It can be used as a mainly application controll firewall, same as Sygate. In many ways it is easier.
Users familiar with other firewalls should install it straight with the “advanced” ask everything setting. Controlled I think by the “Any Other Application” rule that should be set to ask I think in all 4 settings, trusted or internet, inbound or outbound connections.
Regarding to Avast’s asmaisv.exe, I left it in block for inbound and made a packet filter rules for outbound pop3, smtp and nntp ports.
Those packet filter rules are the same as the so called “Advanced rules” in Sygate.
Then I went to sycnhronize my computers clock, and was pleasantly surprised Kerio did not need any 'Packet filter…" rule for that. It worked straight out.
Tech, if you read this, I agree with you that BZ’s ruleset should not have to be used with KPF 4.
KPF 2.1.5 is a straight packet filter and those rules there are are handled by 4.2 automatically. They can be of cause applied if some knowledge and wanting a really tight setup, some of them to tighten up, but totally different beasts. Kerio 4.2 is really much more user friendly. No beed to handle DHCP or DNS traffic.
I disabled web filtering … some setting there disabled me to run my fave speedtest: http://www.adslguide.org.uk/tools/speedtest.asp
Kerio 4.2 did not slow down my connection at all. Neither did Sygate ever slow down my internet connection.
I enabled “Enable Advanced Behaviour Blocking” that handles among other things applications launching other applications. Needs my permissions for them to do that. “Antiapplication hijacking” feature is the same in Sygate.
So far so good, and absolutely no crashes in GUI as I have heard some user’s having
Same here… and just like you mentioned, Kerio passes TooLeaky test without any problems (it asks for your permission when Advanced Behaviour Blicking is enabled). I mean, this one:
I was using 4.2.0 and now 4.2.1 and I never experienced any GUI crashings, except for example… let’s say if Azureus (Torrent client) is open and it’s downloading something huge, or even holds few huge dowloads, and you open Kerio, it will look like it’s frozen, and some parts of the window will be missing… but it lasts only for let’s say 20-30 seconds (maybe longer) and then everything goes back to normal.
Haven’t tried 4.2.2 yet though, but I believe it’s true that they fixed those things.
Do you know anything about Comodo firewall ? I like the fact that is free and it’s promising a lot of good stuff… I also like this one:
Quote from the official web site:
Unlike the stripped down versions of commercial software that other software vendors offer for free, this is the full, completely functional version of the product.
Do you know anything about Comodo firewall ? I like the fact that is free and it’s promising a lot of good stuff…
Well, I have only knowledge of Norman, Sygate … ( a litle F-Secure) and then Kerio FW’s.
Until today I was even very wary of trying KPF 4.2, but Tech’s comment on other thread + I tried AntiHook today (not recommending in my experience), so after AH when I liked to add some more security to my SPF i went to 4.2. IMHO there can be too much security programs at some point AntiHook was too much for me.
I think Sygate and Kerio are pretty much covering things as pure firewalls (Hips and nipples removed after 30 days )
And don’t really need any security suits, same as you I think. Running Firefox mostly, NoScript extension … Really wonder why I never get any spyware, hehe.
Yes, and that’s the main reason I asked… full feature only in paid-for versions, and of course 30 days trial period only… That’s why I was wondering what is that that Comodo has to offer and it’s completely free of charge…
...
...
...
And don't really need any security suits, same as you I think. Running Firefox mostly, NoScript extension .... Really wonder why I never get any spyware, hehe
...
...
...
Exactly, I don’t wanna turn my PC into security fortress, no way… I don’t wanna see 99% of system resources used by security applications… what would left for my primary computer use ? Nothing… and I need a lot of resources when doing my creative part of those tasks…
No probs here with Kerio 4.2.2 altho’ I did have a few odd errors using 4.2.1.
I ran it thru’ ShieldsUp and it passed with its default settings. All the most recent releases have passed; it was earlier incarnations that required a wee tweak.
