Jetico for everyone!

Thanks Olap

Firstly the one with little knowledge is me not you.

I think I will watch and see how this develops before trying it out.

 

@ controler

Yes!
Restart Jetico with fresh updated "Olap.bcf" rule

if you have "winxp-pro" follow:

go "Application Table"

- kindle "Allow DHCP request"
- kindle "Allow DHCP reply"
- kindle "Allow DHCP update request"
- kindle "Allow DHCP update reply"

go "IP Table"

-kindle "Allow DHCP request" and "Allow DHCP reply"

go "Start"-->"All Programs"-->"Jetico"-->"Configuration Wizard"
go "Trusted zone" and enter your "Router" IP (example 192,168.2.0/255)

if you have win "2k0" follow:

go "Application Table"

- kindle "Allow DHCP request" rule and readdress "application" from
"C:\WNDOWS\System32\svchost.exe" to "C:\WINNT\System32\services.exe"

- kindle "Allow DHCP reply" rule and readdress "application" from
"C:\WNDOWS\System32\svchost.exe" to "C:\WINNT\System32\services.exe"

- kindle "Allow DHCP update request" rule and readdress "application" from
"C:\WNDOWS\System32\svchost.exe" to "C:\WINNT\System32\services.exe"

- kindle "Allow DHCP update reply" rule and readdress "application" from
"C:\WNDOWS\System32\svchost.exe" to "C:\WINNT\System32\services.exe"

go "Ask User" table find "services.exe" rule and readdress from "AccessToNetworOnly" to "TrustedZoneOnly"

"Ask User" table and direct all system application rule to your system point

go "Start"-->"All Programs"-->"Jetico"-->"Configuration Wizard"
go "Trusted zone" and enter your "Router" IP (example 192,168.2.0/255)

start your "browser" with "FullAccess" rule
test on internet and come back

Have Fun...

 

Looking at my local area connection, I have IP address then have default gateway address. I guess what i have is technicaly a gateway and not called a router so I should use the gateway (DHCP Server IP) ?

controler

 

Yes , default gateway, enter IP 192.168.2.0/255

 

Olaf but my default gateway is 192.168.0.1

You are confusing me.

 

Yes enter IP 192.168.2.0/255 this is in range 192.168.2.0 to 192.168.2.255

 

I am finding Jetico will not save my rules. If I shut it down and restart it, it is back to the old rules. I am thinking it is time to change firewalls.

controler

 

@ controler

go Jetico-->Options-->General and - kindle "Automatically save changes"

 

Hi controler,

This is your router IP.
For Jetico config, you would enter 192.168.0.1/24 (CIDR format (this is how it will show in Jetico))
As networkmask it would be entered as 192.168.0.1/255.255.255.0

 

Stem welcome back, only with less hate please!
and please stop post without tangible rationale, otherwise I must change
this threads name to "Olap rule making me crazy"!!

Holla at ya boy!
Go ahead and try not sue me!

You have now Rule that artless Jetico use, this is New Age!
someone will verify him so many they won't do him, but Thats it!

quick deployment of "FullAccess" rule, this rule permit to any
application "only"!! outgoing to internet to any IP any port
and then Rule "continue" is not "Allow all"!
similar how "LocalhostOnly" rule permit any
application "only"!! to "Localhost" and then "continue"
with this Rule you are Full protected, you have option
for more fine tuning "Packet Filter" rule and "Application" rule by you self!

sooner or later you will use her all, matter of time, is free alternative!
maybe you see similar rule by next JPF2.0.0...I don't know? maybe?LOL
See Ya... by next.! I am maybe really geek´s, I don't know! LOL
nevertheless its just a game..
goodby... and Have Fun...

I must go...

Sailin' the high seas, matey! Away and away....

 

Thank you for the welcome,.. but I only posted to correct your posts

Incorrect info for "controler" config.

I have nothing personal against you,.. only your ruleset,.........and would certainly not use your ruleset.

 

olap,
First of all, please stop editing your posts, it is a little difficult to follow at times.

why would I attempt,..

I respect very much your attempt and effort to make Jetico more easier for users, but from tracing your ruleset, there are a few holes.

Please,... re-check your logic behind your ruleset.

I thank you for this, but find it undeserved, I simply attempt to help others with configs. (I have posted before, that I would/will not post full configs for Jetico, (due to a possibility of error, I will only post rulesets_per_app,))

I am not angry, just concerned for the safety of others on the internet.

I will admit, I am stubborn at times, but will accept new, if it is better.

Maybe,.. but I hope not.


Maybe "olap ruleset 2" will be better,....
Best regards,

 

olap,
As I have been unable to set up to test, I got one of my associates to run some attacks (connection attemps) while I was browsing with IE using your ruleset. I set the TCP SPI to logging for this. My associate managed to connect in. Log attached.

 

Stem
Bravo, this is "acept Stateful TCP Inspection" rule (enabled SPI inspection not connection)
now enable "log level" in rule "Block All not Processed IP Packets"
you must go to yuor "associates to run some attacks (connection attemps)"?? again
same test you can make faster on http://www.pcflank.com/ or https://grc.com/x/ne.dll?bh0bkyd2
right click on it in Log then "Copy text" and you can see same SYN packet
rejected by "Block All not Processed IP Packets" rule

Have Fun...

 

@ khazars

use updated rule from post #40 is enabled by default.

 

olap,
The inbound was accepted. Check the log, a SYN_ACK was returned.
These are not simple pings/scans for ICMP that where made.

I have cetainly wasted too much time with you on this,.. as you think that if a firewall does not return ICMP, then that will keep you safe.

 

Stem

I have cetainly wasted too much time with you,

"I got one of my associates to run some attacks (connection attemps)" ha, ha, LOL!

You has entered the zone that your mind cannot conceive!


If you wish to make me laugh, say wath you think! you and your associates! LOL LOL

Have Fun..

 

Thanks for your rules, it's the first time I could really test Jetico. Everything seems great, except my speed is totally down with Jetico. My max speed is about 1.8 MB/sec, with Jetico running it's like 90kb/sec. Quite a big hit on my connection

Any idea what this might be?

 

@ rpi

explain your connection (LAN, router)?

 

It's LAN connected to the Internet through a router (IPcop).

My router adress is 192.168.1.1
Subnet of course is 255.255.255.0

My system is using a fixed IP address, in this case: 192.168.1.5

 

go post #52

 

Absolutely no change. Something in your ruleset makes the connection extremely slow.

 

enter your fixed IP address

 

Uh, you mean in the configuration wizard? No change at all. It's still slow as hell, max 98kb/sec. Tested with http://www.speedmeter.nl.
I load your config. I apply the changes from post #52 (altough I don't get the DHCP stuff - I have a fixed IP). I apply your config, some popups about programs I set accordingly. I set Firefox to Full Access. Suuuuper Slow. I apply "Allow All" to see if it's because of Jetico - but no. Now everything is fast as it should be.

 

Uh, you mean in the configuration wizard? No change at all. It's still slow as hell, max 98kb/sec. Tested with http://www.speedmeter.nl.
I load your config. I apply the changes from post #52 (altough I don't get the DHCP stuff - I have a fixed IP). I apply your config, some popups about programs I set accordingly. I set Firefox to Full Access. Suuuuper Slow. I apply "Allow All" to see if it's because of Jetico - but no. Now everything is fast as it should be.