You would go into the settings to Allow certain URLS to display ads. Otherwise, all (that are detected) are blocked by default.
PCFlank's LeakTest, "Tooleaky" (or http://www.testmypcsecurity.com/secu...too_leaky.html), and GRC's LeakTest with Outpost? I'm curious if it passes those.
Back then I was only connecting via modem so I ran the above tests fairly regularly, always with stealth results. I have always been a big fan of Steve Gibson, but don't drop his name as much as I might have at one time. It's thanks to him that we mortals learned the language of networking, at least as it pertains to WAN connections and the dangers of remote execution.
My tech says OP is a hog on resources, but I don't find that an issue, so much, unless there are a lot of files moving around in several open processes and browser windows with active scripts (having six windows open with multiple image rotators running, every file gets scanned). For the kind of use I give my XP box, it's easy to ignore. As far as I can tell it only doesn't give up resources during scans, unless you specify background which option is available.
The morning scan at startup can take a few minutes, and it does drag down the first Windows User for about five minutes. Best to schedule for say 1 AM and turn off the box after 1:30. Scheduled quick scans are automatically in the background so you can still do whatever, with a slight noticable lag on XP (single core) but nothing detectable in Windows 7 (64 bit quad core) If the scheduled quick scan has completed, it won't run again at startup if the date is the same as the last quick scan. The first user can log in almost immediately with no noticable delay.
If I've been away a few days, I find that just turning the computer on, and walking away without logging in is the quickest way. By the time I've got myself a coffee and selected the radio channel, it's good to go. Full scans of one 80 GB drive on an XP with say 250 000 files take about an hour. A full scan on the same box of two 80's and 250 took about 4 hours. A Windows 7 with 650 GB drive and 660 000+ objects took 3 hours.
When you password protect OP, no changes can be made to the f/w without a log in. This means the f/w is protected while Windows is starting up. It cannot be uninstalled without a restart, and subsequent log in. It can also be switched out of learn mode into strict (my words) for added defense. The f/w is working from the moment Windows starts, AFAIK. I can't speak for what defenses it offers, if any, when Linux is used to boot the system, because, of course, I know squat about Linux and/or remote execution.
Ever since going to a NAT I haven't been able to test the firewall without switching to the DMZ, and as I've said, this was not a big concern so I never did it. One thing I can feel certain of is that OP has gotten better over the years. Add to this that all our wifi connections are through state-of-art routers far exceeding NAT plugged into the NAT, there's not much to test.
I'm most concerned about what I let on the machine, and what it does once it's here. In all instances OP has been right there to clean what it can, then finishes the cleanup at next startup when it detects the components it couldn't remove earlier. Every time telling exactly what it is (usually trojan). It guards my inbox like a hawk and swoops down with equal swiftness.
Without actually feeding files with similar heuristics to virii, trojans and other malware, I don't think there is a way to test from the user's end, and online tests would be futile if the f/w is shutting down affected ports in real time.
At any length, I have no evidence whatsoever to suggest that OP is dragging down either of our Windows 7 boxes; nor do I have evidence of any sort that it has not always been doing its job on all our machines. It costs me about 75$ every couple years to protect everything, and that is something I gladly lay out.
Anyway, probably said more than was needed to answer your question (like 95% of it) but just throwing this out to bring us up to speed on the whole picture, as I have seen it over the years. Will a new version of OP run on an old XP box? Yes, but only at the level that XP supports, and it will be a drain.
However, I also believe you can purchase OP Firewall Lifetime (my recollect) which is (as I understand it) the firewall version that WAS for XP, and the lifetime license allows you to receive updates for the life of your computer. I've never really been sure how it worked, or what version it was, since I still haven't used it.
You don't do this daily, or all the time, do you?? (I have my anti-malware program set to scan only new or changed files, and only on my main HD. No point in scanning backup HD's. Plus I keep a "Malware" folder on my storage & backup HD to test anti-malware programs).Full scans of one 80 GB drive on an XP with say 250 000 files take about an hour. A full scan on the same box of two 80's and 250 took about 4 hours. A Windows 7 with 650 GB drive and 660 000+ objects took 3 hours.
But whether or not a FW is "shutting down affected ports in real time" would be important to know, which is what the tests would tell you.Without actually feeding files with similar heuristics to virii, trojans and other malware, I don't think there is a way to test from the user's end, and online tests would be futile if the f/w is shutting down affected ports in real time.
Indeed, thanks. But I was just curious about how it does in those tests.Anyway, probably said more than was needed to answer your question (like 95% of it)
Right you are about 'stealth' results being only GRC. The main thing is that the last time I did any checking everything passed. Now that there is a WAN block, it all comes down to how it deals what whatever I let through.
Any suspicious ports are automatically closed for 15 minutes, and a warning issued. One can inspect the ports, if so inclined. OP keeps a very detailed database on the machine. I don't know if any of this information gets back to them during the daily update process.
Scanning is something I do only about every couple of months. The quick scan keeps track of current files, like you say. The occasional full scan just serves to ensure the machine is clean.