Tips/Advises on Sygate Free

[atomomega]

Well, last weekend I bought a 2.0 GHz Celeron processor with a 512MB Kingston RAM stick for like $5 or so... I know, I know... But I like to feel the power of building something up from scratch with recycled stuff. So I have a rather-nice PC running XP Pro SP3 and decided I'd use it for surfing the web and Office tasks, which will be used only by me.
Got Panda Cloud and Sandboxie (freeware) but felt like adding a firewall, so went ahead and installed Sygate Personal Firewall v5.6 b2808. Searching for a walkthrough for this on Wilders turned out 0 results, other than threads discussing the pros and cons of running abandonware, but nothing like a guide to set advanced rules or how-to's.
Basically I would like to see if somebody here is still running it and/or share experiences.
I'm behind a router, btw.

Thank you for your time.

[Mrkvonic]

I still have it on one xp box.
Works great, including some useful lan and vm rules.
But as far as future goes, i.e. xp end of life, this is where it will truly end.
Mrk

[AaLF]

Before you go too far down the track, why not make the switch to Kerio 2.1.5?

Still loved and you'll find mountains of threads and blogs with tips and tweaks vis google.

[kerykeion]

If I may suggest, though this is a bit OT, why not use a Linux distro using a light desktop environment? (ie, LXDE, XFCE or etc). Since the main purpose of the machine is for Web and Office purposes only, unless of course, you're going to use MS Office (though you may use Wine as a compatibility layer).

[atomomega]

Quote:

Originally Posted by Mrkvonic

I still have it on one xp box.
Works great, including some useful lan and vm rules.
But as far as future goes, i.e. xp end of life, this is where it will truly end.
Mrk

Thank you very much for your input Mrk. Yeah, I'll keep that pc with XP and a minimal collection of (mostly) free software.

Quote:

Originally Posted by AaLF

Before you go too far down the track, why not make the switch to Kerio 2.1.5?
Still loved and you'll find mountains of threads and blogs with tips and tweaks vis google.

Have you used Kerio? I've also read it was a good firewall so might give it a try. I'm liking the way Sygate prompts for user input, it explains things in plain simple words. hehe. Thank you for the suggestion, I'll give it a try soon.

Quote:

Originally Posted by kerykeion

If I may suggest, though this is a bit OT, why not use a Linux distro using a light desktop environment? (ie, LXDE, XFCE or etc). Since the main purpose of the machine is for Web and Office purposes only, unless of course, you're going to use MS Office (though you may use Wine as a compatibility layer).

I actually installed Crunchbang (#!) on the same rig but on a separate 20GB HD I got that same day. I like it a lot and runs smoothly on this one. You are correct, I'm very used to MS Office. I have no experience whatsoever on Wine, do you? I'd appreciate a lot if you could enlight me on how to use it.

[Syobon]

Yes, uninstall it, privatefirewall is free and light and not outdated.

[act8192]

Quote:

Originally Posted by atomomega

...installed Sygate Personal Firewall v5.6 b2808. Searching for a walkthrough for this on Wilders turned out 0 results, other than threads discussing the pros and cons of running abandonware, but nothing like a guide to set advanced rules or how-to's.
Basically I would like to see if somebody here is still running it and/or share experiences.

I ran it about 2-3 years ago. Great logging. There is a limit to how many applications you can have or how many rules, I can't recall. Sygate userguide
http://www.downloadit.de/pspf55_userguide.pdf


But if you use anything with a localhost proxy (NOD, Avast, Avira...) for watching the web, you can't use it because it doesn't watch localhost well as ZA or Outpost or Sunbelt or Kerio 2.1.5. Kerio watches local host like a hawk. Yes, of course, it does ask questions from which you can make rules, unless you choose to disable it from asking questions for whatever reason.

[kerykeion]

Quote:

I actually installed Crunchbang (#!) on the same rig but on a separate 20GB HD I got that same day. I like it a lot and runs smoothly on this one. You are correct, I'm very used to MS Office. I have no experience whatsoever on Wine, do you? I'd appreciate a lot if you could enlight me on how to use it.

I 'm no Linux expert though, there are some quirks of using Wine and Office 2007, but I'm sure there's a way (I remember seeing one before at /.). There are experts on this thread, maybe try posting in the All things Unix thread, I'm sure there are lots of people willing to help there.

[atomomega]

Quote:

Originally Posted by kerykeion

I 'm no Linux expert though, there are some quirks of using Wine and Office 2007, but I'm sure there's a way (I remember seeing one before at /.). There are experts on this thread, maybe try posting in the All things Unix thread, I'm sure there are lots of people willing to help there.

Will do my friend, thank you for the hint!

[atomomega]

Does somebody know how to stealth Port 80? GRC's ShieldsUp! shows that it isn't.

[kerykeion]

On Sygate, right-click on the running applications and select Connection details. Check which application is listening on port 80.

[atomomega]

Thank you mate! I didn't notice you are using Sygate too until today, hehe. Have you found trouble with the ntoskrnl.exe blocked traffic notifications?
Thank you again for your time.

