A question and some advice please...

Discussion in 'other firewalls' started by fannymites, Sep 15, 2005.

Thread Status:
Not open for further replies.
  1. fannymites

    fannymites Registered Member

    Joined:
    May 7, 2005
    Posts:
    93
    I've been using kerio 2.15 for some time and I'm looking to change to something more up to date but free, light and preferably still rules based. I know there are tons of "which firewall...?" threads but I'm looking for some specific advice.

    Firstly, how important is it to be able to control which local ports applications can have access to? I ask this because I've tried both NetVeda (which won't work properly on my comp anyway) and filseclab and I liked them both but was unable to control the local ports access.

    Secondly, I've been looking at SoftPerfect but it doesn't seem it has app control and R-Firewall which looks really promising and reminds me of Outpost Free which I used to use but like Kerio, is a little ancient.
    I've read threads on both but nothing really recent and I would like to know if anyone has been using either for any length of time and whether they have proved their worth?

    Finally, I remember a while ago there was some mention of an open source version of Kerio 2.15 called KerioKlone or Ghost or something. Is this still in the works or it is ever likely to see the light of day?
     
  2. Kye-U

    Kye-U Security Expert

    Joined:
    Jun 11, 2004
    Posts:
    481
    I was a Kerio 2.1.5 user, and I've recently switched to Look'n'Stop 2.05p2.

    Light-weight and rules-based.

    That open source project doesn't seem to be very active.
    http://kerio.sourceforge.net/
     
  3. fannymites

    fannymites Registered Member

    Joined:
    May 7, 2005
    Posts:
    93
    I've read so many good things about Look n Stop and it would probably be my first choice but I'm looking for freeware only at the moment.
    What happens when the trial version runs out? Does it stop working or switch to a "Lite" version and if so what are the differences?
     
  4. The Hammer

    The Hammer Registered Member

    Joined:
    May 12, 2005
    Posts:
    5,619
    Location:
    Toronto Canada
    See here for free version description: http://www.spychecker.com/program/looknstop.html
     
  5. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    (http://www.spychecker.com/program/looknstop.html)
    I don't have these qualifications, so I skip LooknStop, otherwise the subforum "LooknStop" would be too small for my numerous questions.
     
  6. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    LnS Lite is strictly a packet filter, no application control.

    Regards,

    CrazyM
     
  7. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    Are you referring to the ephemeral port range used by your system (1024-5000)?
    If so, not that critical, just another step one can take to refine firewall rules and provide a heads-up if something is out of the ordinary.

    Regards,

    CrazyM
     
  8. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    Depends on the application. For those that initiate network connections, only remote port restrictions are important (the local port will be dynamically assigned by Windows so trying to set restrictions here would be pointless).

    However for applications that accept incoming connections (which includes any server software plus P2P clients), local port control is more important since it allows you to restrict incoming connections to that program only, without allowing access to other (possibly vulnerable) ports used by other programs or Windows itself.
     
  9. fannymites

    fannymites Registered Member

    Joined:
    May 7, 2005
    Posts:
    93
    I do have all apps set to use only the 1024-4999 local ports range in kerio but yes I was thinking more about p2p and chat messengers which I have restricted to only use certain ports but it doesn't seem I can do that with either NetVeda or Filseclab.
     
  10. samar

    samar Guest

    my advice (for free rule based FW): Sygate or Kerio . dont bother with others. you'll lose your time and nervs.
     
  11. fannymites

    fannymites Registered Member

    Joined:
    May 7, 2005
    Posts:
    93
    I was under the impression Sygate was being discontinued, though I haven't read anything in detail about it.
    Also, I'm sure last time I used Sygate you could only add a certain amount of rules, like 10 or something, is that right?

    Looks like I will be sticking with Kerio a while yet.
    Does no-one at all use R-Firewall?
     
  12. Dave-54321

    Dave-54321 Guest


    Sygate Personal Firewall allows 20 Advanced Rules. Sygate has recently been bought by Symantec and will likely not have any new updates anymore. Not like they updated much before though, anyways.

    I have only seen bad new about R-Firewall, regarding installation. I haven't heard a single good thing about it.

    You may want to try Jetico Personal Firewall, which is free and has many detailed rules that you can mess around with.
     
  13. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,780
    Regarding Jetico...

    They seem to have ceased development and stopped listening to user's
    ideas and so on. It appeared to have promise at one time. Many find it
    too annoying with an excessive amount of popups. I found it pretty
    good, but you had to invest some time in configuring and tweaking it
    first to get it to a usable state.

    Watch out for one problem, it sometimes can have compatibility problems
    with certain software and drivers. If you run Avast AV, it will popup
    with a notice at install (after the 1st reboot) and then do another
    reboot to reconfigure driver stuff. I changed network adapters here
    recently to a wireless setup, and installed Jetico to try it again. It
    proceeded to go into an endless reboot loop, which you had to manually
    break out of. But then Jetico would not run. Worse, it hosed my system
    completely, leaving partially installed crap which kept trying to run
    and generated errors at startup and so on.

    Just be aware that there could be problems, and be prepared with a good
    backup of your HD if you value your setup. After my experiences, I
    would recommend trying something else...
     
  14. fannymites

    fannymites Registered Member

    Joined:
    May 7, 2005
    Posts:
    93
    I did try Jetico a few months ago but it seemed a bit buggy on my comp. For some reason, no matter what I did it refused to allow access to certain programs even when I allowed total access to them, yet at other times they connected fine, it also seemed to lose it's setting occasionaly like kerio 2.x does, though I don't remember having any trouble with Avast AV). I quite like fiddling and making rules and I don't mind all the pop-ups but with it working fine one day then not the next it got too anoying.
    I was thinking about giving it another go but if it's being discontinued I don't think I'll bother. That's the same reason I haven't gone over to Kerio 4.x

    Regarding R-Firewall, I installed it about 10 minutes before I read Dave-54321's post but I didn't get any install problems at all.
    I'm just fiddling around with the rules at the moment as in it's default state it has failed every firewall test going and after much more searching I have been unable to find any positive comments about it but I'll give it a try, it does seem very much like Outpost though of course I realise that doesn't mean it's going to be as good.
     
  15. fannymites

    fannymites Registered Member

    Joined:
    May 7, 2005
    Posts:
    93
    Well I decided against R-Firewall, maybe I haven't given it long enough but know matter what I changed in the rules, I only ever got closed ports with a couple of stealthed. Even when I wiped out all the rules and replaced them completely with the exact same rules I use for Kerio, they were still mostly closed. I know being stealthed isn't the be all and end all but even so...
    So since I can't use NetVeda, it's a toss up between Filseclab and going back to Kerio 2.15.
    I'm slightly worried about Kerio because I've read quite a few things about vulnerabilities in Kerio 2, such as the fragmented packet thing, but there seems to be a lot of conflicting comments about whether these are real vulnerabilities or not.
    I've never had any problems with Kerio but these reports do tend to put doubt in my mind.
     
Loading...
Similar Threads
  1. ttomm1946
    Replies:
    0
    Views:
    518
Thread Status:
Not open for further replies.