Kerio

Discussion in 'other firewalls' started by GA, Mar 8, 2002.

Thread Status:
Not open for further replies.
  1. GA

    GA Registered Member

    Joined:
    Feb 9, 2002
    Posts:
    35
    Tried Kerio's version 2.1 and get a fatal error in win XP, buffer problems. GA
     
  2. UNICRON

    UNICRON Technical Expert

    Joined:
    Feb 14, 2002
    Posts:
    1,935
    Location:
    Nanaimo BC Canada
    No problem with Win2K server. Seems like XP is causing alot of problems for developers.
     
  3. GA

    GA Registered Member

    Joined:
    Feb 9, 2002
    Posts:
    35
    I'm going to give ZAP 3 a try. :-/
     
  4. BlitzenZeus

    BlitzenZeus Security Expert

    Joined:
    Feb 11, 2002
    Posts:
    451
    Location:
    Oregon, USA
    Kerio is running great on Win98se, and XP Pro here.
     
  5. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    Just to be on the sure side:

    I presume all of you are talking about Kerio v2.1 Final, released just recently and not about the previous v2.1 Beta?

    Anyway: Kerio PF v2.1 Final is available for download over here:

    http://download2.kerio.com/dwn/kpf/kerio-pf-210-en.exe  (direct download link).

    Be sure to back up your existing rule set and visit the Kerio Forum over on DSLR:

    www.dslreports.com/forum/kerio

    They do have an outstanding moderator over there - known over here as well   ;)

    regards.

    paul
     
  6. BlitzenZeus

    BlitzenZeus Security Expert

    Joined:
    Feb 11, 2002
    Posts:
    451
    Location:
    Oregon, USA
    LOL :cool:

    I thought about plugging the DSLR/BBR forum, but I didn't think it would be approapriate.  I've spent quite some time away from my lurking helping over there too.  We have some good people, but people who understand rule based firewalls enough to actually help are in short supply as most people don't even want to spend the time to configure ZA correctly, nevermind a rule based firewall.

    Yes, I was referring to the latest release of Kerio.
     
  7. GA

    GA Registered Member

    Joined:
    Feb 9, 2002
    Posts:
    35
    Yes I was referring to 2.1 final, that I installed over the beta. Removed and restarted, then reinstalled 2.1 final with the same results. Guess I'll have to try it again after I try out ZAP 3.0.
                    GA
     
  8. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    We aren't that strict over here: plugging any good forum is allowed - we're not participating in some kind of a competition with any forum. Our members/lurkers do have a right to all good info and forums.

    They might count their blessings having you around  :cool:

    regards.

    paul  
     
  9. cj

    cj Registered Member

    Joined:
    Feb 9, 2002
    Posts:
    2
    I for one do count my blessings for the BlitzMan!!! ;-)
    Thank you Blitz you are a great instructor!!!

    Regards,

    -cj.- :)
    _____ )
     
  10. BlitzenZeus

    BlitzenZeus Security Expert

    Joined:
    Feb 11, 2002
    Posts:
    451
    Location:
    Oregon, USA
    UPDATE:

    Kerio 2.1.1 is out http://download2.kerio.com/dwn/kpf/kerio-pf-211-en.exe

    2.1.1 - March 13, 2002
    + Updated about dialog
    - fixed "too small packet bug"
    - fixed bug: driver crashes on Win9x when no network components
    - "persfw.exe" cannot be renamed while running

    2.1.0 Final - March 8, 2002
    + KPF now includes documentation with installation
    + added checkbox "Dont Ask For Each Access To My Shared Folder/Printer"
    + subnet mask auto-insertion feature in filter rules editor
    + cooperation with system modules improved on Win9x systems
    + communication with licensing server is now encrypted
    - removed bug "HookCreateService"
    - spoofing of "persfw.exe" is no longer possible
    - fixed bug in Alert Dialog (DeleteAll + Last Button)
    - removed checkbox "Ask For Action When No Rule Found" for consistency with rule settings
    - fixed managing of executables accross network shares
     
  11. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    BlitzenZeus,

    Thanks for the heads up  :).

    No doubt you can elaborate on your findings in regard to this new version? Please, be our guest!

    regards.

    paul
     
  12. BlitzenZeus

    BlitzenZeus Security Expert

    Joined:
    Feb 11, 2002
    Posts:
    451
    Location:
    Oregon, USA
    Notice the persfw.exe issue in both releases??  Well it took them two tries to get it half-right, and they only threw a blanket over the hole in both cases.  However the second blanket is thick enough to protect you, and you can't poke through it at this time.