[kerykeion]

Hmmm, I didn't notice, I'll check once I use my laptop at home. Just testing out Sygate again, it is generally quite light however my CPU utilization rises whenever I do some torrenting.

(Currently at work and using a laptop with Symantec Endpoint Protection)

Update:
No problems at all.

[deadmeat]

Removing the default "act as server" setting is important.
As far as I'm aware the free version of Sygate is limited to 20 advanced rules.
You might also find this useful.

http://bellsouthpwp.net/i/k/ikpe/SygateBasics.html
http://bellsouthpwp.net/i/k/ikpe/SygateBasicsPt2.html

At one time there was also a free third party plugin for the log which offered advanced filtering, but last time I searched I couldn't find it hosted anywhere now.

[atomomega]

Quote:

Originally Posted by kerykeion

Hmmm, I didn't notice, I'll check once I use my laptop at home. Just testing out Sygate again, it is generally quite light however my CPU utilization rises whenever I do some torrenting.

(Currently at work and using a laptop with Symantec Endpoint Protection)

Update:
No problems at all.

Thank you for checking that out. I noticed you are not running Sygate anymore.

Quote:

Originally Posted by deadmeat

You might also find this useful.

At one time there was also a free third party plugin for the log which offered advanced filtering, but last time I searched I couldn't find it hosted anywhere now.

Thanks for those links. Very interesting, I'm learning a lot. Do you use Sygate? or did you use it?

[observence]

hi atomomega,
ive used sygate version 5.5.2710 on my 98se and xp since it came out.
here are acouple helpful links:
http://pwp.att.net/p/s/community.dll...serpw=.&uh=1,0
and
http://cyberquebec.ca/snoweagle/advancedrulessetup.html
this last link is from my site but dont look at the last time i updated my site;-(. anyway the info is good!
version 5.5.2710 is the most stable of sygate releases!
i also setup kerio 2.1.5.
kero d/l:
http://www.321download.com/LastFreew...nal%20Firewall
imfo on setup:
http://www.dslreports.com/forum/r186...5-for-Dummies-
default settings updated:
http://www.dslreports.com/forum/r802...acement-Update
note: kerio 2.1.5 is a pure rule based fw
O

[ichito]

Thanks observence Your information are very useful for me because just now I try setup with Kerio 2.1.5

[observence]

hi ichito,
one more link for kerio:
http://members.dslextreme.com/users/surferslim/tpf.html
just take your time and work your way through the rule sets.
i used Karens Whois to help me set it up but im using sygate at this time on my xp systems.
O

[observence]

hi ichito,
here is a wilders link for kerio fw. i knew i had the link somewhere but had to dig into my older bookmarks to find it.
http://www.wilderssecurity.com/showthread.php?t=182158
O

[act8192]

@ichito,
And another link is up top of this section - a sticky by CrazyM - scroll down to "customizing firewall rules". It's great for Kerio and other rule type firewalls. Read all four sections. If I recall, the only obsolete thing is there for DNS local port restrictions. Things have changed, so don't limit it on the local side.

[atomomega]

Quote:

Originally Posted by observence

hi atomomega,
ive used sygate version 5.5.2710 on my 98se and xp since it came out.
here are acouple helpful links:
http://pwp.att.net/p/s/community.dll...serpw=.&uh=1,0
and
http://cyberquebec.ca/snoweagle/advancedrulessetup.html
this last link is from my site but dont look at the last time i updated my site;-(. anyway the info is good!
version 5.5.2710 is the most stable of sygate releases!
O

Thank you for the links! I already went through all of them and found Sygate to be extremely tweakable and configurable. I saw the rule-creating walkthrough on your site! That was very explanatory. Now I'm only lacking knowledge on ports and protocols so I could understand what they are talking about on that other link you gave me. lol

I'm really starting to like Sygate a lot!

[ichito]

Maybe should we chenge the topic to the "Tips/Advises on Sygate Free and Kerio 2.1.5"?
@act8192
Thanks a lot I'll study hard the whole articles and in the near future I'll show my own rules of Kerio

[observence]

hi atomomega,
ports and protocol:
Transport Layer protocols, such as the http://en.wikipedia.org/wiki/Transmi...ntrol_Protocol Transmission Control Protocol (TCP), the User Datagram Protocol (UDP), specify a source and destination port number in their packet headers.
A port number is a 16-bit unsigned integer, thus ranging from 0 to 65535.

in english

when data is transmitted to you ( your ip address, the header, says what port is used)
common ones, port 80 web browser, port 110 and 23 is used to transmit and receive e-mail.
hope this helps.
note: i also uncheck "Allow ICMP traffic" while unchecking "Act as Server".
O

[observence]

hi atomomega,
how are you doing with sygate?
O

[AaLF]

Re-fresh my memory please;

Old Sygate and LnS and most FWs have an Application list showing the status of applications either blocked or allowed net access.
http://bellsouthpwp.net/i/k/ikpe/ima...plications.png

Does Kerio have this easy-read list too ( i dont recall)?