PLEASE READ THE WARNING AT THE END OF THIS POST BEFORE YOU DECIDE TO COMBINE FIREWALL SOFTWARE (CHX + KERIO 2.1.5 IS NOT A RECOMMENDED COMBINATION!) I tested the following workaround on Windows 2000 sp4 using PING and it works fine. Both outbound pings initiated locally and inbound pings initiated from a remote Linux box using normal and oversized packets. As everyone knows, Kerio 2.1.5 is wonderful except for a couple flaws. The first flaw, fragmented packets, can be easily resolved by running Harden-It 1.2 (free) and accepting the default settings during the install. When I try to ping using oversized packets with Kerio's "Stop all traffic", the pings timeout instead of working (as it did before this workaround). And when Kerio's "Enable Traffic" is selected again, the pings (including oversized ones) work fine again. I didn't notice any new processes in TaskMgr after installing Harden-It, didn't have time to see if all it does is tweak registry or install any drivers. The second flaw, incompatibility with other drivers causing BSOD, can be avoided if we gather and share a list of incompatible software along with workarounds. I'll begin by contributing the first item, and I hope a registered user will take this and run with it: Raxco Perfectdisk 7 build 42 (latest). They recommend upgrading Kerio: http://www.raxco.com/support/windows/kb_details.cfm?kbid=506 NOTE: I heard that PerfectDisk 7 build 34 works with Kerio 2.1.5 In summary, Kerio 2.1.5 works great with Harden-It 1.2 (free) to provide a very low-resource firewall solution that does not suffer from Kerio's infamous fragmented packets bug. However, there appears to be some BSOD-causing incompatibility between Kerio 2.1.5 and some other drivers so we should maintain a list of such incompatibilities. See http://www.dslreports.com/forum/remark,12530877 One last item, since Kerio 2.1.5 is so popular, it would be fantastic if we can have a Kerio 2.1.5 + Harden-It 1.2 combination be tested using the same critiera at http://www.firewallleaktester.com/tests.htm Perhaps a kind soul on this forum could volunteer to perform the same leak tests and post results? Please? WARNING: Some people might be tempted to use Kerio 2.1.5 with another program such as CHX. I heard that combination has bugs and should be avoided. However, the CHX + Look'n'Stop combination is reported to work fine--but Look'n'Stop is not free like Kerio 2.1.5. BEWARE of combining overlapping software because things might appear to work on the surface but you might be introducing huge security holes.