Jetico query

Discussion in 'other firewalls' started by Seishin, Sep 5, 2006.

Thread Status:
Not open for further replies.
  1. Seishin

    Seishin Registered Member

    Joined:
    Aug 2, 2006
    Posts:
    204
    I've installed this famous fw :D

    Well, it ain't that bad. I really like it and if I end up taming the beast then I'll settle down here.

    First questions I have:

    1. I heard Jetico reloads to default settings on reboot. Well after fiddling with this toy I came across the following:

    http://images6.theimagehosting.com/1.53d.th.png


    So my guess is to check "automatically save changes" or "save configuration on firewall shutdown" and leave unchecked "load default policy at startup" (which would delete all our settings and reload the factory ones).

    Am I being correct in here?

    2. Regarding "optimal protection", "allow all" or "block all". I was thinking of chosing "block all" and then give rules for the applications I know will access online. Aside from the obvious ones I use (firefox, sandboxie, antivirus, etc.) are there any other ones I should be aware of? What about windows updates? What process does control it?

    Thx in advance.
     
  2. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    The option to "automatically save changes" is less probmatic, saving config on firewall shutdown can, in some cases, when closing windows, make windows pause/wait.
    This option is for the loading of the "default" policy (optimal/allow all/block all/user), not the "factory default". So having this option enabled will not delete your settings, it will load your chosen policy on firewall startup.
     

    Attached Files:

  3. Seishin

    Seishin Registered Member

    Joined:
    Aug 2, 2006
    Posts:
    204
    Yeah, I've noticed that when I restarted my machine :)

    OK. Now is checked.

    Anothet thing is that every time a pop-up occurs I'm not sure whether to handle it either as a TRUSTED ZONE or as a SYSTEM APPLICATION (with the other options is quite obvious, I guess).

    Regards.
     
  4. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    Placing an application into "trusted" is not good policy,... as this gives that application the ability to allow inbound connections.
     
  5. Seishin

    Seishin Registered Member

    Joined:
    Aug 2, 2006
    Posts:
    204
    So how to stop all pop-ups then?

    Thx.
     
  6. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    There is no (safe) quick fix to this, unfortunatly it is a case of creating rulesets for the applications.
    I suppose the easiest thing to do would be to place a block inbound TCP SYN rule at the top of your application safe zone to block inbound connections, but even then, the application is allowed all outbound.
     
  7. Seishin

    Seishin Registered Member

    Joined:
    Aug 2, 2006
    Posts:
    204
    Is it possible to import a ruleset into the firewall as a means to stop it from asking?

    One more thing: Which applications are allowed Internet access so I can set a rule in the SYSTEMS APPLICATIONS branch?


    http://images6.theimagehosting.com/1.eae.th.png


    I realised now why this fw has got a "problem child" reputation :)



    Thx again.
     
    Last edited: Sep 5, 2006
  8. kr4ey

    kr4ey Registered Member

    Joined:
    Aug 13, 2006
    Posts:
    187
    Location:
    Florida USA
    gesc

    Are you using version 1 or 2?
    Are you getting popups from every IP with your browser?
     
  9. Seishin

    Seishin Registered Member

    Joined:
    Aug 2, 2006
    Posts:
    204
    v.1

    I have a dynamic IP. No idea what you mean by that (OK ic. So I guess I've to assign myself an static IP, right??).

    Cheers.
     
  10. kr4ey

    kr4ey Registered Member

    Joined:
    Aug 13, 2006
    Posts:
    187
    Location:
    Florida USA
  11. Seishin

    Seishin Registered Member

    Joined:
    Aug 2, 2006
    Posts:
    204
  12. kr4ey

    kr4ey Registered Member

    Joined:
    Aug 13, 2006
    Posts:
    187
    Location:
    Florida USA
    No in Ask User.
    There should be a rule there for your web browser.

    jpf.jpg
     
  13. poirot

    poirot Registered Member

    Joined:
    May 4, 2005
    Posts:
    299
    kr4ey i dont see any WebBrowser Table in the left side, as i think it comes by default, was it you managed to erase it , did you move it elsewhere or your copy of Jetico was without it?
     
  14. kr4ey

    kr4ey Registered Member

    Joined:
    Aug 13, 2006
    Posts:
    187
    Location:
    Florida USA
    Yes it is by default. It is under Ask User. There should a plus sign next to it.
    Double click Ask User.
    I don't think you should need to place a rule under Ask User>Web Browser
    for your browser just under Ask User. The web browser will use the
    web browser rules in (Ask User/Web Browser) when you have the verdict set as web browser in Ask User.
     
