfg" to the root directory of the FTP account.
You have to code the date of the configuration by yourself - just rename the file to yyyymmdd.config1 , ".config1" is choosed to make confusion with other files impossible.
Only the first file with such a coded date will be taken from the client, so just one file of that kind will be fine.

How could be the ruleset be predefined ?

Very easy. Take a sample PC and create all rules with the Firewall Rule Assistant. After all is tested, copy the "configuration.cfg" to the FTP root.


Finally... if you have any questions I had not explained, do NOT hesitate to mail me your questions. I will expand this page if an important info is missing asap.


DOWNLOAD THE FILE: fwtool.zip (size is 237 KB)  UPDATED!


Install Helper Program 1.0 (first version, still usable)

This program does automatically the above described job, it copies the tool and creates a shortcut in the startup folder, if this was successful, it starts the tool and then quit. Requires that the FWTOOL.EXE is located in the same directory as the installer.

DOWNLOAD THE FILE: setupfwrd.zip (size is 169 KB)

NEW: Install Helper Program 1.1

This program does automatically the above described job, it copies the tool and creates a shortcut in the startup folder, if this was successful, it starts the tool and then quit. There is also (optional) the possibility to copy a preconfigured configuration.cfg into the Program directory. The program is able to stop the firewall and replace the file, then it restart the firewall - that is made to instantly make the changes be active. Requires that the FWTOOL.EXE (and the configuration.cfg) is located in the same directory as the installer.

DOWNLOAD THE FILE: setupfwrd11.zip (size is 209 KB)

(C)2003 Peter Dassow

HomeProjects & InfosCommodore16Bit ComputerCP/M ComputerCP/M Software

Copyright (c) 2005-2011 Peter Dassow. All rights reserved.

peter.dassow@NOSPAM.z80.eu