-{ Quote: " We are pleased to introduce first version of our new software - Jetico Personal Firewall. The software offers detailed, configurable event logs, reports, plus the option to view and edit the firewall configuration. The modular architecture is as open as possible to assist with easier evaluation of the security. The Jetico Personal Firewall enables you to:



Protect your computer against hackers and malicious software when networked or connected to the internet.
Choose a pre-defined Security Policy.
Edit an existing Security Policy (i.e. the firewall rule set configuration).
Create your own Security Policy.
Monitor running applications that access the network.
Monitor selected/all network packets as well as selected network events." }-
This is final release i believe.

i dont use jetico pf, but now that its not longer beta and still freeware, maybe ill give it a shot. i know theres a complete thread about jetico, but could someone summarize a comparison between jetico, sygate pf pro, and outpost pf pro?

Time to give this baby another whirl.

As soon as you guys get a chance to try it out, please report back. I would be interested in finding out how much memory it uses!

19. v. 1.0.1.48 Freeware, 17th January, 2005.
The problem occured in the firewall interface when the program displays log entries is fixed. The problem of compatibility with programs creating many listening/accepting sockets (like Vypress Chat) is fixed.

-{ Quote: "As soon as you guys get a chance to try it out, please report back. I would be interested in finding out how much memory it uses!" }-
Seems very light, fwsrv.exe taking up only 2852K Virtual memory.

I received an email from Jetico asking me to try out the new build and see if the problem that I previously had with Sun Java is fixed.

Well, they fixed that problem, and so far I have not found any new bugs. They must have done some work on the process table.

Memory use is about 5 mb. You can't get much lower than that.

Fellow Creatures,
Please keep me/us less experienced firewall users posted. My Emachine NPF 2004 expires in May. ;)

May? That is eons from now. A firewall that expires, what a concept. Heck, its free. Try it. Remember, its rules based. From my experience with Kerio 2.15, it ws relatively easy to do the rules for mall my applications. Some of the other stuff that is under the hood is a bit difficult to understand. I suspect there is a lot in that little FW.

If its as configurable as Kerio 2x hopefully it should be as easy to setup, currently I have a ICS setup for my dial-up connection so I hope the program makes that easy to configure as Kerio 2x.

Jetico = Kerio 2.1.5 + Sandbox + More!

I am loving it. But be aware that I still found some small bugs: the software should still be considered beta. Anyway it is already better than any other free firewall. Give it a try!
-hojtsy-

I've installed it. it seeem quiete secure, but i'm still confused with hierarchical of table, what i don't understand is: If i create an application rule for internet iexplorer in the application table with verdict web browser, the firewall process goes to the table ask me, i got pop up and if i answer yes i've access to internet.
then i'm not ask anymore.

but why it goes to this table ( ask table) if the rule match ???????

thanks

-{ Quote: "I've installed it. it seeem quiete secure, but i'm still confused with hierarchical of table, what i don't understand is: If i create an application rule for internet iexplorer in the application table with verdict web browser, the firewall process goes to the table ask me, i got pop up and if i answer yes i've access to internet.
then i'm not ask anymore.

but why it goes to this table ( ask table) if the rule match ???????
" }-
Most probably your rule was not matched. Did you put any event/protocol/host/port restrictions into it? All of these should be "Any".
Another thing you should care for is the order of rules. If the reference to Ask User table is before your newly created rule, then it will be processed before your rule. In this case reorder your ruleset by drag-and-dropping your new rule between the rule triggering the System Applications table, and the rule triggering the Ask User table.
You can check your rule was matched by enabling logging for that rule, and triggering the communication in internet explorer. The log will list the rule if it is matched.
-hojtsy-

-{ Quote: "Most probably your rule was not matched. Did you put any event/protocol/host/port restrictions into it? All of these should be "Any".
Another thing you should care for is the order of rules. If the reference to Ask User table is before your newly created rule, then it will be processed before your rule. In this case reorder your ruleset by drag-and-dropping your new rule between the rule triggering the System Applications table, and the rule triggering the Ask User table.
You can check your rule was matched by enabling logging for that rule, and triggering the communication in internet explorer. The log will list the rule if it is matched.
-hojtsy-" }-

thanks for answer
but i check all that you said and i still have the problem let me explain more:

