JPF v2 beta progress.

Such problems need to be sorted during this "beta test" period,.. a lot of users cannot resolve such issues,.. and if an option to allow "VPN" is there then it should work without a lot of user input/rules creation, or the option should be removed.

 

As anyone noticed that once an application is allowed "Indirect access to network", then that application can also "create hidden window".
This must be a bug? (If it isn`t, then I dont like it too much)

 

Yes, but i think i was allways asked by a popup for this creation. I will keep my eyes on it.

 

Normally parent->child is flagged with "create hidden window", as with mail client->firefox,.......... but for explorer.exe->firefox,. this is going to "indirect access (parent process)"

 

And where it is the security in this way to proceed? If (Ex.), jpf.exe asks me access to network or hash control after the quarter, fifth startup(when I have already shaped all the other applications), as you can say that what is one that goes well? For me it does not go well not at all. Before installing Jetico I know that I will have to give to its two processes (jpf.exe and jpfsrv.exe), free access to the main functions (network communications, access to network, hash, etc etc), functions that allow Jetico to work correctly and to control the system. For this it would appeal to to me that the processes of Jetico autoconfigure in phase of installation, before all the other applications and not after.

In order to make what you say enough that you go in table the Access To Network and selections reject in place of accept for the application that interests to you. Then if an avanced user need a rule specific(ex. opera need a rule in Access to Network but 2 rules in Network Activity, one for email and one for browser...U can would stop only one of this and so access to network rules in table is ideal but this is a rare case really), can simple make it, so for default config I think no need...but this of course is only a suggest, not an order


-I confirm freezing problems and looooooong shoutdown of sistem when exit...I think this 2 problems parents...(the system is be cleening and young installed). No same problem on 2.0.0.6.

 

It works well now,there was some problems with the server
But the "vpn" option Exist name only,although the option is not chosen,"vpn" can work still.
It must be a bug,which is inconsistent with the wishes of the original

 

Hello Nail,

I have installed beta 2.0.0.7 with default rules, no changes to rules except to answer all pop-ups as "allow". I am not restricting access in any way.

Still no resolution of VNC issue. Inbound connection to UltraVNC server machine running JPF2 2.0.0.7 causes immediate hard lockup. No pop-up from JPF2 ever occurs. Power switch is the only way to reboot.

If there is anything I can do to give you more information, please let me know.

Thanks and regards,
---appyface

 

Hi everybody.

I have got a problem :

Firewall startup bugs fixed (error codes 80080005, 80070776).

I installed Jetico 2.0.0.7 beta, but the bug still appear.

How did this happen ?

 

Because it's still not fixed Under special circumstances - don't ask which - this bug still exists.

Give this a try:

 

Actually, you quote message I have read. And I just tried again.But the result is I failed.


I give up. Waiting for new versions and good news.

 

Same problems; however I beleive it may have something to do with DCOM also.

 

Yes there is DCOM problem too. 2.0.0.7 clean install here.

I notice the following entries in system event log, after enabling 'optimal rules'. I am answering 'allow permanent' to every prompt, I am not restricting access in any way.

Event Type: Error
Event Source: Service Control Manager
Event ID: 7022
The Windows Time service hung on starting.

Event Type: Warning
Event Source: BROWSER
Event ID: 8021
The browser was unable to retrieve a list of servers from the browser master \\<removed> on the network \Device\NetBT_Tcpip_{<removed>}. The data is the error code.
Data:
0000: d4 04 00 00 Ô...

Event Type: Error
Event Source: BROWSER
Event ID: 8032
The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{<removed>}. The backup browser is stopping.
Data:
0000: d4 04 00 00 Ô...


Next I launched Internet Explorer and a prompt was made and access was granted to port 80 to the remote machine. Then I entered into Firewall rules and removed the checkmark for 'remote address', so that outbound traffic for port 80 would be allowed to any remote address, and saved the rule. I edited the Internet Explorer rule again and re-checked the 'remote address' box, JPF2 hung for over a minute before returning with the 'select address group or remote address' pop-up box.

