Discussion in 'other firewalls' started by Kerodo, Sep 2, 2004.
New version, problem is still there for me.
No change in status of icon with new build. Jetico informed.
I did a test download (green icon), clicked on the "Log" tab. Download finished, icon still green with no traffic flowing.
But as it worked on build 49, I'm sure they'll get it to work this week. You have to love a good firewall that uses ~3000K.
> You have to love a good firewall that uses ~3000K.
Well, how much memory it uses depends on conditions. Right now, JPF is using about 15 MB on my system... But it's still pretty slick.
A revised version of JPF 184.108.40.206 is available for download. It has solved my tray activity indication problems.
Received this today:
Please get Jetico Personal Firewall 220.127.116.11 from our site.
We updated previous one today. In addition, new version
takes rule editor dialog font parameters from the windows
settings. So you can set large fonts now.
I have it running now. Rule editing is much easier when you can see the fonts.
Strange, I'm using 18.104.22.168, and the tray icon still doesn't work unless I select the "Traffic monitor" tab.
Nameless, did you re-download after reading my post?
They didn't change the version number, so there is a "wrong" 22.214.171.124 and a "right" 126.96.36.199
Looks like there are 2 different .52 versions. I downloaded the original the day that it was released and it had the same problem with the icon.
Downloaded and installed today and problem is gone. Strange thing is, this version will keep the old settings (doesn't ask on reboot). I like it!
No, I didn't. I wasn't sure WTF "We updated previous one today" meant, but now I know.
I hate it when devs do that... The version designation should always be changed! Even if they just add an "a" to the end and make it 188.8.131.52a. Sheesh!
Thanks for the info (and the translation).
You're welcome, and absolutely right!
I'm seeing a very strange problem lately:
example: I start Firefox and Outlook 2003 from Quick Launch, so very quickly after another. JPF starts an ask/verdict window, with Outlook.exe as application asking if its allowed to connect to Extensionmirror.
This is just an example. I've experienced this with installers and other .exe's as well.
Anybody else experienced this?
Maybe they forgot to turn something on in the initial version, fixed it it the next and though it would be disingenuous to give it a new number?
Does anyone here use a local proxy program such as proxomitron along with this firewall?
When I start my browser it is setup to connect to remote address 127.0.0.1 port 8080 for my proxy, but I am not getting any ask user alert about this connection from Jetico. In my previous firewall I had to actually create a rule to allow my browser out to remote address 127.0.0.1 port 8080 for things to work.
I think that address is preset as friendly in the Config Wizard.
I skipped that Config Wizard when I installed Jetico. So I just ran the Config Wizard just now and I see that your correct 127.0.0.1 is set as trusted. I removed it and now Jetico prompts me with an alert for my browser out on remote address 127.0.0.1 port 8080. Thanks alot!
I installed 1.52 (revised) this morning and constructed a completely new rule set (which did not take much time). So far, I have not noticed any problems. The new version allows for larger fonts in the edit windows, which helps me greatly. I believe that there have been some changes under thehood so th speak. The firewall seems to be more sensitive to certain probes on listening ports ( but there is no outbound echo). There also appears to be less sensitivity in the process attack table. Perhaps they have refined their definitions.
One thing that I have noticed. When using firewall inbound tests like shields-up, scans of ports 135 and 445 do not produce log entries for unprocessed ports. I guess this behavior is hard coded. Does anyone know for sure?
Anyway, I like it. I just hope that I can catch the last build before they start to charge for it.
Your ISP might be blocking 135 and 445?
I save the most recent 3 or 4 of them... that way if they ever start charging and I don't want to buy it, I'll have the last free version...
ISP blocking 135/445? Good possibility because over at GRC they said some ISP's do that.
Got another question: In the systems applications table all DHCP rules are for services.exe. I had to add one for svchost.exe (outbound to 255.255.255.255) to make windows update work. Why services.exe instead of svchost.exe? I thought all DHCP in XP used svchost.exe. Is it some kind of a win9x/me thing?
Looking for a new firewall.
I find LNS a great little firewall, but find the rule making screen a little overwelming, and not sure I can configure it safely.
Kerio 2.15 is great also understand the rule making process here better, but once again, you need the right rules and the right order.
Dont like sygate, resource hog.
Outpost, i havent tried in a while, But with 4 computers im gonna go broke with subscription renewals.
Dont want zonealarm
So I find this great thread the other night on jetico, I have not installed it yet, can you offer some input as to whether this is a all rules based firewall like kerio or if it offers something like sygate and outpost does most the work for you but still offers you to create some rules and customize them.
Jetico firewall is rule based and does most of the work for you but you can also create your own rules as well. It is not to colmplex and offers good protection.
A while back in order to pass DNS type leaktests on XP home you needed to disable DNS Client service. Is this still the case?
According to others, there are ways to configure a firewall to block this without stopping any services (I'm assuming we're talking about DNSTester).
I've heard of this with Outpost, ZA, Symantec, & probably others.
I guess I don't worry about that particular leaktest as I don't see it as much of a threat, but if I can remember where I found posts about configuring firewalls to block it, I'll post links.
There's certainly the option in Jetico to make individual rules for applications, but right out of the box there are presets for many of the applications that you will use: Web Browser, Mail Client, Ftp Client. FTP Server, Bit Torrent, System App are included. Surprised not to see a time Synch or P2P app in as presets but maybe they'll be included soon.
Although I haven't bothered to do so, a previous poster seems to have used some rules from Kerio 2, so the option to create your own is there. For myself, being behind a actual HW firewall, application protection is my prime concern. Jetico really seems to be quite like ProcessGuard in this respect.
As to Outpost and LNS, I found the last version of Outpost to be really heavy in RAM use (although it can be lowered by opening and closing the GUI, which I consider to be poor programming); LNS was my choice for quite a while, but I wasn't really comfortable with the lack of progress with the app (new builds) and really wondered at the defection of Phantom (the creator of what seems to be considered the best ruleset) away from LNS due to his concern about poor SPI.
So considering how good Jetico is already (equal inbound protection to the others, far superior outbound protection, great resource use profile), the realization that this app is still far from finished according to the developers (they're writing addons to stop browser referrers and Cookie stuffing) is kind of amazing. And the fact that it's currently free is incredible.
one small point.
It's not a newbie friendly firewall. Many experts have been befuddled by the choice of nomenclature employed in the UI, especially with reference to app control.
I'm neither a newbie to firewalls, nor an expert, but I dumped version 184.108.40.206 after looking at the strangest UI I've ever seen for ANY security app.
It even beat my initial shocks of NOD32 and Process Guard UIs!
Also, there used to be an uninstall problem in many forms for many people, like LnS.
But since I didn't see it in v220.127.116.11, and the fact that no one has mentioned that, I assume that is fixed.
Separate names with a comma.