Jetico v1 released!!!

Discussion in 'other firewalls' started by no13, Jan 17, 2005.

Thread Status:
Not open for further replies.
  1. no13

    no13 Retired Major Resident Nutcase

    Joined:
    Sep 28, 2004
    Posts:
    1,327
    Location:
    Wouldn't YOU like to know?
    This is final release i believe.
     
    Last edited by a moderator: Jan 17, 2005
  2. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
    i dont use jetico pf, but now that its not longer beta and still freeware, maybe ill give it a shot. i know theres a complete thread about jetico, but could someone summarize a comparison between jetico, sygate pf pro, and outpost pf pro?
     
  3. Diver

    Diver Guest

    Time to give this baby another whirl.
     
  4. pvsurfer

    pvsurfer Registered Member

    Joined:
    Sep 1, 2004
    Posts:
    1,400
    Location:
    California - USA
    As soon as you guys get a chance to try it out, please report back. I would be interested in finding out how much memory it uses!
     
  5. 19. v. 1.0.1.48 Freeware, 17th January, 2005.
    The problem occured in the firewall interface when the program displays log entries is fixed. The problem of compatibility with programs creating many listening/accepting sockets (like Vypress Chat) is fixed.
     
  6. Blackcat

    Blackcat Registered Member

    Joined:
    Nov 22, 2002
    Posts:
    4,010
    Location:
    Christchurch, UK
    Seems very light, fwsrv.exe taking up only 2852K Virtual memory.
     
  7. Diver

    Diver Guest

    I received an email from Jetico asking me to try out the new build and see if the problem that I previously had with Sun Java is fixed.

    Well, they fixed that problem, and so far I have not found any new bugs. They must have done some work on the process table.

    Memory use is about 5 mb. You can't get much lower than that.
     
  8. mercurie

    mercurie A Friendly Creature

    Joined:
    Nov 28, 2003
    Posts:
    2,442
    Location:
    Sky over the Wilders Forest
    Fellow Creatures,
    Please keep me/us less experienced firewall users posted. My Emachine NPF 2004 expires in May. ;)
     
  9. Diver

    Diver Guest

    May? That is eons from now. A firewall that expires, what a concept. Heck, its free. Try it. Remember, its rules based. From my experience with Kerio 2.15, it ws relatively easy to do the rules for mall my applications. Some of the other stuff that is under the hood is a bit difficult to understand. I suspect there is a lot in that little FW.
     
  10. BlitzenZeus

    BlitzenZeus Security Expert

    Joined:
    Feb 11, 2002
    Posts:
    451
    Location:
    Oregon, USA
    If its as configurable as Kerio 2x hopefully it should be as easy to setup, currently I have a ICS setup for my dial-up connection so I hope the program makes that easy to configure as Kerio 2x.
     
  11. hojtsy

    hojtsy Registered Member

    Joined:
    Dec 28, 2003
    Posts:
    351
    Jetico = Kerio 2.1.5 + Sandbox + More!

    I am loving it. But be aware that I still found some small bugs: the software should still be considered beta. Anyway it is already better than any other free firewall. Give it a try!
    -hojtsy-
     
  12. dess9715

    dess9715 Registered Member

    Joined:
    Jan 17, 2005
    Posts:
    5
    I've installed it. it seeem quiete secure, but i'm still confused with hierarchical of table, what i don't understand is: If i create an application rule for internet iexplorer in the application table with verdict web browser, the firewall process goes to the table ask me, i got pop up and if i answer yes i've access to internet.
    then i'm not ask anymore.

    but why it goes to this table ( ask table) if the rule match o_Oo_O?

    thanks
     
  13. hojtsy

    hojtsy Registered Member

    Joined:
    Dec 28, 2003
    Posts:
    351
    Most probably your rule was not matched. Did you put any event/protocol/host/port restrictions into it? All of these should be "Any".
    Another thing you should care for is the order of rules. If the reference to Ask User table is before your newly created rule, then it will be processed before your rule. In this case reorder your ruleset by drag-and-dropping your new rule between the rule triggering the System Applications table, and the rule triggering the Ask User table.
    You can check your rule was matched by enabling logging for that rule, and triggering the communication in internet explorer. The log will list the rule if it is matched.
    -hojtsy-
     
  14. dess9715

    dess9715 Registered Member

    Joined:
    Jan 17, 2005
    Posts:
    5
    thanks for answer
    but i check all that you said and i still have the problem let me explain more:

    I create an application rule for iexplorer between system application and ask user in the application table.

    verdict of this rule is web browser witch is another table ( i didn't touch), i enable logging for this rule.
    the log says that it enter in the web browser table, don't find any rule match (witch is very strange)and goes back to application table, enter and ask user table and finally ask me to add this rule.

    i really don't understand why it goes to this table (ask user).
    i write mail to the support but still don't have answer.
     