I create an application rule for iexplorer between system application and ask user in the application table.

verdict of this rule is web browser witch is another table ( i didn't touch), i enable logging for this rule.
the log says that it enter in the web browser table, don't find any rule match (witch is very strange)and goes back to application table, enter and ask user table and finally ask me to add this rule.

i really don't understand why it goes to this table (ask user).
i write mail to the support but still don't have answer.

hey...
get me a manual for this thing man...
too hard to think straight with all that weirdness going on in its config screens.
Anyone willing to translate it all into Kerio?

PS: thanks Snapdragin... sorry about not PMing... I'm lazy ;)

no13:

I foundit preetty easy to go from Kerio application rules to Jetico rules. One nice shortcut is to make a table for "Simple HTTP". Just two rules: the first allows access to the network, the second allows local ports 1024-5000 to connect TCP outbound to port 80 at any remote address. A lot of programs can use this table.

Another trick is that UDP is replaced by TCP/send datagrams or TCP/receive datagrams.

The part I do not understand is the system l evel stuff. DNS address is "name server" but I can't find which addresses are in its range. I suspect that there is a lot of elegant power in the way that thevarious tables interact, but I really do not know what is going on with that.

can someone who is jetico user's friendly can post a tutorial or config's screenshots.
cause i think this firewall has lot of posibilities but it's dificult to learn.
thanks

-{ Quote: "hey...
get me a manual for this thing man...
too hard to think straight with all that weirdness going on in its config screens.
Anyone willing to translate it all into Kerio?" }-Actually the manual which you can download is pretty good. I am afraid I can not translate it into Kerio, even though I think I understand both. It just provides more control not available in Kerio.
-{ Quote: "
i really don't understand why it goes to this table (ask user).
i write mail to the support but still don't have answer." }-OK, I have one more idea. Your Internet Explorer is initiating "outbound connection" to a remote port which is not listed in the Web Browsers table. By default this table only allows remote port 80 (http) and 443 (https). The Web Browser table ends with the verdict Continue, meaning if no rules from this table is matched the walking through the ruleset continues - in your case with the rule triggering the Ask User table. I modified my Web Browser table to allow remote port 8080 (http proxy) too, but that may not be enough. If you usually browse sites which are using exotic ports, you may need to allow "outbound connection" to any remote port in the Web Browser table.
All of this is caused by the quite restrictive default ruleset. For example the default permitted port list for Outpost firewall lists several other remote ports in the Web Browser preset.
-hojtsy-

-{ Quote: "can someone who is jetico user's friendly can post a tutorial or config's screenshots.
cause i think this firewall has lot of posibilities but it's dificult to learn.
thanks" }-How about you download the official User Guide (http://www.jetico.com/Firewall.chm) which includes several full screenshots? Or is there any problems with that one?
-hojtsy-

-{ Quote: "Actually the manual which you can download is pretty good. I am afraid I can not translate it into Kerio, even though I think I understand both. It just provides more control not available in Kerio.
OK, I have one more idea. Your Internet Explorer is initiating "outbound connection" to a remote port which is not listed in the Web Browsers table. By default this table only allows remote port 80 (http) and 443 (https). The Web Browser table ends with the verdict Continue, meaning if no rules from this table is matched the walking through the ruleset continues - in your case with the rule triggering the Ask User table. I modified my Web Browser table to allow remote port 8080 (http proxy) too, but that may not be enough. If you usually browse sites which are using exotic ports, you may need to allow "outbound connection" to any remote port in the Web Browser table.
All of this is caused by the quite restrictive default ruleset. For example the default permitted port list for Outpost firewall lists several other remote ports in the Web Browser preset.
-hojtsy-" }-

i was browsing yahoo or google, do you mean that these sites use exotics ports !!!!!!!!!.
Could yout tried my config on your computer and let me know the result.

The link to the user guide is the compiled help file that installs with Jetico PF. I managed to get something out of it, but I have a few more questions.

