Kerio 2.15 and port 0

Discussion in 'other firewalls' started by benton4, Nov 4, 2007.

Thread Status:
Not open for further replies.
  1. benton4

    benton4 Registered Member

    Joined:
    Nov 29, 2004
    Posts:
    158
    Location:
    Oregon
    Kerio 2.15 does not recognize port 0. Any way to change that? I tried OA free, but it keeps messing with my other programs, so I'm back to Kerio. Any thoughts would be great. Thanks
     
  2. herbalist

    herbalist Guest

    Port 0 isn't clearly defined. On Unix, port 0 refers to using the first available port, treating it like a wildcard. Other operating systems respond differently to traffic on port 0.

    Port 0 traffic does not bypass Kerio.
    I used Shields Up to probe port 0 on my PC. Kerio 2.1.5 does recognize port 0 and blocks/logs incoming packets addressed to it.
    Port zero probe.gif
    Incoming packets to port 0 are blocked. Kerio won't allow port 0 to be specified in a rule. The only way I've found to get Kerio 2.1.5 to allow traffic to port 0 is to make a rule allowing incoming packets to all local ports, effectively a total bypass rule. Even when I did, the port scan showed port 0 to be closed. Unless you have a global rule allowing all incoming TCP/UDP traffic on any port, traffic using port 0 isn't a threat.
    Rick
     
  3. benton4

    benton4 Registered Member

    Joined:
    Nov 29, 2004
    Posts:
    158
    Location:
    Oregon
    Thank you, Herbalist. Port 0 shows closed on the Shields Up test so I was trying to get full stealth. It will have to do until I find something newer that plays nicely with my other software. Thanks again.
     
  4. herbalist

    herbalist Guest

    Shields Up shows port 0 closed and the rest stealthed? On mine and other PCs I've installed Kerio on, they're all stealthed. Are the scans of port 0 showing up in Kerio's log? The ones targeting port 0 will contain "localhost:0". Make sure that the "log packets addressed to unopened ports" option is checked. If the kerio log doesn't contain the entries shown in the image I posted earlier, either your ISP or another piece of hardware (modem, router, etc.) is intercepting the packets addressed to port 0.
    Rick
     
  5. Escalader

    Escalader Registered Member

    Joined:
    Dec 12, 2005
    Posts:
    3,710
    Location:
    Land of the Mooses
    Hi Rick:

    To do a Shields up I think I need to remove the hardware FW I have in front of my router since it claims to stealth all ports from the www.

    Does this make sense to you?

    As you know I get fuzzy on the router/ side of life! :oops:
     
  6. herbalist

    herbalist Guest

    Makes complete sense. The Shields Up scan will probe the first firewall it encounters, whether it's installed on the PC or on a separate piece of hardware connected ahead of the PC.
    Rick
     
  7. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    On your setup, you would need to remove the "Alpha shield", then DMZ the IP of your PC within the router. Dont do this.
    Set up, scan from your second PC on LAN (which you have)
     
  8. Escalader

    Escalader Registered Member

    Joined:
    Dec 12, 2005
    Posts:
    3,710
    Location:
    Land of the Mooses
    Hi Stem:

    In the 2nd PC on my Lan, I gather that shields up must have a way of specifying my PC as the scan target? I figured the alpha would go.

    I do have a procedure to dmz 1 of the 4 physical ports on the router believe it or not. Never used it. But I will hold.
     
Loading...
Thread Status:
Not open for further replies.