NetVeda 3.61 released

[Grumble]

@ node (guest)

Looks like this is the setup you need:

Installed Routing Configuration: check None
Internet: check Realtek RTL8139 ethernet
LAN Adapters: [don't check any]

If you also connect to the internet sometimes on dialup then check both Realtek and WAN Miniport under Internet. If you don't use dialup then there is no need to check WAN Miniport.

Choose which Alert Reports you'd like to see displayed and under Activity Reports check Internet Adapters.

You can tighten security as you prefer under Security and add specific rules and filters for users under Local Users if you like. Since your computer is not an internet sharing gateway to other computers you can ignore the LAN computers configuration section.

[q1aqza]

I don't use dial up - in fact I have removed the modem from my PC but I still get a WAN miniport option that I HAVE to tick otherwise NV reports as not configured. I discovered I can tick both my wireless adapter and the WAN miniport under Internet Adapter but can't do both under LAN Adapter as it won't accept as being configured.

Presumably ticking both adapters on just under Internet Adapter is still correct and secure if I'm behind a nat router and not running ICS?

I'm wondering if the reason I get a WAN miniport adapter is because my wireless NIC is a USB version?? Maybe the WAN minport is the USB component?

I intend trying this FW again as it does intrigue me. I've also just bought a laptop and at home I want to open it easily for file & print sharing on my home lan but when away from home I want to lock down netbios for modem or wifi. OP, Sygate, ZA and Kerio 4 have easy tick options to enable or disable - ZA is specially nice and easy with a slider - but I can't see anything obvious in NV that allows you to easily restrict or allow netbios on lan only??

[marceli7]

Quote:

Originally Posted by Kerodo

I assumed it was fragmented packets

AFAIK not. In my book it is unacceptable but maybe it is not so necessary for firewall to stop incoming UDP.

[Grumble]

@ q1aqzq

According to the NV pdf manual, safety.net automatically configures dialup adapters as Internet Adapters on installation. In my case, WAN Miniport was ticked by default. The only other adapter detected was a wireless card that gains cable broadband access through a wireless router, which I also ticked as an Internet Adapter. (Not using ICS, so no LAN adapters ticked, and no LAN computer policies to establish.) I have since unticked the WAN Miniport, since dialup is never used and every unneeded option only adds to resource useage. In your case, I would guess the mysterious WAN Miniport is probably still bound to TCP/IP even though you've removed your modem, so in any event ticking it or unticking it shouldn't matter to your security.

AND DON'T FORGET: When changing most configuration options you need to hit the APPLY button at the bottom of the screen before exiting that function or any changes will not hold.

As to allowing/restricting NETBIOS on LAN, I've not played with that and don't have much chance to because NV is installed on the wife's computer and she gets ticked if I mess around with her machine too much (I can only experiment with it surrepticiously, in the middle of the night... you understand...)

[q1aqza]

I've rebuilt many times since removing modem so I know it's not legacy and the wan miniport option is un-ticked and it has to be checked along with wireless usb otherwise NV reports unconfigured.

he he I have same issue with messing with PC that my wife uses - hence the laptop purchase and I've promised to leave it well alone apart from updating security apps when needed.

I'm going to re-istall and try this FW again

[pcalvert]

Quote:

Originally Posted by marceli7

AFAIK not. In my book it is unacceptable but maybe it is not so necessary for firewall to stop incoming UDP.

I'm not so sure either, but I don't like that behavior. IMHO, if inbound UDP is not in reply to something initiated by the local computer, I don't want it allowed at all. Of course, I am not an expert on networking, and we don't really know exactly what NetVeda does with the inbound UDP. So there may not be a problem.

