Looking for a Kerio Replacement

I have used Kerio for a long time... I recently uninstalled it due to it's nagging and some bug issues was getting with the new version. I tried out a few different softwares, including Comodo. Comodo seems to be the best replacement I have found so far, but I really do not feel safe with it. I have witnessed Comodo allowing programs to use my connection without it prompting and I have double checked my configuration to ensure that I have no settings that would allow such. I am looking for a solid replacement for Kerio that will provide me with bi-directional protection and if possible application execution protection. I am looking for a free solution.

 

if u want a free firewall,jetico 1.0 is the best choose.
if u want a powerful fw, ZA pro maybe the better.

vsmon.exe is the ZA main program.
when donwload speed is 100k bytes/s, the cpu usage is about 4%-9%, not making the foregroud program slow.

 

jetico
http://www.jetico.com/jpfirewall.htm

 

Comodo seems to be the best replacement I have found so far, but I really do not feel safe with it. I have witnessed Comodo allowing programs to use my connection without it prompting and I have double checked my configuration to ensure that I have no settings that would allow such. I



I am not 100% sure but I have the feeling you did an "automatic" installation, scanned for "known" applications...Comodo has a white list..That is..comodo thinks those apps, in its white list, are safe and when they try to connect to the net it wont give you no prompt..it will let them thru and report nothing.

What you could do is launch comodo, hit security->advanced->miscellaneous and untick "Do not show any alerts for the applications certified by Comodo"..

That way even if any of the apps trying to connect are certified by Comodo you will get a popup.You can click allow/deny and tick "remember".

If I am wrong some Comodo users will sure jump in, tell me off and help you out

 

I think you are not a kerio 2.1.5 user?

We don't want to change to any other firewall. With usually less than 5 MB memory usage and zero CPU noticeable in Task Manager.
We might add hips programs etc, but being very satisfied with packet filtering of kerio as a basic firewall. Some of us may have tried like me other firewalls, but ending back to oldie good kerio.

Kerio 4 is a totally different thing and i can understand if wanting to change away from it.

 

Jarmo,

I was responding to Wildermark.He said he was having problems with Comodo so I quoted him,sorry forgot the " ",and told him what in my opinion was his problem with comodo-I was not suggesting he or you switch to comodo or any other firewall.

 

I have always been a major hater of ZA... I have many many reasons from past knowledge of it to just hate it. I place products like ZA in the same category as McAfee and Symantec. I did try Jetico also, but it felt like one of the most unsafe firewalls; maybe this was because it seemed to lack good configuration ability. Kerio 2 is really old now and with some major exploits, that's just insane. yeah, you were right about the safe application thing... *bangs head*

 

kerio 2.1.5 does still packet filtering same as it always did. You are propably thinking some newer firewalls with added features that need updating.

And sunbelt Kerio sure needs updates, cause it never will be finished and working fine I guess
Always just a beta, if even that, lol.

 

Kerio Personal Firewall Local Denial Of Service Vulnerability
2004-12-08
http://www.securityfocus.com/bid/11859

Kerio Personal Firewall Local Privilege Escalation Vulnerability
2004-01-29
http://www.securityfocus.com/bid/9525

.. but yeah, I've seen Sunbelt Kerio 4 just crash out of nowhere...

 

There is that Volker Birk in some newsgroup firewall forum.
Totally useless to post there any, cause always spam by him. In some ways i agree with the moron.

I would use only SP2 firewall though if there were not simple no problem filtering firewalls like Kerio 2.1.5 or Sygate 5.5. Sygate has a local proxy issue though with loopback address.

The whole firewall thing has become bloated and all have this or that problem.

Or just clumsy to use like Comodo.
I could not get my netphone working, sure it needed incoming udp ports and also a separate DNS rules. All so easy with kerio 2.1.5.
Then I wanted to change my IP by MAC address change. Was propably some network rule needed, but forum sucked and I was no more interested then. Needed a reboot always to do that, heh. One needs flexibility and usability from a firewall. Not a straight jacket. If there had been a ruleset to save and not made into windows registry, I would have kept it longer and investigated more.

 

I am a little surprised by this satement, packet filtering within Jetico is down to flag level.

 

Zone Alarm, Comodo, and Kerio are among the major free firewalls available. I thought I read somewhere that the new version of Jetico will no longer be free. The remaining free programs have less number of users.

http://www.matousec.com/projects/windows-personal-firewall-analysis/links.php

Ashampoo has a new free firewall program, however, testing of it did not produce good results.

 

To my undertanding, Jetico V2 will require license. But to be honest, as of now, I cannot see why anyone, who is using Jetico would want, or need to change/upgrade to V2 of Jetico.

I still do not like (personally) any firewall with hard_coded rules (just one of those things with me), and the free version allows too much out, (any firewall should only allow out/in what the user specifies)

 

Maybe it was how the way too simplistic up/down arrow icon felt and the way that specific rules are made on the fly, but Jetico 1.0 is hard to beat.

 

For a long time i use Kaspersky Internet Security that includes AntiHacker. I'm very satisfied , i think that Antihacker is among the best firewalls.

 

I think Kerio 2.1.5 when behind a Hardware Firewall it is just grand. I would not change under those circumstances unless there was a damn good reason too. Particularlly on a resource challenged machine.

 

Really? What about a BSOD at [every] boot?

 

I believe that qualifies as a damn good reason.

 

Regarding the exploits listed for Kerio 2.1.5:
from http://www.securityfocus.com/bid/11859

This is not a remotely usable exploit. The attacker must be local, aka on your keyboard or network.
from http://www.securityfocus.com/bid/9525
see http://www.tuneld.com/_images/other/kpf_system_privileges.png
Another local vulnerability, not remotely exploitable.
Regarding the screenshots shown on the lower half of that link, setting a password for Kerio administration makes those screens inaccessible to another user.
These "vulnerabilities" are only a problem if the attacker in on your network or in your own home. They aren't exploitable from the net. A separate HIPS also neutralizes the "exploits" completely.
Rick

 

Took the words right out of my mouth...