Hello, am not an expert in this stuff, just learning from you. Using BZ's advaced ruleset i was trying to pass PCaudit test. At begining kerio failed. when "Loopback and AntiSpoofing rule" were added kerio pass the test. OK. I added the "NOD32 Update" rule and few minutes later tried PCaudit again to see the effect and Kerio failed My "NOD32 Update" rule is: TCP Permit Outbound, local port: any, remote ip address 64.82.106.116: 80 app: nod32krn.exe I ran all the tests at http://perso.wanadoo.fr/jugesoftware/firewallleaktester/eng/index.html my kerio fail 2: PCaudit and DNStester. then installed PG free version to protect kerio. Now PCaudit said: ... error... bla bla... read pcaudit.log" it is posible protect my box from attacts similar to PCaudit using kerio 2.1.5?
not sure if 2.1.5 can do it alone. In Process Guard free version, I think you can utilize the MD5 check/add feature to add all your valid executables, anything else should not run. if PG can't do it try SSM or AP ssm: http://kormushkin.narod.ru/ssm.zip http://maxcomputing.narod.ru/ssme.html?lang AP: http://www.abtrusion.com/Downloads/