Jetico making me crazy.

I have tried both ways. If unchecked the process attack table under the root, there would be some minor issues which caused several applications didn't work as they should be.

 

Please explain. (I have this setting, with no problems)

 

So far, I found two applications had problems if disabled the table under the root. One is trayit!(2.11.1.2), a freeware to minimize applications to system tray. The other one is antivir 7 personal classic.

After disabled the table and restarted the machine, there would be an error window for trayit! poping up, saying "error registering hooks". And trayit didn't work at all. Meanwhile the red umbrella in the sys tray for antivir was closed, which meant the real time protection was not activated. I even could not reactivated the guard manually. These two symptoms disappeared after I rechecked the process attack table and put the accept-all rule on the top of the table instead.

 

Hi shek,
Thanks for the info.
I have downloaded trayit, and running o.k. with "attack table" unticked. (Have you removed all rules from the "Attack Table" before you disabled? and applied the changes?)

But if this is causing you problems, then leave as you have set.

 

Yes, before disabled the attack table, I removed all rules inside the process attack table, except two ( accept all rule and the default ask rule). My setting is to automatically save and apply changes. Btw, my system is win xp pro sp2.

Anyway, thank you for your help.

Shek.

 

Hi, yes I have the same problem if I have ANY manually entered rules within the "Attack Table" when disabled (unticked from the root), removing ALL (apart from the "Ask") rules rectifies this on my PC (XPsp2 all updates)

 

Stem

Thank you for confirming it.

Shek

 

Hi, Stem,

if i also disable the application table, does it mean jetico will become a pure packet filter?

regards,

shek

 

Hi shek,

No, its not that simple, due to SPI, which binds an application to the packets. You would need to disable the SPI and change the rules structure. If you want just a "pure packet filter", you should try CHX-I

 

Stem---

If I disable the application table( I'm aware there will be no outbound protection), will jetico still be safe to use? I also check the grc.com and scan.sygate.com. it seems that all the critical ports are still stealth.

Shek

 

If you succesfully disable the application binding, then Jetico would rely on the "System protocol/IP rules for filtering packets. This can be safe with the correct rules in place. (safe for packet filtering, but of course, no control on the applications able to make comms.)
[ I have never fully configured Jetico this way by removing the application filtering completely, as for this, there is the better choice of CHX-I ]

 

Stem---

Thanks for your help. Actually I really enjoy the power of jetico and am working on a new ruleset for my dad who is a newbie to computer and sometimes use my pc. He said any popup would scare him. That's why i want to disable those two tables.

Shek

 

shek,

Why disable the Application rules/table?. Once you have fully configured all your applications for internet access, place a block all rule at the end of each ruleset (with logging for info if any problems arrise), and remove/untick all the "Ask user" rules. This would then give you the application access protection without any popups. (you would just have to add any new applications manually/ or retick the ask user rules while you configure a new app)

 

Stem---

yes, you're correct. Thanks you so much.

shek

 

Just some questions if you do not mind Stem

Jetico settings, how much difficult can it be to work on a PPPoE (ADSL) and reduce the amount of prompting.

Due to the fact that some ADSL comes with a software internally build inside the modem which dial automatically to the internet since all username and password is prefix inside the modem during setup of connection. ( normal this may take a while to successfully connect the internet) If jetico how will jetico react to it ?

Some uses a dialup which basically a software that dial to the ISP. how will jetico reacts to this one too ?

More questions

will it be possible for you to create a more detail setup tutorial on BooTP/DHCP on jetico where the 68 and 67 adjustment should be set currently I facing many things again especially when the two little desktop connection keep poping out and saying unable to find a proper connection. Then I have to wait about 20 seconds before the DNS redetects the IP from the DHCP again..... ??

best regards Shaun

 

You can add both PPPoE discovery / PPPoE session protocol in the Jetico "Protocols table"

I cannot see there being a problem,.. you would be prompted for needed rules for the software connection. If you set this up, let me know your findings.

I dont use DHCP,.. but will enable later to check on any problems. (some firewalls would recommend placing your DHCP server into the trusted zone, you could try this to see if it resolves the problem. (start menu / all programs / Jetico personal firewall / configuration wizard => trusted zone))

 

Stem,

I have just started using Jetico and have found your posts very helpful. However, I still have one question for you. When I run the online Shields Up! test as you have recommended, everything is stealth, but I fail the ICMP echo test. What configuration tweaks do I need to make to prevent this from happening?

 

Are you using the default ruleset installed by Jetico? Are you behind a router?

 

I am using the default ruleset, and I am behind a Netgear wireless router (WGR614 v3) with the default setting "do not respond to ping requests" selected. Thank you for your speedy reply.

 

I think it will be your router making the reply. You can make a check by DMZ your PC for a scan.

 

I'm not sure I understand how to do that.

 

I just bypassed the router and ran the ethernet cable directly to my laptop from the DSL modem and it still failed.

 

Well thats strange, as it is failing with or without a router, and there is no echo-reply in the default ruleset of jetico.
Have you any server software running?

 

I don't have any server software running. I specified my laptop's ip to be the DMZ server and it still failed.

 

Well, lets start at your router: re-set the router, make sure the PC is behind the router firewall, and re-scan.