NetVeda 3.61 released

But what about all the other settings that Clansman etc have enabled?

Thanks again,

Jag

 

Seems that you are not able to block explorer.exe with this firewall. A bug perhaps?

 

Techincally, you don't really need to block explorer.exe but JW has a nice rule to do so, trusted DLL applet should handle that anyways.

As for other rules, that is specific to their machines, in your case, if you get totaly stealth, no need for any other rules.

 

Arup,

Do you know what the rule is to do so?

Also, what is the dll stuff you speak of? Do you mean having checked...

* Enable component trust
* Activate component learning. (Discover components incrementally)

That is the only thing that I could see relating to dll's

As for stealth, im not sure. Im behind a router so I would have to place my pc in a dmz and check for stealth.

Thanks for your continued help.

Jag

 

Yep, turn on component trust and within few days, turn learning mode off. For explorer block rule, check out JW rulesets, he has done it real nice.

 

Who is JW by the way? Do you have a link by chance?

 

JW is initial for our long term NetVeda user, Just Wondering of course, he has already posted here in this thread if you check it out.

 

Yeah! I know that ICMP3 out is blocked. In fact it means "stealth" from UDP scan but what I see is that NetVeda allow ALL UDP inbounds. Is it common in other pfws or am I (again) missing something?
If "all UDP inbounds allow" than IMHO it is very bad

 

Is it necessary to set up the rule this way? If you go to app control and right click on explorer and select deny does that achieve the result?

 

INHO. I too have just recently stated using this FW, and I can tell you that even after years of experience using Kerio 2.15, I find SN somewhat difficult to setup with 100% confidence.
Also, all of a sudden, upon cold boot up, the SN sytray icon doesn't load. Reboot and still no load. Clicking on the Taskbar Icon in the Startup menu then loads the icon to the systray but it is not functional. I had to uninstall and reinstall to fix problem. Anyone else seen this?

 

I installed NV and it did not stop anything going out. Did thorough uninstall and checked that remnants of old f/w's were also clean out, then on re-installing it worked.

 

Is there a loopback rule for Netveda. Just discovered that it is allowing anything to connect via Proxomoriton (local proxy)

 

For proxy, you have to select Proxy configuration, NetVeda then sets it accordingly.

 

Arup! I see that U mastered Netveda somehow. Could U drop a line about my "allow all UDP" question? Please.

 

hey guys,

after sorting through the many other firewall options, I landed on this one. It looks pretty cool. I tried it out at the grc.com site and it worked for every single test though I dont know how much that guarantees. I went to http://tooleaky.zensoft.com/ and that site explains how if you have internet explorer as one of the trusted programs, you pretty blew your entire security shield. So, I tried for a way to block internet explorer but there isnt one. So I just went to Tools->Connections->LAN Settings and checked the proxy server box. This prevents my ie from connecting to internet (it appears that way at least) Was what I did stupid and redundant or was it helpful? After doing this, my computer passed the LeakyTool test. I wonder though...

 

Thanks Arup

After messing around with it last night, this morning it was blocking all attempts to connect. The icon was showing green (not configured). On looking I had the miniport and realtek selected on the right. Unselecting the miniport and putting it on the left made no difference and on re-booting the configuration had reverted. Tried several times. So for the time being I have reverted to Kerio 2.

 

Again, upon cold boot, no systray icon. I've e-mailed support. Awating reply, will post again if resolved. Restored Ghost iamge and back to CHX-I.

 

dholiday

Check in msconfig if ipcTray is checked in startup section.

Make sure all NetVeda items are checked in services and startup.

 

Hello marceli7,

I think you are correct. NetVeda seems to be allowing in inbound UDP but refusing to reply to it: the log shows the bytes received, but the bytes sent is always zero. Another clue that NetVeda is allowing the inbound UDP is the fact that the inbound UDP is showing up in the "Net Activity" log instead of the "Alerts" log.

I'm not sure why this would be allowed by default. Hopefully, this behavior is something that can be easily changed.


Phil

 

When I experimented with it a while back, I also noticed the outbound icmp 3 resulting from UDP packets getting in thru the firewall. I assumed it was fragmented packets getting in and reported it to them, however, perhaps the problem is worse than that..

 

I decided to gve netvida a try and I've got somequestions regarding my settings.

I'm ona wireless network on dsl internet.

Under system config:

Nat router is checked
Internet:Wan Miniport
LAN Adapters: Realteek RTL8139 ethernet

and under security everything is checcked except the last check box.

when I click net activity, nothing is shown under interrnet adapterss. But when I switch to LAN adapters, theres a traffic going on.

Are my setttings ccorrect and is this how its supposed to be? Am I protected wwith these settings?

 

I found the same and had to switch it around to make my LAN adapter (Netgear wireless USB) the internet adapter and the WAN miniport my LAN adapter.

I've read so many good things about this firewal but I just can't bring myself to like it. Shame coz it must be pretty good going by all the positive reports on this forum.

Also I don't find it that light. The 2 ipcXXXservices combined use about 13-15MB on my PC. The latest Zonealarm free only uses about 12MB, Sygate Free uses about 15MB.

 

Memory usage is dynamic based on what the program is doing, as well as how much memory you have (total, and free), so in my opinion it is usually not a very good indicator (unless it eats up all your memory and must swap from the HD). For me, ZA bogs me down a considerable amount, especially on start-up, which may or may not show up in memory usage.

 

The initial configuration of NetVeda is really quite simple, but can be confusing until one understands the NV concept of the terms Internet Adapter and LAN Adapter.

If the computer you are intalling it to does not act as an internet sharing gateway, then from the NV point of view you don't have a LAN adapter to configure or LAN computers to control. In that case, Installed Routing Configuration would be None and no LAN adapter would be configured. You would only need to select the Internet Adapter(s) that connect you to an ISP under the Internet Adapter(s) box. This could be your wireless LAN card, for example, and/or the WAN miniport if you connect using dialup.

If the computer does act as an internet gateway, then Installed Routing Configuration would be other than None, most likely NAT Router if using ICS for example, and you would then configure an Internet Adapter and also another LAN Adapter and could then also establish policies for each LAN computer served through the gateway.

Simple, huh?

 

Very confusing...