Filseclab latest truly excellent

Loopback is one of the built-in rules and is allowed by default. You cannot change or edit any of the built-in rules. I am using Avast AV here which does a proxy type thing and it seems to be working fine. When I load my browser I get a prompt asking for permission for Firefox first, and then also the Avast web shield, so nothing is getting out on port 80 thru Avast without getting checked by Filseclab. I don't know if Proxo is any different, but it should work as well.

 

Hello,
Very nice firewall I discovered here! Thank you for the info.
It work well, esy to understand. I was a long time Outpost user, and I do not miss anything.
One thing was disturbing: yesterday before shutting down the PC, I made some test and stopped the firewall, and this morning I wondered why I was not prompted using new applications.
The firewall was still stopped, and the green/orange/red lights are not very flashy. I think the icom in the systray should change when the status of the firewall changes.
I had no harm because I use also a router/firewall.
But as I said: very nice piecee of software.

Edit: after showing exactly, I noticed the systray icon chages slightly: the upper yellow little link becomes green when firewall stopped.
Yes green, because everything can walk through....

 

Proxies, transparent or otherwise is supported by Filseclab, check out their online FAQ or the help file.

 

Just tried this out. But one significant disadvantage is that you can't use port ranges (or lists) for rules.

 

Jetico also has this disadvantage. Might be a good one to request for future releases...

 

In Jetico's rule creation, you have three possibilities: any, exact value or port range. So what you say is not true.

 

Another strange thing is that HTTP traffic doesn't match TCP rules.

 

Ok, sorry.. It has been a while since I used Jetico. If that's true then my mistake... I could have sworn otherwise though. Are you sure? I recall seeing tables for browser with one line for each port, 80, 443, etc etc. Are you sure you're not thinking of another firewall? Better check again...

 

Must be different. I have IE blocked but if I change the IE settings to proxy then it is allowed through without question.

For the time being I will go back to Kerio.

 

Couldn't see anything in the help file. I will look at the FAQ. Thanks

 

I used Jetico for a while and reinstalled it today. So i'm very sure You can't specify a list, but a range of ports.
But i have to agree that Jetico has it's disadvantages too. That's why i'm back to Kerio 4.2 again. Unfortunately i spend a lot of time creating a good ruleset for Jetico...

 

Been through their web site and cannot see any mention of it. Dropped a note on the site about it so see if their is any response.

 

Hi Arup, I find Kerio 2.15 a nice, fast and safe FW, especially for dialup users. What exactly do you find better in Filseclab over Kerio ?

Thanks

 

FastGame,

Actually nothing wrong with Kerio 2.15, one of the lowest memory consuming and easiest to make rule for firewall, there is only a minor issue of fragmented packets getting through, the only problem is that it needs an update, for the last two years, there has been none, over the years, it has developed issues with other softwares, Perfect Disk for example has issued warning for Kerio 2.15 users about a conflict with their software, as for me, it ran fine for two years and only recently it started giving me BSODs, I checked the DSL forum to find out I was not the only one.

Filseclab is new, bug free and supports ICS, just like Kerio does but in case of Kerio, ICS means blocked status in GRC instead of stealthed. Filseclab is free, has good interface and rule making is easy too although still nowhere near Kerio 2.15, best of all, no issues or BSOD of any sorts with Filseclab and the developers are keen to support it, something Kerio lacks from its early years. Filseclab is fast too over dial up and it is quite safe, even in terminated mode, it blocks Netbios port 139 and 445 so even if a worm disables it, you are still protected. It also has some real good inbuilt worm and Trojan blocking rules which comes with it.

 

Thanks for the info Arup

I'll give it a try.

 

Yep, it can take some time to tweak Jetico to your liking.. I gave up on it long ago I'm afraid. Just too much trouble to configure for me.

I myself am back to Kerio 2.1.5. I recently bought a wireless router and Kerio 2 gives me some outbound protection with a very light footprint at 5mb. So for me that's the best solution for now.

 

Olaf, I just installed Jetico to have a look, and you are quite right! You can indeed specify a range of ports in a rule. I miss the ability to specify a list of ports though, like you can do in Kerio for example. That's ever more handy to me.

 

This firewall is failing both Shields Up & Sygate stealth test, is it that way with you guys ?

I'm using default settings.

 

Can't say FastGame since I'm behind a router. Someone else will have to report on that one..

 

On my instalation with ICS on, it passes GRC, haven't tried Sygate scan yet.

 

If I use ICS it gets worst The only way I can pass ShieldsUP is if I use Advanced Quiet Mode, it still doesn't pass Sygate stealth test.

What's the real difference between ports "stealth" and Closed" ?

 

Stealth is far more popular nowadays, but Closed is secure. What you have to worry about are any Open ports on a Grc or Sygate scan. If you see Stealth on a Grc scan, that means your computer is just dropping the incoming packets and not responding back, but if you see Closed, then your system is responding "this port is closed" back to the originating system. Most folks now prefer that their system just drop the packets and not respond back at all, which would be Stealth. However, a Closed port is still secure and nothing can be done to or with it.

 

mine is failling using default mode.but only after my kaspersky av does a update and iam prompted to allow and make a rule.thats when i fail both shields up and sygate.does enyone know of a way around this problem

 

Concerning Stealth test, it is OS dependant:
Windows 2000 SP4 : all ports stealth
Windows XP SP2 : Stealth except ports 143,1039 and 1048 only closed
Windows 98SE : many ports are only closed
Test by shields up first 1056 TCP ports.

 

Try adding the IP of Kaspersky to your rule and see if you pass the test.