Kerio 2.1.5 or Look and Stop?

Discussion in 'other firewalls' started by Matt_Smi, Feb 27, 2005.

Thread Status:
Not open for further replies.
  1. Matt_Smi

    Matt_Smi Registered Member

    Joined:
    Jul 7, 2004
    Posts:
    359
    Ok so after much research and trialing several of the most popular firewalls (ZA, Sygate, Outpost, Kerio and LnS) I have finally narrowed it down to two, Kerio 2.1.5 with BZ’s rule set or Look and Stop. Both of these firewalls meet my demands which are that the firewall must be light, offer good protection and have no extra things attached to it, just a simple firewall and nothing else. Both of these firewalls are very light and one can tell that they are simple by taking a look at their program file folders, Kerio’s was only about 2 Mb’s and LnS’s was under 1 Mb.

    The advantages I see LnS having over Kerio are that the interface is a bit nicer and more user friendly and it is still being supported and even has its own forum right here on Wilders. The advantage of Kerio is obvious, it is free. But $40 is not a big price for me to pay for an unlimited license on a firewall. Basically the deciding factor on which I choose is based on ease of use and setup. I am not really confidant with rule making. So is LnS pretty secure right out of the box, maybe needing an advanced rule set that is posted somewhere to make it even better? I understand that the default rule set that comes with Kerio is not that great, so I was planning on replacing it with BZ’s, but after that I did not want to mess around with creating additional rules to make it safe. Which firewall do you think I would be better off with? Thanks.
     
    Last edited: Feb 27, 2005
  2. quexx88

    quexx88 Registered Member

    Joined:
    Nov 26, 2004
    Posts:
    235
    Location:
    Radnor, Pennsylvania
    I'd say Look'n'Stop is safer, because although some will question their usefulness, leaktests are able to get past Kerio as it is no longer being updated, but LNS has a very good track record in stopping them. Also, KPF 2.1.5 does not block fragmented packets, while LNS does. Phant0m's ruleset is the reccomended for LNS, and aside from setting up your frequently used programs, I'd say that it does not require any manual tweaking to be more secure. Either way, you're going to be using a nice, light firewall. LNS is just more up to date.
     
  3. Diver

    Diver Registered Member

    Joined:
    Feb 6, 2005
    Posts:
    1,444
    Location:
    Deep Underwater
    Try the free one first. If you are not happy, then spend money.

    Most folks like the Kerio interface.

    Actually, Kerio has unoffical support over at DSL Reports. Resident Kerio guru BlitzenZeus hangs out here and there.

    Read the LnS forum here and the kerio support forum at DSL Reports.

    By the answer to this sort of question depends on who you ask...
     
  4. my2cents

    my2cents Registered Member

    Joined:
    Feb 20, 2005
    Posts:
    45
    Question guys

    The ONLY problem with LnS, is that its limited to only one PC. Thats the problem. Because I have another computer elsewhere and I would like to install LnS on that computer too.

    So how could I accomplish this? Or, could we use LnS on multiple PCs if we payed for the standard licensing?
     
  5. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,779
    Let's not forget how light Jetico is also. Take a look at the program folder and files. It doesn't get much lighter than that... And it's also rule based like both LnS and Kerio, with perhaps more configurability too..
     
  6. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,779
    What I would do if you want to use it on 2 machines is just get in touch with the developer and ask the question. Maybe something could be worked out.
     
  7. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    I believe the LnS license key is based/generated per installation and would require separate licenses for each system it is installed on. Hopefully this will be clarified for you in the LnS forum where I moved and responded to your other post.

    Regards,

    CrazyM
     
  8. Slovak

    Slovak Registered Member

    Joined:
    Mar 4, 2004
    Posts:
    515
    Location:
    Medina, Ohio
    I would probably go with Kerio 2.1.5, and even though it is obsolete, you will most likely get better and faster support when you need it IMO.
     
  9. Matt_Smi

    Matt_Smi Registered Member

    Joined:
    Jul 7, 2004
    Posts:
    359
    A while later and I still never got a firewall; I am bumping this back up because these are still the top two contenders. I am probably just going to go for Kerio, it is free, I assume can offer protection equal to that of LnS and I would rather put my money towards Process guard instead LnS.
     
  10. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,873
    Location:
    SW. Oklahoma
    You seem to have given both firewalls a good look over. And in my opinion they are both very good Fw's. If it was me I would probably just go with the one that is the easiest to set up. They will both protect you so it may as well be the easiest one to use.
     
  11. Arup

    Arup Guest

    If you are worried about fragmented packet issue with Kerio, Harden IT, a freeware from www.yasc.net will solve that for you by strengthening your TCP layer against frag packet attacks, also if you want to be doubly secure running Kerio, for a very nominal memory load, you can install CHX with its default WAN ruleset, that would give you all the protection without cost.
     
  12. Trooper

    Trooper Registered Member

    Joined:
    Jan 26, 2005
    Posts:
    2,824
    I am having the same dilemma myself. I have narrowed it down to those two as well.

    I am not great with rules either. I think I may go for LnS myself. It is easier to setup imho. Even tho Kerio is free. o_O

    I tried BZ's ruleset but it was more difficult (to me anyway) to get it going. The constant prompts were also annoying as well.

