Hi!
I tried to upgrade today from Kerio 4.1.2 to 4.1.3 but there seemed to be a problem with Kerio 4.1.3 (at least in my machine). It refused to load. Neither on boot nor manually afterwards…so i had to uninstall it.
And now, while using the Windows XP SP2 built-in firewall, i noticed that the VoIP program Skype is functioning more properly.With kerio i couldnt dial any number while connected to the university network (i thought that the external university firewall was blocking it) but now without kerio i can without any problem.
I think i will stick with the XP SP2 firewall until kerio 4.2 is released…
Just stick with the Win firewall since you are already behind a server firewall.
The best and leanest as well as meanest Kerio is the original lightweight Kerio 2.15, combine that with BZ rules from http://www.broadbandreports.com/forum/remark,8023708 , add freeware Antihook from www.infoprocess.biz and if you want an Intrusion Detection System like in Kerio 4, get the even better and free Nuzzler which is Snort based and comes from www.securepoint.cc By the way Securepoint also makes a very good firewall of their own.
2.1.5 is a fine firewall, but it takes a bit more than just copying the BZ ruleset to make it work. There are also some additional rules for dealing with the avast! web proxy at http://www.dslreports.com/forum/remark,12848459. And a little adaptation for the mail proxies. Not nearly as difficult as some of the forum comments indicate, through. Seems to be a continual work in progress, though; current avast! related set is shown. As far as the KPF 4 IDS, my experience was 100% false alarms POS, usually several a day when a site that was not in accordance with their database was visited.
Yep,
Have to create two software proxy loopback rules with list of ports that include the POP, SMTP, IMAP, NNTP ports as well as port 12080.
Can you post the rules here?
Port numbers, protocols, local and remote IP, etc. etc.
I think could be very useful for the users to know how to configure them…
Thanks.
Kerio 4 IDS files can be edited to eleminate certain types of false positives from one computer on the network to another computer on the network. For example, there were a couple of rule sets in the .rlk files that were creating false positives in the intrusion log. Simply placing a “#” at the beginning of the line will disable that particular rule rather than turning off the medium intrusion module. The instrusion module is independent of the trusted area in Kerio.
I have a good IDS in my DSL router (Cayman 3220h) that covers
IP Source Address Spoofing
Source Routing
Subnet Broadcast Amplification
Illegal Packet Size (Ping of Death)
Port Scan (TCP/UDP)
Excessive Pings
Admin Login Failure
MAC Address Spoofing
Works very well, no false alarms, catches things.
Out of KPF 4 I got about 20 false alarms a day because of the way it interpreted normal activity from various sites. I could probably have tried to dumb it down, but thought it was already adequately dumb and ignored it. Worthless POS advertising gimmick in my opinion, but YMMV. :
Certainly,
For Software Proxy Loopback 1
Protocol: TCP/UDP
Direction: Outgoing
Port Type: Any Port
Application: Any
Address Type: Network Mask
Network Address/Mask: 127.0.0.1/255.0.0.0
List of Ports:1-24,26-109,111-118,120-142
Rule Valid: Always and Action: Permit
For Software Proxy Loopback 2 everything will remain the same except add ports 144-12079,12081-65535 to the list. This way all or any programs trying to access these ports will need explicit permission from you.
Credit to this goes to the one and only Kerio 2.15 guru BZ, I have only modded it to suit Avast’s scanning at his suggestion.
Noticed that some of the users have KPF loading problem. I’m using Syagate Personal Firewall 5.6 build 2808. Occasionally it does not load at machine boot. There are also similar reports on their forum.
Regarding Kerio, are you guys using the free version? I am considering switching from Sygate to Kerio. Is the “Internet gateway”, which is provided by the paid version but not the free version (http://www.kerio.com/kpf_comparison_version.html), a vital element that a usual user should not be lack of?
No, the web portion of the paid version is disabled after 30 day trial. You don’t need it. It’s just a basic popup and advert blocker with some cookie options as well. Nothing important in my opinion. I’m using 4.1.2. There is reports that 4.1.3 is buggy on WinXP startup.
Thanks, Culpeper.
Do you mean that the “Runs as internet gateway” (see http://www.kerio.com/kpf_comparison_version.html) is unimportant either?
From where can I download 4.1.2? My machine is running on Win 98.
The “run as a gateway” says it is to support Internet Connection Sharing-is that even applicable with W98? In any case, Kerio has announced they will no longer support W98 for 4.2 and beyond. Try 2.1.5 if you want Kerio; the bugs in 4.1 will never be fixed for W98.
dito
I misunderstood about the internet gateway. I confused it with content filtering.
kenwong,
older versions of kerio (all the way back to 2.1.4) are available at:
http://download.kerio.com/archive/
(But they don’t seem to have added the 4.1.2 yet … )
Thanks, Culpeper and sded.
Installed 4.1.3. Was smooth initially. But the machine hanged during boot and needed to force a hard reboot!
May need to go back to Sygate. Could you please advise me about Outpost - how is it compared to Sygate and Kerio? My machine is running on Win 98. Thanks.
I used to use Outpost 1.0 on Win98 and I liked it very much. Can’t remember why I quit using it though. If you have access to ftp let me know and I’ll upload Kerio 4.1.2 install file.
Can anybody compare the Outpost Professional 2.5 with the ‘old’ Free 1.0 available?
Seems that the company isn’t updating the free version very often… Why?
I don’t think they have done a thing to version 1.0 since they came out with Outpost 2. Just just throw 1.0 out as a freebie.
Thanks, Culpeper and sded.
Installed 4.1.3. Was smooth initially. But the machine hanged during boot and needed to force a hard reboot!
May need to go back to Sygate. Could you please advise me about Outpost - how is it compared to Sygate and Kerio? My machine is running on Win 98. Thanks.
This got my curosity up so I disabled the router firewall and tested Outpost 1.0 (free version) and it still passes all the Sygate (sos) and Shields Up! tests. So, good enough for me on my Win98SE machine. I forgot how much I missed that old program. I love the way you can define application rules. There are some unneeded plugins like ads removal, DNS caching, and so forth that can be disabled. This old Outpost firewall is still viable security.
Also, did the same test with the WinXP firewall with the same results. Both run well with Avast!.