    There was a somewhat detailed coversation about the latest release here:
    http://www.dslreports.com/forum/remark,2737057~root=kerio~mode=flat;start=0

    Gwion and others have made some good comments, along with trying to get the full details of how to get the program to capture the MD5 of its programs at this time, and making sure its confirming the MD5 sig of these programs so it can't happen again.

    There is also speculation about why they just don't fix this MD5 problem, and make it check the MD5 of every program without special circumstances to add their own to your list in some cases...
     
  13. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    BlitzenZeus,

    Nice and very informative thread. Thanks for keeping us up to date!

    regards.

    paul
     
  14. GA

    GA Registered Member

    Joined:
    Feb 9, 2002
    Posts:
    35
    Version 2.1.1 also will not work with my system. Buffer problems and fatal exception.
     GA
     
  15. BlitzenZeus

    BlitzenZeus Security Expert

    Joined:
    Feb 11, 2002
    Posts:
    451
    Location:
    Oregon, USA
    It sounds as if your problems have nothing to do with Kerio...  I did a clean install of 2.1.1 on both OS's, and imported my old rules without any problems.

    Here's the yahoo group for Kerio firewall, a couple of the people in charge drop by there if you can provide enough useful data about the problem
    http://groups.yahoo.com/group/keriofirewall/

    XP is a nightmare to bug hunters, and its very likely the problem is related to something else on your system since its running fine here...
     
  16. GA

    GA Registered Member

    Joined:
    Feb 9, 2002
    Posts:
    35
    I did a clean install of 2.1.1 on my system and the message that I get is:   Windows - Fatal Application Exit   Kerio Personal Firewall Driver : MacTransferData : Invalid Buffer Tag . I never had this problem with Kerio prior to version 2.1.
     BlitzenZeus;
     Thanks for the info; I'll check it out.
     
  17. BlitzenZeus

    BlitzenZeus Security Expert

    Joined:
    Feb 11, 2002
    Posts:
    451
    Location:
    Oregon, USA
    Ok, now I know what your talking about....

    Certain types of network cards are causing this problem for some reason, and hopefully this bug has been taken care of in a coming release version 2.1.2 which should be out sometime soon hopefully.  S. Kolar, a developer already knows about this bug, but if the forums are back up yet you might want to scan to see if anyone has the same network card.

    Beta 5 doesn't have this bug for most people with this problem, and that is why they still use it at this time.  If you didn't try the Beta 5 release, give it a shot.
     
  18. GA

    GA Registered Member

    Joined:
    Feb 9, 2002
    Posts:
    35
    Sorry I wasn't more specific with the problem I had. I uninstalled the program and couldn't remember the problem well enough.
    I can't seem to find beta 5; I found it at file forum, saying it was 2.1 beta 5 dated Feb. 18., but when I downloaded it was 2.1 dated March 8th, which will not work.
    Thanks for your help.  
             GA
    I finally got in to Yahoo groups and found it there. Thanks for the link.
     
  19. BlitzenZeus

    BlitzenZeus Security Expert

    Joined:
    Feb 11, 2002
    Posts:
    451
    Location:
    Oregon, USA
    GA, the bug has been reported to be fixed in this new version.  You might want to participate in our forum at DSLR(link above) since we usually discuss the releases when they come out.

    UPDATE: Kerio 2.1.2 is available
    http://download.kerio.com/dwn/kpf2-win.exe

    2.1.2 - March 19, 2002
    + new default rule for DHCP
    + KPF works with NAV2002
    + All ICMP codes
    - fixed "Invalid buffer tag" bug
    - fixed "Unchecked DENY radio button" bug in GUI

    New version is out 2.1.2
    http://www.dslreports.com/forum/remark,2796941~root=kerio~mode=flat
    Reason ICMP All was added(edit: wrong link)
    http://www.dslreports.com/forum/remark,2766238~root=kerio~mode=flat
     
  20. GA

    GA Registered Member

    Joined:
    Feb 9, 2002
    Posts:
    35
    Thanks for the info Blitzenzeus. I have been trying to download it for a while now, but continue to get corrupted files. They must have a server problem. I will keep trying and will probably take your advice. Thanks again.   GA
     
  21. GA

    GA Registered Member

    Joined:
    Feb 9, 2002
    Posts:
    35
    I finally got a clean download and yes they have fixed the "invalid buffer tag" bug.    GA
     
  22. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    Kerio v2.1.3 released

    New release: v2.1.3

    March 27, 2002

    + updated default rules
    + shield from non-winsock protocol drivers
    - fixed synchronization issue between engine and kernel driver
    - fixed leak in send routine
    - fixed security issue when starting internet browser in About dialog
     
Thread Status:
Not open for further replies.