I have been able to migrate my experience creating application rules with Kerio 2.15 and have been able to get an idea of what is going on, although some things on the system level seem a bit oblique. Most of my knowledge in this area comes from the Kerio support forum over at DSLR, and from BlitzenZeus' rule set in particular.

It would be great if one of the resident networking gurus started to look under the hood of Jetico and posted what they can find out.

-{ Quote: "It would be great if one of the resident networking gurus started to look under the hood of Jetico and posted what they can find out." }-I don't have time to write a full tutorial, but I will try to answer any specific questions.
-hojtsy-

-{ Quote: "i was browsing yahoo or google, do you mean that these sites use exotics ports !!!!!!!!!.
" }-
Possibly yes. The remote port can be seen in the learning popup, and in the rule created if you just pressed Allow. Can you tell what is/was the remote port.
-hojtsy-

-{ Quote: "Possibly yes. The remote port can be seen in the learning popup, and in the rule created if you just pressed Allow. Can you tell what is/was the remote port.
-hojtsy-" }-

I'll try tomorrow at work because my testing computer is there.

What about opening a specific forum ? It will be very usefull for user who are interested by this firewall.

i'll send results tomorrow

bye

-{ Quote: "What about opening a specific forum ? It will be very usefull for user who are interested by this firewall." }-
You mean we ask Paul Wilders himself to create and open a subforum for Jetico Firewall? Hmm interesting idea. I would like it. Especially considering that it has no other dedicated forum.
-hojtsy-

It looks to me that the "other firewalls" forum here is the de facto unofficial Jetico firewall forum. Perhaps we could get someone from Jetico to post here. I wonder if they even read this stuff.

Well I installed it last night, all worked well. Came home from work today and Firefox would not load any internet pages, but IE would. Firefox worked in safe mode, but not regular, I removed Jetico, cleaned Jetico entries out of my registry and Firefox works again. Maybe this is a bug depending on ones system set-up and things related?

-{ Quote: "Well I installed it last night, all worked well. Came home from work today and Firefox would not load any internet pages, but IE would. Firefox worked in safe mode, but not regular, I removed Jetico, cleaned Jetico entries out of my registry and Firefox works again. Maybe this is a bug depending on ones system set-up and things related?" }-
I am using Jetico + Firefox withouth a problem here. I am afraid the problem should be with your ruleset.
-hojtsy-

Keep in mind that although they say it's out of beta, that doesn't mean that it's necessarily without bugs. If he just installed JPF with the default rule set, there should be no problems. Could be user error or it could be a bug.. ;)

Hi all, I see there are many problems here with rules, I suggest that people who are running this firewall without problems put their configuration here, so that it could be performed by experts. I think this is the better way to make a default configuration for it. what do you think about this?
Let´s prepare our rules!!!

thanks friends

I don't think Jetico lends itself very well to sharing configs. You'd have to share optimal config files and then all the ask user sections wouldn't apply to other people and so on. I don't know. Maybe someone has an idea...

It seems to me that the default rules are pretty much ok, and if they don't work for someone then there's perhaps a problem with JPF. Things do require a fair amount of tweaking though.. something that one has to take the time to do.

Generally speaking, there's no substitute for experimenting and perfecting things on your own...

I downloaded JPF fo Windows Free 1.0.1.48 but I can't install it. I receive the error message shown in the attached pic err1.jpg then I receive the error message shown in the attached pic err2.jpg..
what can I do to fix it?
thanx in advance..

error 2..
P.S.: I am running win98se.

-{ Quote: "I downloaded JPF fo Windows Free 1.0.1.48 but I can't install it. I receive the error message shown in the attached pic err1.jpg then I receive the error message shown in the attached pic err2.jpg..
what can I do to fix it?
thanx in advance.." }-
Try emailing to support@jetico.com . They provide the best support I have ever received in the software industry.
-hojtsy-

Some of the confusion with Jetico application configs is that when you get a learning box and you check allow to create a rule, it defaults to placing the address of the remote in the rule rather than "any". Nearly every one of these rules must be edited to change the remote address field to "any".

There are actually a lot of useful pre-made rules that can be chosen for mail, ftp, web browser and blocked application. Their Bittorrent client rule needed some work. As a temporary measure an application can be given "trusted application" status until a tighter rule can be worked out.