Hi all, Ive just downloaded Kerio Personal Firewall 4, and ive noticed it doesnt ask me if i want to permit or block applications when i start programs, like Zonealarm and other software firewalls do. I have enabled the option "Use existing system security rules, or ask me" option under "When an application is about to start". But it doesnt ask me when i start new applications, it just doesn't feel safe, What if a virus or a dialer trys to connect to the internet, it will let it. Any ideas how to fix this?
cibaker It's been awhile since I tested KPF4. If it were me, I would download the manual or check the help file closely. It should alert when apps try to open other apps. Kerio
You might want to consider another firewall. Kerio 4.1x is quite buggy still. I'd give it another 3-6 months before they get things stabilized. I played with several of the beta's before the 4.1 release and there were many bugs. Then they rushed right into release, with many things unfixed. Check Kerio's forums for more info and see some of the problems others are having..
Kerio v2.1.5 is an excellent choice. I still use it among many people who tried Kerio v4.x and couldn't stand it.
Just to make sure (because I forgot to) you did place a checkmark in the "Enable System security Module" at the top of the applications page.
hey james2323... care to explain "fragmented packets" and their mishandling? What kind of hacker would implement THAT attack on a poor home user? Maybe such an attack from usual website is more probable (just as a result of poor programming)
Yes, this is very true.. I have stopped using 2.1.5 because of this problem. Not only fragmented packets, but it looks like it doesn't handle TCP with certain flags also. A lot of Kerio 2.x users are going to be very unhappy about this. The sad thing is, I'm betting that a lot of people are just going to ignore it too. See the thread below for more details: http://www.dslreports.com/forum/remark,11787449~mode=flat
LOL, it does not take a hacker to craft fragmented packets. Altough Kerodo apparantly just discovered it ,it is actually very old news. Search this forum for details.
LOL, sure they will ignore it, they have ignored it for years... Search this forum for instance and you will see it is periodically mentioned.
Here's a tip, most people have no idea at all about TCP/IP at all. SYN, ACK,FIN etc just greek to them. To many, a good firewall is something that gives them a stealth rating at grc, and one that blocks leak test
hmm... so is it impossible for us to "break into" kerio's "hiden" default rules that show up in the logs but not in the ruleset listing? Kerio 4x IDS may be manipulated (its snort based), but I was told that the rest is encrypted. So can we? Shouldn't a 3rd party program exist for this?