I’m impressed that Kerio are still updating a firewall they intend to discontinue.
Ok trust me Kakapo, KERIO is everything but not dead ! Remember what I told you
Even when they completely “shut down” that project I’m sure they will sell that licence to someone else who is interested. No one clever enough would let that product wanish just like that, no way !
If nothing else, it will be released under the GNU licence and we all will be happy again. But, again as I already mentioned… someone will buy it eventually and continue with it’s development. At least that’s what I would do if I had all that money…
Yes i’m having those problems too Sasha but it lasts around 5 sec maybe in 4.2.1 but before when i had 4.1.3 and 4.2.0 it lasted half a minute on my comp too for the window to open up completely…
No prob here. Kerio is my favorite FW, which is good for learning how network works and is also quite configurable, too. In fact, I disabled some automatic features and am using DNS configuration given by my provider. With my security router, I feel quite safe.
As some people mentioned, it has a simpler sandbox app compared with Anti Hook. I am using Limited Free version but I am not using IE at all either.
Exactly and it’s my backup firewall anyway, since I trust my hardware router/firewall more than anything in the world…
It’s not about the PC configurations ot graphic card types, it’s all about some bugs in Kerio’s GUI engine. Kerio team admited that, and it’s obvious it was a real problem. Here is official web site, with release history… See what they said about v4.2.1:
4.2.1 - September 29, 2005
- fixed low-risk security bug allowing a local application to crash the system
- fixed some false positives of HIPS detection algorithms
- fixed problems with crashing applications when KPF was used together with McAfee VSE 8.0i
* removed 'Details' column from NIPS log view
- [b]fixed bug that GUI was sometimes frozen for a while when user switched to logview[/b]
- fixed problems with non-US characters in HIPS exception paths
- [b]several minor GUI fixes[/b]
* improved web filtering. It is now compatible with wider range of web sites.
I had thought I had denied generic host all inbound accesses.
And when sending from my computer clock a permission to update my computer’s clock, it was through port 123 udp to time server.
All is well so far. But UDP requests should not be both ways, accepting incoming traffic unless allowed allowed in the same communication?
I really thought I need to add a packet filter rule when that time server contacts me from my request. So it is in Sygate.
So regarding Tech’s worries about whether to need to add some packet filter rules to be safer than Kerio 4.2 default I am now not so sure?
When I write this, only matunga answered me in Kerio forum, so I wait for more there
I can’t remember the default setting. However, I let all the svchost.exe connection denied in “Applications” with a rule allowing svchost.exe IN/OUT connection local/remote UDP 123 (only for the servers on the list) in “Advanced Packet Filter.” I tried to do the same thing for Windows Update but the servers were numerous and I eventually had to give up. Now I temporally let KPF ask about the svchost.exe connection only when I am updating.
Jarmo P, after reading your post, I allowed internet outbound connection for svchost.exe, unchecked the rule in “Advanced Packet Filter” and manually tried to update the time, which was unsuccessful. It works exactly as expected.
I made a specific packet rule even (should not be needed since Generic Host for win 32 services is not allowed any incoming connections by me in Applications) to block that incoming connection.
Rule to block UDP 123 local port for that process incoming.
Still I could update my clock, aaarrrgggh.
Now I am really puzzled, but I need to examine more, so no more posts from me about only wondering, if no light on this subject from me
I loose my trust so easily and don’t want it to be KPF 4.2.2
This is something that I found out today from the Kerio “Customer Service” Dept in California. I called their phone # and talked to a young lady in that department. When I mentioned that I knew that they were discontinuing either “Tech Support” etc at the end of Dec, 2005 she informed me that they WOULD be continuing Tech support for K.P.F. until the end of year 2006. I am considering going to this firewall as my Z.A. Pro subscription is about to lapse. Just thought I would pass this info on in case anyone was interested.
Edit: I later called their “Tech Support” Dept who said that the Tech support provided until the end of the year 2006 would be via E-Mail Only!
AntiHook was too much for me.
)