Hello, I have been a user of Kerio Personal Firewall for a while now, but noticed that it scored very badly on firewallleaktester.com. So I decided to give LnS a try. I have a few questions before I commit to a purchase though: 1. In Kerio I marked something as safe for internal and external access separately. In LnS I just mark an application as OK. Am I right in thinking the internet rules govern server access rather than the application ones? 2. I imported the edonkey and emule rules and changed my Shareaza port to 27580. Shareaza can now connect to all the networks but I still think Gnutella 1 is being blocked. Is there anything else I should do? The link to the shareaza rules file was not valid. 3. Windows XP SP2 does not detect it as a firewall. I think a new version is coming out to resolve this. Is "2.05p2" an update? (Does "p2" mean preview - ie beta - release?) 4. Are Application Layer Gateway, LSA Shell and Generic Host Process safe to access the internet? Kerio also used to ask me about them but I never knew what to answer! 5. Shield's Up (http://www.grc.com/x/ne.dll?rh1dkyd2) is reporting that I have RPC and MSFT DS ports open. Kerio passed all these tests. Why is this? Any help would be very much appreciated. Thanks, John
Hi, Yep, application filering's purpose is to give application rights (acces internet, launch another application to access internet and restrict outgoing connection), whereas internet filtering is mainly aimed at incoming connections. 2.05p2 version was designed, among other features, to allow security center detection of LNS under Windows XP SP2. Take a look at this topic I am interested in answers too! For sure, there are some sites describing this but I am a lazy boy sometime
lol, yeah right But in LnS, by design, application filtering rules outbound whereas internet filtering rules mainly inbound (in terms of applications rules). PS : thanks for your rule-set
If you mean LnS fails while Kerio passes... its probably because there's a rule in LnS to "allow" these ports to communicate (check with port no.s) and Kerio has a rule that blocks them. It maybe in the form of a definite rule that identifies port numbers, or a general rule like "Block all" at the bottom of your ruleset. Also, you fail to mention version nos. (especially for kerio... is it v2 or v4?)
Have you loaded the EnhancedRulesSet.rls? or you still using StandardRulesSet.rls? If you are still using StandardRulesSet.rls, goto "Internet Filtering" screen, click the "Load..." button and select EnhancedRulesSet.rls file and click "Open" button.
Yeah I have loaded the advanced set. I've also imported in a few other rules such as edonkey and FTP so I may have messed something up. I don't really know what these ports are or if they are dangerous. I was using the latest version of Kerio (4.something)