    Its really up to what u feel comfortable with imo.

    HTH,

    Jag
     
  13. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,779
    Just one comment on Look N Stop 2.05p2. I gave it a test drive here for a few days just recently and I liked it a lot, but it seems to have some kind of memory leak on my system anyway. It starts out at about 2.7 mb ram usage, and then over a period of about 36 hours rises up to over 14 mb of ram usage. Virtual memory usage also climbs as well. Somehow this doesn't seem quite right. It should stay down in the 5 mb range like Kerio 2, or at worst perhaps 9 mb like Jetico. So there appears to be a problem there. You might take that into consideration, or test it there on your system to see if you get similar results.
     
  14. squash

    squash Registered Member

    Joined:
    Mar 25, 2005
    Posts:
    313
    I use:
    Kerio 2.1.5 - 2MB of resources because it is free and light.

    But LnS seems to also be a good solution, if you can afford it.
     
  15. ghost16825

    ghost16825 Registered Member

    Joined:
    Feb 1, 2005
    Posts:
    84
    This is completely false. Leaktests in 99% of cases depend on your ruleset. Most leaktests are also testing application sandboxing ability, which is not strictly firewall related. Passing or not passing leaktests should have nothing to do with updates. As I have stated in another thread, I would not be surprised if updates to 'fix' particular leaktests target the specific leaktest only, not all leaktests which could use the same exploitation method.
     
  16. noway

    noway Registered Member

    Joined:
    Apr 24, 2005
    Posts:
    351
    With Kerio, you can restrict/permit EACH app to a port/ip address, etc. For example you could restrict IE6 not to go to a certain IP Address but allow it with Firefox. With L & S the rule to restrict to a certain IP Address/port etc
    would apply to ALL apps. Perhaps L & S may allow finer control for apps in
    some future version, but for this reason + the fact that Kerio is free and that
    I prefer the Kerio interface, I vote Kerio.
     
  17. Trooper

    Trooper Registered Member

    Joined:
    Jan 26, 2005
    Posts:
    2,824
    Kerodo,

    I too noticed the same exact thing but I think I know what it is, at least on my system. If you go into your log and see a lot of activity in it, clear it out and the memory drops right back down to where it should be.

    I am not saying I am totally for LnS, but its seems pretty good. Kerio is just too hard to configure (for me at least).

    Regards,

    Jag
     
  18. marceli7

    marceli7 Registered Member

    Joined:
    May 6, 2005
    Posts:
    33
    Wrong! AFAIK U can make a rule with "app trigger". It means that certain rule is valid when certain application is running. Am I right? So U can block IP address when running for ex. IE.
     
  19. noway

    noway Registered Member

    Joined:
    Apr 24, 2005
    Posts:
    351
    I stand corrected. You can make a rule with an "app trigger" with L & S.
     
  20. marceli7

    marceli7 Registered Member

    Joined:
    May 6, 2005
    Posts:
    33
    OMG! Sorry! Shame on me. I’ve read yours:
    "With L & S the rule to restrict to a certain IP Address/port etc would apply to ALL apps."
    and understand it wrongly. U meant "certain / specified" app like I see now. Sorry again. Shame on me :oops:
     
  21. noway

    noway Registered Member

    Joined:
    Apr 24, 2005
    Posts:
    351
    Actually your post led me to an option I hadn't understood before, because when I had briefly tested L & S a while back and looked at the help file I thought it would mean that the deny rule would be effective for ALL apps when "triggered", but I tested it out a few minutes ago and put Opera only as the trigger (and it wouldn't go to the banned IP Address) and tried connecting to the same address using IE6 and it connected fine. So the rule applied ONLY for the trigger app and not to all apps following. I'll have to
    remember to check this out some more if I try L & S again.
     
    Last edited: May 14, 2005
  22. marceli7

    marceli7 Registered Member

    Joined:
    May 6, 2005
    Posts:
    33
    Hehehe... Nice to know it works because... My post was only assumption about how it should work :D
     
  23. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,779
    Jaguar - Yes! I tried this too, and found that all you need to do is open the GUI and look at the log. Then close it and ram usage is down at 3 mb or so again. HOWEVER! It then creeps backup to where it was very quickly. Check this out on your system and see if it's true for you. The problem seems to remain. I have stopped using it because of this...
     
  24. Trooper

    Trooper Registered Member

    Joined:
    Jan 26, 2005
    Posts:
    2,824
    Kerodo - Yes I stand corrected. Sorry for the initial findings here. It seems that yes if you open the gui it drops back down but after awhile I did notice that it crept back up (without anything in the log either).

    That being said I agree, looks like a memory leak to me. :( Sadly I doubt I will purchase LnS due to this either.

    What firewall are you using currently that you are happy with?

    Thanks and Regards,

    Jag

    P.S. Thanks for bringing this up! :D
     
  25. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,779
    Jaguar - Well, I tend to change firewalls frequently. But I do like CHX-I quite a bit. No app control though, so it might not be suitable for you. If you like LnS then Kerio 2 would be a natural choice also. And it's free. Jetico is also pretty good, but a bit annoying to configure. There are many. Right this moment I am giving Outpost Pro another try. When all is said and done, I guess I tend to revert back to either CHX-I or ZA Pro most of the time.
     
Thread Status:
Not open for further replies.