I’ll edit this post as soon as posible…
I’m in danger >:(
I decided to have a look on Kerio 4.0.7.
I tryed to install Kerio without desinstalling ZoneAlarm.
The setup alert me of an incompatibility.
I give up. Desinstall ZoneAlarm, Boot and install Kerio 4.0.7.
On the next boot I receive an error message (The service could not be connected or something like this).
avast! freezes (icon stop to swirl).
I manually start the Kerio service and firewall seemed to work.
Each 5 seconds the firewall ask me for rights to access the Internet. I was calm and answering with logic…
Suddenly, the system starts to SHUTDOWN :o
I have indeed a shortcut on keyboard to do so, but I have to use both hands (Ctlr+Alt+Page down) and my hand was in the mouse!
The shutdown was forced, I lost my work >:(
Next boot, Kerio alert the same service trouble described above.
I GIVE UP!!! >:(
Roxio GoBack save my day again 8)
I know it could be a trouble about ZoneAlarm desinstallation but nothing was alerted or adviced before Kerio start to mess my system. I know this is a good firewall (many high users of avast! forum recommended it in the past). But not for me.
Hmm… I hadn’t actually kept up with Kerio’s new releases. I still use Kerio PF 2.1.5. It’s simple, flexible and stable. For me the best part is that it’s only a packet filtering firewall.
It looks like they’ve now gone down the bloatware road by making PF an all-in-one application. This annoys me no end. It’s a firewall… it’s NOT an ad-blocker, cookie filter etc etc!!!
It also looks like they’ve tried to make it more accessible to the “average” user with their “permit/ask/deny” table (similar to ZoneAlarm). It was precisely to get away from that over-simplicity that I went for Kerio in the first place. They’ve left in the ability to specify more complex packet filter rules, but I fear that in adding so much extra functionality it’s going to take a while before the whole thing becomes stable enough to use.
I’d recommend trying to find a copy of 2.1.5 if you really want to use Kerio PF. Otherwise you’ll probably have a wait for a few more revisions of the 4 series in order for it to settle down.
Maybe someday I will install my ‘old’ 2.1.5 setup file, which I still have in my HDD. Thanks for your reply. Now, ZoneAlarm starts to ask for ‘server’ rights and ‘accept connections from the Internet’. I have this trouble in the past but I did not remember how I get out from it
You just experienced one of the many issues that keeps people on 2.1.5 which by comparison is way more complicated to use seemingly random errors across users. I have many comments on other security issues, but I think the blue screen says it all.
Don’t get me wrong Kerio 4 might one day be good, but right now its not good enough to move from your other firewall.
Not to mention the features better be pretty darn good to get me to commit more than the 4 megs required by kerio 2 in my config.
I recommend BlackICE PC Protection I have ran it for 5 years and no Problems ;D $40 to buy $20 a year renewal (or get from kazaa for free I pay because it so good)
Kerio 4.07 isn’t any good at all. Tiny 5.1.1242 is excellent, but it isn’t free, only runs on XP/2000 & it’s not for beginners. Trying it out as a replacement for
Kerio 2.1.5 which will soon be outdated.
Thanks bbfi. I applaud you for your effort… Anyway I won’t go to Kerio’s forum and try to solve the ‘major bugs’ of it. I won’t try Kerio 2.1.5 anyway. Just listen what beast99 said: it will be outdated soon. I won’t try a software that I know it’s now, in the present, a bloatware (a related post is here. A firewall all-in-one application: an ad-blocker, cookie filter, trojan detector and so on… Sorry, I won’t wast my time. What will happen if some thread must be updated? Will I have to get version 4.0.7 or latter again? Definitively, not. I went back to ZoneAlarm like you
I won't try Kerio 2.1.5 anyway. Just listen what beast99 said: it will be outdated soon.
I’m not trying to say you should try it and I’m not recommending any firewall at all here. What I will say though is that the way the firewalls work mean a lot. Firewalls that rely on IDS or Application rules can generally be more prone to becoming out dated. But if you are talking about strict port blocking. That doesn’t change a whole lot no matter what the exploit. As long as the firewall has the ability to control the ports on a given OS it is capable of doing its job. It all becomes a different story when you move to a newer version of windows, but this is not like an antivirus or spyware detection. If an application can block traffic on port 135 in windows xp today it can do it 5 years from now. When you start talking about detecting bad traffic is where you start opening a new bag of worms.
Point being for me looking at firewalls I like to find out what options they hide from me for simplicity. But again this is not me trying to advocate any firewall, but me simply saying that straight firewalls don’t become dated as fast as things the rely on scanning or detecting. So believe or dis-believe its my 2 cents.
My pleasure. It seems that a lot of people are getting ticked off with Kerio for this buggy firewall 4.0.7 they produced. Some people have comed up with work-arounds, but so far the company is silent about this problem. >:(
I came upon the NTFS Forum (from Kerio’s Forum) which lead me to the following info. Computer Associates are offering the eTrust EZ Armor Security Suite http://www.my-etrust.com/microsoft/index.cfm? for FREE for 1 year to Microsoft users. I decided to give it a try since it is free for a year.
The firewall appears to be Zone Alarm Pro 3.7.211 but is called EZ Firewall. The Anti Virus is eTrust EZ Antivirus Personal Edition. Both are working fine on my system and use very few system resources (16,352K for the firewall and TrueVector service and 2,132K for the Anti Virus).
I tried quite a few of the sites for port scans, etc. with all perfect results with few modifications to the firewall. The Anti Virus appears to work as well as AVG 6 Free and seems to be better with its alerts. (I still think that Avast has the best email alerts and checking around).
So I will use this setup and see what happens. So far I am impressed. And by the way, EZ Firewall works with VisualZone for displaying detailed information about attacks (if you are into that sort of thing). If you don’t have VisualZone, it can be downloaded for free at http://www.visualizesoftware.com/. ;D
I tried Blackice before, and I didn’t like it. why ?
negative :
-It offers no outbound protection
-If a trojan is already on your system when installing blackice, your doomed, as it won’t checks for outgoing connections.
-All programs that are already on your pc (trusted) have server rights to the internet by default.
-It fails ALL leaktests availble on the internet.
Pro :
-It does gives full stealth on Gibson’s shieldsUp, and Pcflank test.
-It has a small but good intrusion detection system.
I agree with you doggeral, and believe in your statements about firewall. Anyway, I don’t like a software that I cannot update… ;D
Thank, you bbfi, I use VisualZone too with Zone Alarm. I think EZ Trust just one year for free (with firewall and antivirus tools) won’t be suitable for those ones who believe in layered defense: one application for each one defense need. Anyway, another antivirus (resident) with avast! will bring me trouble. ;D
I think EZ Trust just one year for free (with firewall and antivirus tools) won't be suitable for those ones who believe in layered defense: one application for each one defense need.
The installation for EZ Armor allows you to install both or either the Firewall or Virus Checker. They are separate applications. Since EZ Firewall is the same as Zone Alarm Pro, you'll get to use it for free for one year. Then you can use your favorite Anti Virus such as Avast along with it. ;)
In reading this thread I saw comments about BlackIce that I thought needed some warnings in return, but Waldo beat me to it. It’s good to know people here are already aware of Steve Gibson’s site. I get wary of “security experts” who don’t.
For those who aren’t familiar with Steve Gibson, visit http://grc.com. It isn’t the easiest site to navigate on the 'net, but its tools will do the best job of testing your system’s security I’ve seen anywhere outside of hiring a consultant. And even the consultant may hit his site for a test.