Filseclab latest truly excellent

Discussion in 'other firewalls' started by Arup, Aug 11, 2005.

Thread Status:
Not open for further replies.
  1. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,988
    Loopback is one of the built-in rules and is allowed by default. You cannot change or edit any of the built-in rules. I am using Avast AV here which does a proxy type thing and it seems to be working fine. When I load my browser I get a prompt asking for permission for Firefox first, and then also the Avast web shield, so nothing is getting out on port 80 thru Avast without getting checked by Filseclab. I don't know if Proxo is any different, but it should work as well.
     
  2. Clweb

    Clweb Registered Member

    Joined:
    Dec 28, 2002
    Posts:
    127
    Location:
    France
    Hello,
    Very nice firewall I discovered here! Thank you for the info.
    It work well, esy to understand. I was a long time Outpost user, and I do not miss anything.
    One thing was disturbing: yesterday before shutting down the PC, I made some test and stopped the firewall, and this morning I wondered why I was not prompted using new applications.
    The firewall was still stopped, and the green/orange/red lights are not very flashy. I think the icom in the systray should change when the status of the firewall changes.
    I had no harm because I use also a router/firewall.
    But as I said: very nice piecee of software.

    Edit: after showing exactly, I noticed the systray icon chages slightly: the upper yellow little link becomes green when firewall stopped.
    Yes green, because everything can walk through....
     
    Last edited: Aug 13, 2005
  3. Arup

    Arup Guest

    Proxies, transparent or otherwise is supported by Filseclab, check out their online FAQ or the help file.
     
  4. Olaf101

    Olaf101 Guest

    Just tried this out. But one significant disadvantage is that you can't use port ranges (or lists) for rules.
     
  5. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,988
    Jetico also has this disadvantage. Might be a good one to request for future releases...
     
  6. Olaf101

    Olaf101 Guest

    In Jetico's rule creation, you have three possibilities: any, exact value or port range. So what you say is not true.
     
  7. Olaf101

    Olaf101 Guest

    Another strange thing is that HTTP traffic doesn't match TCP rules.
     
  8. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,988
    Ok, sorry.. It has been a while since I used Jetico. If that's true then my mistake... I could have sworn otherwise though. Are you sure? I recall seeing tables for browser with one line for each port, 80, 443, etc etc. Are you sure you're not thinking of another firewall? Better check again...
     
    Last edited: Aug 13, 2005
  9. djg05

    djg05 Registered Member

    Joined:
    Apr 6, 2005
    Posts:
    1,563
    Must be different. I have IE blocked but if I change the IE settings to proxy then it is allowed through without question.

    For the time being I will go back to Kerio.
     
  10. djg05

    djg05 Registered Member

    Joined:
    Apr 6, 2005
    Posts:
    1,563
    Couldn't see anything in the help file. I will look at the FAQ. Thanks
     
  11. Olaf101

    Olaf101 Guest

    I used Jetico for a while and reinstalled it today. So i'm very sure :) You can't specify a list, but a range of ports.
    But i have to agree that Jetico has it's disadvantages too. That's why i'm back to Kerio 4.2 again. Unfortunately i spend a lot of time creating a good ruleset for Jetico...
     
  12. djg05

    djg05 Registered Member

    Joined:
    Apr 6, 2005
    Posts:
    1,563
    Been through their web site and cannot see any mention of it. Dropped a note on the site about it so see if their is any response.
     
  13. FastGame

    FastGame Registered Member

    Joined:
    Jan 15, 2005
    Posts:
    715
    Location:
    Blasters worm farm
    Hi Arup, I find Kerio 2.15 a nice, fast and safe FW, especially for dialup users. What exactly do you find better in Filseclab over Kerio ?