Nevertheless, what I did was to create a couple of advanced rules. First I created a Network Group (under Groups) containing the IPs of my ISP's domain name servers. I called it "Domain name servers." Then, under Security, I clicked on the Advanced Internet Firewall tab and created two rules:

Rule allowing access to DNS:

Direction: Both
Rule: Allow
Service: DNS Client
Application: <All>
Local network: <All>
Remote network: Domain name servers


Rule blocking inbound UDP:

Direction: Inbound (or Both)
Rule: Deny
Service: UDP Traffic
Application: <All>
Local network: <All>
Remote network: <All>


After I did this, the "illegal" inbound UDP stopped showing up in the Network Activity log. Instead, it shows up in the Alerts log. What's strange about the Alerts log is that it doesn't say whether the traffic is TCP or UDP. However, I have been able to figure out that the blocked inbound UDP is showing up in the Alerts log as "Restricted port."

Also, regarding the advanced rule blocking inbound UDP: Initially I created the rule with the direction set to "Inbound." Today I tried changing the direction to "Both," and I haven't noticed any adverse effects so far.

Unfortunately, none of the above may even matter for much longer. At least for me, anyway. I have been experiencing sporadic BSODs ("blue screens of death") for the last couple of days. Since this is quite unusual for my system, and they started right after I started using NetVeda, the culprit is probably NetVeda. So I will be uninstalling it today and installing Kerio 2.1.5 with BlitzenZeus's advanced ruleset. But if Kerio gives me any trouble at all (like it did in the past), then it's back to Sygate.


Phil

[rdsu]

All of you tried to sent an e-mail to the NetVeda developer?
Maybe could help and improve this nice feirewall...

[Kerodo]

Quote:

Originally Posted by marceli7

AFAIK not. In my book it is unacceptable but maybe it is not so necessary for firewall to stop incoming UDP.

A firewall should stop ALL incoming traffic that is not expressely allowed...

[q1aqza]

Quote:

Originally Posted by q1aqza

I intend trying this FW again as it does intrigue me. I've also just bought a laptop and at home I want to open it easily for file & print sharing on my home lan but when away from home I want to lock down netbios for modem or wifi. OP, Sygate, ZA and Kerio 4 have easy tick options to enable or disable - ZA is specially nice and easy with a slider - but I can't see anything obvious in NV that allows you to easily restrict or allow netbios on lan only??

Further to my previous post, I gave NV another try to see if it would be a good choice for the new laptop when using public wifi or dial up (most of time it is at home behind a router). I still could not see how to allow file and print sharing on a trusted LAN. It seems the only way to get it to work is to uncheck the block unsolicited packets (can't remember exact option as I am at work now) and allow file & printer sharing on internet. Unchecking these is fine when behind a router but not ideal, if for instance you were to forget to re-check the options when you use the dial up or public wifi.

I would appreciate any advice on how I can create a trusted LAN scenario within NV.

[Slovak]

Quote:

Originally Posted by pcalvert

Unfortunately, none of the above may even matter for much longer. At least for me, anyway. I have been experiencing sporadic BSODs ("blue screens of death") for the last couple of days. Since this is quite unusual for my system, and they started right after I started using NetVeda, the culprit is probably NetVeda.

Phil

Funny you should say that as I too have experienced weird bsod's since installing this, I have since removed it and am back to just my hardware firewall and no more bsod's.

[sweater]

Quote:

Originally Posted by Arup

http://www.netveda.com/updates

Changelog:

New features since 3.6 release include,

- Windows Security Center integration for XP-SP2
- Export option for the Alert and Activity reports
- Performance improvements and lower memory usage
- Diagnostic report creation using Administrator GUI (Help menu)
- Automatic IP address change detection for all supported platforms

Bug fixes since 3.6 release include,

- Administrator GUI fails to start when several windows hooks are installed
- License expiry dialog is shown when system date is changed
- Error Handler is unable to create report
- Time restrictions are not working on some platforms
- Intermittent shutdown problems on Windows 95/98//ME
- Unable to pickup network adapters on some computers
- Unable to start service on some legacy computers
- VPN Conflict with some non Microsoft WHQL compliant drivers

is this very compatible w Avast antivirus?