  15. no13

    no13 Retired Major Resident Nutcase

    Joined:
    Sep 28, 2004
    Posts:
    1,327
    Location:
    Wouldn't YOU like to know?
    hey...
    get me a manual for this thing man...
    too hard to think straight with all that weirdness going on in its config screens.
    Anyone willing to translate it all into Kerio?

    PS: thanks Snapdragin... sorry about not PMing... I'm lazy ;)
     
  16. Diver

    Diver Guest

    no13:

    I foundit preetty easy to go from Kerio application rules to Jetico rules. One nice shortcut is to make a table for "Simple HTTP". Just two rules: the first allows access to the network, the second allows local ports 1024-5000 to connect TCP outbound to port 80 at any remote address. A lot of programs can use this table.

    Another trick is that UDP is replaced by TCP/send datagrams or TCP/receive datagrams.

    The part I do not understand is the system l evel stuff. DNS address is "name server" but I can't find which addresses are in its range. I suspect that there is a lot of elegant power in the way that thevarious tables interact, but I really do not know what is going on with that.
     
  17. dess9715

    dess9715 Registered Member

    Joined:
    Jan 17, 2005
    Posts:
    5
    can someone who is jetico user's friendly can post a tutorial or config's screenshots.
    cause i think this firewall has lot of posibilities but it's dificult to learn.
    thanks
     
  18. hojtsy

    hojtsy Registered Member

    Joined:
    Dec 28, 2003
    Posts:
    351
    Actually the manual which you can download is pretty good. I am afraid I can not translate it into Kerio, even though I think I understand both. It just provides more control not available in Kerio.
    OK, I have one more idea. Your Internet Explorer is initiating "outbound connection" to a remote port which is not listed in the Web Browsers table. By default this table only allows remote port 80 (http) and 443 (https). The Web Browser table ends with the verdict Continue, meaning if no rules from this table is matched the walking through the ruleset continues - in your case with the rule triggering the Ask User table. I modified my Web Browser table to allow remote port 8080 (http proxy) too, but that may not be enough. If you usually browse sites which are using exotic ports, you may need to allow "outbound connection" to any remote port in the Web Browser table.
    All of this is caused by the quite restrictive default ruleset. For example the default permitted port list for Outpost firewall lists several other remote ports in the Web Browser preset.
    -hojtsy-
     
  19. hojtsy

    hojtsy Registered Member

    Joined:
    Dec 28, 2003
    Posts:
    351
    How about you download the official User Guide which includes several full screenshots? Or is there any problems with that one?
    -hojtsy-
     
  20. dess9715

    dess9715 Registered Member

    Joined:
    Jan 17, 2005
    Posts:
    5
    i was browsing yahoo or google, do you mean that these sites use exotics ports !!!!!!!!!.
    Could yout tried my config on your computer and let me know the result.
     
  21. Diver

    Diver Guest

    The link to the user guide is the compiled help file that installs with Jetico PF. I managed to get something out of it, but I have a few more questions.

    I have been able to migrate my experience creating application rules with Kerio 2.15 and have been able to get an idea of what is going on, although some things on the system level seem a bit oblique. Most of my knowledge in this area comes from the Kerio support forum over at DSLR, and from BlitzenZeus' rule set in particular.

    It would be great if one of the resident networking gurus started to look under the hood of Jetico and posted what they can find out.
     
  22. hojtsy

    hojtsy Registered Member

    Joined:
    Dec 28, 2003
    Posts:
    351
    I don't have time to write a full tutorial, but I will try to answer any specific questions.
    -hojtsy-
     
  23. hojtsy

    hojtsy Registered Member

    Joined:
    Dec 28, 2003
    Posts:
    351
    Possibly yes. The remote port can be seen in the learning popup, and in the rule created if you just pressed Allow. Can you tell what is/was the remote port.
    -hojtsy-
     
  24. dess9715

    dess9715 Registered Member

    Joined:
    Jan 17, 2005
    Posts:
    5
    I'll try tomorrow at work because my testing computer is there.

    What about opening a specific forum ? It will be very usefull for user who are interested by this firewall.

    i'll send results tomorrow

    bye
     
  25. hojtsy

    hojtsy Registered Member

    Joined:
    Dec 28, 2003
    Posts:
    351
    You mean we ask Paul Wilders himself to create and open a subforum for Jetico Firewall? Hmm interesting idea. I would like it. Especially considering that it has no other dedicated forum.
    -hojtsy-
     
Loading...
Thread Status:
Not open for further replies.