Jetico making me crazy.

I'll check on that, thankyou.

 

Coolio10.W32

...If only there is a free removal tool.... Mods, perhaps...?
On the grounds of way to much noise with no substance and crossposting. Diametrally opposite to someone such is Stem...

Coolio10, it's very reasonable to assume that Boshogun has read your "Why Pick ..." thread. There's no need to shove it down the throat to everybody. Thanks.

 

After the wake up event from Standby/Hibernation on a WinXP SP2 machine, Jetico v1.0.1.61 outgoing traffic monitor always displays no traffic.
In this instance, it also fails to maintain stealth status when tested against Shields Up's All service ports test (some ports showing closed instead of stealthed); adding a Block outgoing RST/ACK rule next to Block SYN has no effect. A reboot does cure this issue until the next standby/hibernation event.

 

I just ran this on my machine that has been up for 3 days, also with 1.0.1.61, and it passed all ports. Could it be something else in your setup?

sfsg

 

Hi sfsg,

The Jetico stealth issue only arises after the system wakes up from Standby/Hibernation; otherwise no such issue, regardless of how long the machine stays on. As for my setup, I have another PC in the LAN (no DHCP/static IP on both).
I have found that the stealth issue is directly linked to the state of the LAN upon wake up (no issue with fresh boot or reboot). More precisely, if the LAN is inactive when the system wakes up, then Jetico will encounter the stealth issue; and that problem will remain until the LAN becomes active. Boot the LAN's other PC, and Jetico's stealth behavior returns to normal until the next Standby/Hibernation; so far, just a workaround but not a real fix.

 

Hi, using jetico v1.
I was wondering if someone would know why jetico blocks my keyboard and mouse when trying to play some games. I don't know if this behaviour deals with protocols or process attack table

 

Hello wjuuv, Welcome to Wilders,

You would first need to check the "Attack Table" to see if you have blocked any "global hooks" being set by your mouse/keyboard.
If nothing is being blocked, then in the "attack table" go to the "ask" rule, and set the logging to "notice", then run your game, if the keyboard is still blocked, exit the game and check the logs to see if an "ask" for global hooks as been made.

 

you sure rule !
Indeed, it's in the attack table. I don't know why I didn't have the ask entry (must have been a mistake) but restoring it made ask messages reappear during game launch which solved the problem.
Thanks a lot

 

Good to hear,.... and your welcome.

 

edit Jetico application table?

My first post here - please excuse if this question has already been asked.

Say Jetico asks me to allow/block a new application, and by mistake I make the wrong choice, is there a table somewhere (say, similar to Zone Alarm's) where I could edit and change my choice?

At the moment I'm forced to revert to factory settings to fix this. Any help would be appreciated.

 

Re: edit Jetico application table?

Hi jose22, Welcome to Wilders,

You will find the applications you have allowed or blocked in the "ask user", here you can edit or delete etc the rules you have created via the popups
Simply select the "ask user", right click the entry(application) you want to change, this then gives you options, in the example I have chosen to "edit", this then brings up the rule window, where any part of the rule can be changed.

 

New with Jetico 1.
Be patient only the 2nd day.
Current problem:
When I run Skype I get datagram pop ups in abundance making it impossible to use.
What table and rule configuration should I use,please ?
I am gradually getting through reading this thread and
Stem's pics are helping a lot.

 

Hi pachapapa, Welcome the Wilders,

I do not use Skype,.. but it looks like you are creating rules with specific ports for an application that requires many random ports for datagrams(UDP)
What I would suggest, is go to the ask user and check the rules you have created for Skype,.. look for any rule for your Skype application that as "send datagrams" or "receive" datagrams", you should only have one of each (or only rules with one direction (send or receive)).
So first we need to remove all the excess rule for datagrams, just leaving one rule for the direction needed.
So lets say (for example), that all the rules for Skype (for datagrams) are send. Right click and delete all the "send datagram" rules (for Skype), leaving just one. When you have done this, right ckick the last "send datagram" rule and select "edit", this will bring up the "rule window" (see pic), open out the rule (as shown), and remove the local and remote ports from the rule,.. once done, click ok. This then will allow Skype to send datagrams from/ to any port.
NOTE: You may also need to change the "address type" to any (this depends on if you connect to many different IPs with Skype)
(make sure the rules you delete/edit are for the skype application)

Repeat this if you have rules for "receive datagram"

Post back if you need further help.