I then notice the following entry in the system event log:

Event Type: Error
Event Source: DCOM
Event ID: 10010
The server {B8BDD88A-23F0-48E5-BD77-22B3778786F5} did not register with DCOM within the required timeout.

I believe this would account for the incredibly long delay before the 'select addres group or remote address' pop-up box appeared.

---appyface

P.S. Even with 'remote address' checkmark removed, the remote address still shows in the listing of rules on the Configuration tab.

 

Hm i am nearly convinced that there seams to be a problem with the 'Computer Browser Service'/ 'Service Control Manager' on WinXP.

Questions:
- You folks who have Jetico Startup Problems are you using WinXP Home or Pro version? SP1 or SP2?
- Does anyone has error message ID 7021/7022/7023 logged in the event viewer?
- Does anyone has error message ID 1003 logged (DHCP Server) in the event viewer?
- Do you have ICS (Error ID 7036) enabled or completly disabled in the LAN conection/advanced tab (both options)?

 

XP pro, SP2

But my message ID is 7036. What is the different ?

No 1003.

ICS is disabled, but haven't try disabled LAN Connection/advanced tab.

 

Event ID: 7036
Event Source: Service Control Manager
Event Type: Information
Event Category: None
Description:
The Windows Firewall/Internet Connection Sharing (ICS) service entered the stopped state.

Event ID: 7023
Source: Service Control Manager
Type: Error
Description:
The Windows Firewall/Internet Connection Sharing (ICS) service terminated with the following error:
The class is configured to run as a security id different from the caller

Its all related to the WindXP Firewall service. An other problem could be that the computer was not able to renew its address from the network (from the DHCP Server - Error-ID 1003) for the Network Card, which may conflict with Jetico.

I am just guessing about possible conflicts

 

You mean my problem doesn't match your ?


But I really have the problem.

 

I had this kind of problem with the first Beta, not anymore with Beta 6/7. But i have all above mentioned services disabled. What i still get is ID 7023.

So everything seams related to WinXP Firewall Service. Nail also mentioned that before. There seams to be the devil.

 

Tommy

As you know I was having trouble with 2.0.0.7 starting the service in Automatic. It would take 5 minutes to boot up. I now have service set to manual.
I am getting DCOM errors, 7036, 7022 and 1003 errors.
I have ICS disabled.
I tried with service set to automatic a little while ago and get the same errors.
I am using Windows XP Home SP2.

Rick

 

Have you tried to start Jetico with disabled DCOM.
As a normal home user you won't even need it, if you are not in a PC-Network. Even than not, because it has been deprecated in favor of Microsoft-NET.

If you need DCOM because you are in a Server-Network, don't block Port 135, because DCOM comunicates on Port 135.

 

No. Not on Server/Network. I can disable DCOM easy with WWDC or SafeXP.
Or some other tool I have.
Just never thought to re-disable after last time I enabled it.

Rick

 

@Tommy
XP Pro SP2 + all post hotfixes, also IE7 RC1 installed
No messages 7021 or 7023. I already reported 7022 (Windows Time Service hung)
No messages 1003.
Windows XP Firewall is off.
ICS is not enabled.
DCOM service is running as JPF test machine is on a network.

---appyface

 

BSOD on moving rules

We received reports about BSOD after moving rules (drag'n'drop). Bug will be
fixed in the next beta. We found that moving disabled rules may
cause BSOD. So please avoid moving disabled rules for a while.

 

Jetico has done when I closed 135 port and disabled ICS/ICF and set to manual.


Thank Tommy so much.


Nice to see next fixed beta.

 

U R lucky
How do U close 135 port before starting jetico and ICF disabled?

Seems Jetico betas too buggy for me, so waiting for release

 

It's complicated.

You can see http://www.securityfocus.com/infocus/1559

That's detail.


Good luck.