    Thanks :)
     
  14. Arup

    Arup Guest

    FastGame,

    Actually nothing wrong with Kerio 2.15, one of the lowest memory consuming and easiest to make rule for firewall, there is only a minor issue of fragmented packets getting through, the only problem is that it needs an update, for the last two years, there has been none, over the years, it has developed issues with other softwares, Perfect Disk for example has issued warning for Kerio 2.15 users about a conflict with their software, as for me, it ran fine for two years and only recently it started giving me BSODs, I checked the DSL forum to find out I was not the only one.

    Filseclab is new, bug free and supports ICS, just like Kerio does but in case of Kerio, ICS means blocked status in GRC instead of stealthed. Filseclab is free, has good interface and rule making is easy too although still nowhere near Kerio 2.15, best of all, no issues or BSOD of any sorts with Filseclab and the developers are keen to support it, something Kerio lacks from its early years. Filseclab is fast too over dial up and it is quite safe, even in terminated mode, it blocks Netbios port 139 and 445 so even if a worm disables it, you are still protected. It also has some real good inbuilt worm and Trojan blocking rules which comes with it.
     
  15. FastGame

    FastGame Registered Member

    Joined:
    Jan 15, 2005
    Posts:
    715
    Location:
    Blasters worm farm
    Thanks for the info Arup :D

    I'll give it a try.
     
  16. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,988
    Yep, it can take some time to tweak Jetico to your liking.. I gave up on it long ago I'm afraid. Just too much trouble to configure for me.

    I myself am back to Kerio 2.1.5. I recently bought a wireless router and Kerio 2 gives me some outbound protection with a very light footprint at 5mb. So for me that's the best solution for now. :)
     
  17. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,988
    Olaf, I just installed Jetico to have a look, and you are quite right! You can indeed specify a range of ports in a rule. I miss the ability to specify a list of ports though, like you can do in Kerio for example. That's ever more handy to me.
     
  18. FastGame

    FastGame Registered Member

    Joined:
    Jan 15, 2005
    Posts:
    715
    Location:
    Blasters worm farm
    This firewall is failing both Shields Up & Sygate stealth test, is it that way with you guys ?

    I'm using default settings. o_O
     
  19. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,988
    Can't say FastGame since I'm behind a router. Someone else will have to report on that one..
     
  20. Arup

    Arup Guest

    On my instalation with ICS on, it passes GRC, haven't tried Sygate scan yet.
     
  21. FastGame

    FastGame Registered Member

    Joined:
    Jan 15, 2005
    Posts:
    715
    Location:
    Blasters worm farm
    If I use ICS it gets worst :( The only way I can pass ShieldsUP is if I use Advanced Quiet Mode, it still doesn't pass Sygate stealth test.

    What's the real difference between ports "stealth" and Closed" ?
     
  22. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,988
    Stealth is far more popular nowadays, but Closed is secure. What you have to worry about are any Open ports on a Grc or Sygate scan. If you see Stealth on a Grc scan, that means your computer is just dropping the incoming packets and not responding back, but if you see Closed, then your system is responding "this port is closed" back to the originating system. Most folks now prefer that their system just drop the packets and not respond back at all, which would be Stealth. However, a Closed port is still secure and nothing can be done to or with it.
     
  23. theshadow247

    theshadow247 Registered Member

    Joined:
    Nov 14, 2004
    Posts:
    323
    Location:
    ontario.canada
    mine is failling using default mode.but only after my kaspersky av does a update and iam prompted to allow and make a rule.thats when i fail both shields up and sygate.does enyone know of a way around this problem o_O o_O
     
  24. Clweb

    Clweb Registered Member

    Joined:
    Dec 28, 2002
    Posts:
    127
    Location:
    France
    Concerning Stealth test, it is OS dependant:
    Windows 2000 SP4 : all ports stealth
    Windows XP SP2 : Stealth except ports 143,1039 and 1048 only closed
    Windows 98SE : many ports are only closed
    Test by shields up first 1056 TCP ports.
     
  25. Arup

    Arup Guest


    Try adding the IP of Kaspersky to your rule and see if you pass the test.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.