Pic:-

 

Re: edit Jetico application table?

Many thanks for your detailed solution(s), Stem - you are a true wealth of information!


jose '-)

 

Hi!

I want to set up a rule for these "access to network" basic question made by jetico...
So I made a rule which i use for the system applications and other trusted programs which shouldn´t access the internet (or at least i want to be asked). (e.g. O&O Defrag which needs a loopback)
In my rule i changed the protocol form "any" to "local sockets".
I´m not an expert so my question now: What´s means "local sockets" protocol? For me it seems better to reduce the allowed protocols. Any should be any protocol and local sockets is just one allowed protocol. Or is this totally wrong?!

Thanks for your help!
DerDuke

 

This means access to any protocol on any port.
The use of this will depend on the "event" you put in place within the rule,.. example, if you place the "event" as "any" then the rule will allow all outbound and all inbound for any protocol on any port.

 

First of all: Thanks for the quick reply!

So I was totaly wrong...
The event is always "access to network" and i choose "local sockets" as protocol: So I allowed any protocol and any port for my "trusted" programs.

So it´s better to click okay in every case i´ll be asked for "access to network" (and click remember my answer)
Or did i get it wrong again?

 

First, what does "access to network" mean,...
Allowing a program "access to network" will allow that program to use any "open" rule (any rule that is not bound (no application is within the rule))~ examples are (from default installation/ optimal protection policy) "listen on port" / "DNS lookups",...... and access to the trusted zone (this can be found by running the jetico "configuration wizard").
So,.. if you want a program to be able to access loopback, then simply allowing that program "access to network" will allow this (as loopback (localhost 127.0.0.1) is placed within the trusted zone by default)

 

I think I got it now.

But one question left:
The "open" rules are found directly in the Application Table?
There´re 4 rules (listen UDP, TCP and DNS in, out) that aren´t bound to any other table. So with these i can control the "access to network"-rule? (expect the trusted zones, which are configured through the wizard).
Am I right this time?

Thanks in advance!
DerDuke

 

Sorry,.. I do not fully understand. Could you explain more please.

 

My english is not so good... So I´ll give a try with a picture:

http://23dukes.googlepages.com/Jetico.jpg

You said something about an "open" rule, which isn´t bound and than some examples (DNS; listen ports). This open rule defines what "access to network" does.

Is it possible to change this "open" rule? In case it can be changed: Where to do that? (My first thought was the rules marked in my screenshot)
In other words: Is it possible to change the default "access to network" rule function. E.g. not to allow DNS requests but allow to listen on ports.

Hopefully this is better to understand

 

Yes,.. thank you.

You can change any rule,.... or group them into a user ruleset so that only certain programs can have access.

But something I should of made clear. Allowing a program to "listen on port" does not allow that program to take inbound, be it datagrams(UDP) or connections(TCP) [unless a rule is in place to allow this], you would be alerted to this by a popup. The DNS rules you mention (allow out/in datagram), will only be used if you disable the DNS client,... you can, if the DNS client is active, untick these 2 rules,.. the DNS client will use the DNS rules that are in the "system Internet Zone"

To change/edit a rule, right click the rule you want to edit,.. and select "edit" (see pic in post 436 as example)

 

Wonderful!

Thank you very much for your patience, the quick replys and the competent answers! Seems like you´re a walking dictionary

Greets DerDuke

 

Your Welcome,...

Regards,
Stem

 

@Stem
Hi, can you explain me, how to save my rules without the rest? It should look like your ruleset. Only this 3 application rules: http://img165.imageshack.us/img165/5650/jetlm9.png (and not the whole configuration).

Thx
Ps. Sorry for my english...