[FastGame]

Quote:

Originally Posted by sweater

is this very compatible w Avast antivirus?

Works fine with my Avast!

Sweater,

NetVeda works nicely with Avast, so does quite a few others like Jetico, ZA, LnS etc.

[FastGame]

Quote:

Originally Posted by Arup

Sweater,

NetVeda works nicely with Avast, so does quite a few others like Jetico, ZA, LnS etc.

Arup is the one who helped me setup NetVeda & Kerio 2.1.5 to work with Avast! WebShield, he did a nice job and I don't have problems

[squibbon]

Has anyone tried scanning their system with Sygate's online service with NetVeda 3.61 installed? The Sygate 'stealth scan' consistently reports most ports as closed rather than stealthed on my system - while the Shields Up! and other sites report that the same ports are stealthed.

Squibbon,

To get stealth, make sure you have checked block all unsolicited connections in NetVeda, otherwise you will get the blocked result.

[squibbon]

Quote:

Originally Posted by Arup

Squibbon,

To get stealth, make sure you have checked block all unsolicited connections in NetVeda, otherwise you will get the blocked result.

I have. I always have everything checked on that particular Safety.Net screen except for Activate Component Learning.

What makes this really weird is that only the Sygate stealth scan reports that Safety.Net is allowing the system to respond to the port probes - other security sites like GRC report the same ports as stealth.

Just to experiment, I completely uninstalled NetVeda, cleaned the Registry, then repeated the same scans using the Windows XP firewall, and then the firewall that comes with Trend Micro PC-cillin Internet Security 2005. With these firewalls, all ports reported as stealth according to Sygate. I then cleaned the Registry and reinstalled NetVeda, making sure that the block all unsolicited connections box, etc. was checked. Sygate still reports ports are closed not blocked/stealthed. The other sites report the same ports as stealthed.

[Mucker]

HI
i Squibbon
I JUST INSTALLED AND TESTED 3.61 AND IT PASSED BOTH LEAKTEST AND SYGATE STEALTH RIGHT OUT OF THE BOX. I REALLY LIKE THIS FW, REPLACED ZA WITH IT. TOOK ME AWHILE TO UNDERSTAND THE SETUP( tech impaired ).
Can"t type either

Mucker

[squibbon]

Interesting, since another user is having identical problems with the Sygate stealth scan as I am, and we definitely aren't tech impaired. See:

http://forums.netveda.com//index.php?showtopic=105

and

http://forums.netveda.com//index.php?showtopic=78

What are your security settings for NetVeda?

[CrazyM]

Quote:

Originally Posted by squibbon

Interesting, since another user is having identical problems with the Sygate stealth scan as I am, and we definitely aren't tech impaired. See:

http://forums.netveda.com//index.php?showtopic=105

and

http://forums.netveda.com//index.php?showtopic=78

What are your security settings for NetVeda?

Have a look at the following post in regards to the Sygate Stealth Scan and see if it helps:
http://www.wilderssecurity.com/showthread.php?t=39260

From your links the one poster indicates they are using AOL which could be a factor by virtue of how their service works.

Regards,

CrazyM

[Mucker]

Squibbon--internet security all checked except enable component trust--that's all i've done.

MUCKER

[squibbon]

Thanks, CrazyM -

I'm not running NetVeda at present (the lack of response to issues posted on their forums has become rather irksome to both me and, from what I read there, other users as well - thank heaven for Wilders!!), but I did have advanced firewall rules permitting access to and from my ISP's DNS and DHCP servers as per the NetVeda tech support staff's recommendations posted on the NetVeda forum here:

http://forums.netveda.com//index.php?showtopic=15

http://forums.netveda.com//index.php?showtopic=21

My internet security settings were identical otherwise to Mucker's. Unlike the other poster, I am not running AOL.

[fannymites]

I tried this firewall a few months ago but I was unable to use due to major conflicts with Objectbar. Can anyone tell me if NetVeda works ok with ob now?