I'm just wondering if Kerio 4.2 is still safe behind a router. I'm using it currently just for outbound protection (outbound protection is best for free firewalls), with part of BZ's ruleset. I've been hearing that there are a lot of bugs in Kerio. Can somebody please tell me some, because i have not found any that applies to me.

Overall kerio is a pretty good firewall. It should work well for you.

Well, Kerio 4 has a reputation for being buggy, however, I think that 4.2 is actually pretty good. I have used it here without problems for a while. And with a router, you shouldn't have any worries.

Well when i do a test on ShieldsUP, Kerio and other programs always want to connect to shieldsup. I don't know whats up with that. Is there a program that copies KPF's application behavior blocking? It blocks programs from launching others, modifying, etc.

to a degree, Process Guard. Outpost Pro also has similar features

How about Antihook?

-{ Quote: "Well when i do a test on ShieldsUP, Kerio and other programs always want to connect to shieldsup." }-
What type of connection?

Regards,

CrazyM

-{ Quote: "What type of connection?

Regards,

CrazyM" }-

The connection looks like this. http://img353.imageshack.us/my.php?image=kerioconnect1ha.jpg

-{ Quote: "How about Antihook?" }-

I want to use Kerio 2.15 + Something that can prevent a program from being launched. I already have PG Full, and it cant do that. Antihook overlaps with PG too much.

Perhaps something like Abtrusion Protector then?

http://www.abtrusion.com/

http://img374.imageshack.us/img374/5391/log7vo.jpg

I also don't understand why Firefox and Msn Messenger are the targets of the probe. Isn't Kerio supposed to be an application based firewall?

-{ Quote: "I want to use Kerio 2.15 + Something that can prevent a program from being launched. I already have PG Full, and it cant do that. Antihook overlaps with PG too much." }-
If I were you I would dump PG and go with Antihook. It will do what you want, and many consider it much better than PG..

-{ Quote: "I also don't understand why Firefox and Msn Messenger are the targets of the probe. Isn't Kerio supposed to be an application based firewall?" }-
Do you have a loopback rule in place?

Regards,

CrazyM

-{ Quote: "Do you have a loopback rule in place?

Regards,

CrazyM" }-

I have this loopback rule. http://www.broadbandreports.com/forum/remark,8078377~root=kerio~mode=flat

Do you have the full log details?
Anything forwarded through your router?
Also, do you have log suspicious packets enabled?

Regards,

CrazyM

-{ Quote: "Do you have the full log details?
Anything forwarded through your router?
Also, do you have log suspicious packets enabled?

Regards,

CrazyM" }-

I can't find log suspicious packets. I ran GRC on DMZ mode, to try to test kerio.

Log suspicious packets is an option in Kerio 2.1.5, not Kerio 4.x...

There is an option to log packets going to unopened ports however.

-{ Quote: "I also don't understand why Firefox and Msn Messenger are the targets of the probe." }-
They were not targets of the probe. I believe Kerio is just showing any processes associated to/using the local ports at the time it was scanned and blocked.

-{ Quote: "I ran GRC on DMZ mode, to try to test kerio." }-
If you have put your system with Kerio in DMZ then what you are seeing in the logs is normal and to be expected.

Regards,

CrazyM