  15. poirot

    poirot Registered Member

    Joined:
    May 4, 2005
    Posts:
    299
    I am not baffled,but certainly surprised by your solution,which shows how in Jetico v.1 you can achieve the same result with a lot of different methods.....
    Have you set this way your browser-s so that you're asked everytime you make a connection/ everytime you change connection/or everytime an unknown site comes up?
    This might be of interest to me,as i've set Jetico to ask everytime in a tight way- even though some would think really a 'tiring' way- everytime i make a connection through the browser, which i have set and left where it is at install,that is as a Table by itself.
     
  16. kr4ey

    kr4ey Registered Member

    Joined:
    Aug 13, 2006
    Posts:
    187
    Location:
    Florida USA
    The way I have it set up I do not get any popups when going to other sites.
    The browser is set to allow only outbound TCP/IP on port 80 and 443.
    It pass all the tests on Shields UP, PCFlank, Sygate and HackWacker. Except for the browser referrer test. I could allways change it back to accept real fast to receive popups, but it works fine for me this way. And I'm a very safe surfer, so my computer has never been infected with anything.
    (Spyware or Virus)
     
  17. poirot

    poirot Registered Member

    Joined:
    May 4, 2005
    Posts:
    299
    kr4ey,if this way is good for you, fine.
    I would prefer something stricter-not giving browsers this great freedom of movements- as i think a few leaktests such as those at Firewallleaktester could not perhaps be passed with your config.
    If am wrong ,though, much better for you.
     
  18. Alphalutra1

    Alphalutra1 Registered Member

    Joined:
    Dec 17, 2005
    Posts:
    1,160
    Location:
    127.0.0.0/255.0.0.0
    A browser has to access remote port 80 for normal internet surfing and port 443 for ssl connections, so he has basically tightened it up as much as possible except for limiting the local ports to 1024-4999 and the utmost extreme of setting a list of ips that can connect, but that is very unpractical.

    Cheers,

    Alphalutra1
     
  19. Seishin

    Seishin Registered Member

    Joined:
    Aug 2, 2006
    Posts:
    204
    Hmm....Maybe Jetico is not what I want. I realised now that when running a limited account one can't save the policy created. I got this pop-up after reboot up to confirm that (plus all the nagging ones after that):

    http://img4.glowfoto.com/images/2006/09/05-1907599940T.png



    So is there any fix for this issue?
     
  20. Alphalutra1

    Alphalutra1 Registered Member

    Joined:
    Dec 17, 2005
    Posts:
    1,160
    Location:
    127.0.0.0/255.0.0.0
    I moved the ruleset files into the shared documents folder when I briefy used jetico, which corrected the problem. You could also set folder and file permissions to allow it to be read and written by all users.

    Cheers,

    Alphalutra1
     
  21. Seishin

    Seishin Registered Member

    Joined:
    Aug 2, 2006
    Posts:
    204
    Thx for that.

    Now I have Avast annoying me a lot for every time I move my browser. What is the rule for this?

    BTW, why the developers of Jetico didn't put out a 200 page manual to help users handle this complex fw?

    It is absolutely nonsense making a brilliant product like this without giving us the keys to run it.

    What a waste!
     
  22. Seishin

    Seishin Registered Member

    Joined:
    Aug 2, 2006
    Posts:
    204
    Last edited: Sep 5, 2006
  23. Seishin

    Seishin Registered Member

    Joined:
    Aug 2, 2006
    Posts:
    204
    Hey dude, could you please post me a screenshot of how to set up the ports for the new rule I created for Firefox?

    Thx.
     
  24. kr4ey

    kr4ey Registered Member

    Joined:
    Aug 13, 2006
    Posts:
    187
    Location:
    Florida USA
    Double click or right click your rule for Firefox and set the verdict as Web Browser. If you use IE do same for that too. The Web Browser table on the left side will be there after you that.
     
  25. Seishin

    Seishin Registered Member

    Joined:
    Aug 2, 2006
    Posts:
    204
    OK.

    Description: Do I write in here ACCESS TO NETWORK or ANY?


    How do I set up ports 80 and 443 for it?

    Ta.
     
Thread Status:
Not open for further replies.