Kerio 2.15 and port 0

Kerio 2.15 does not recognize port 0. Any way to change that? I tried OA free, but it keeps messing with my other programs, so I'm back to Kerio. Any thoughts would be great. Thanks

 

Port 0 isn't clearly defined. On Unix, port 0 refers to using the first available port, treating it like a wildcard. Other operating systems respond differently to traffic on port 0.

Port 0 traffic does not bypass Kerio.
I used Shields Up to probe port 0 on my PC. Kerio 2.1.5 does recognize port 0 and blocks/logs incoming packets addressed to it.

Incoming packets to port 0 are blocked. Kerio won't allow port 0 to be specified in a rule. The only way I've found to get Kerio 2.1.5 to allow traffic to port 0 is to make a rule allowing incoming packets to all local ports, effectively a total bypass rule. Even when I did, the port scan showed port 0 to be closed. Unless you have a global rule allowing all incoming TCP/UDP traffic on any port, traffic using port 0 isn't a threat.
Rick

 

Thank you, Herbalist. Port 0 shows closed on the Shields Up test so I was trying to get full stealth. It will have to do until I find something newer that plays nicely with my other software. Thanks again.

 

Shields Up shows port 0 closed and the rest stealthed? On mine and other PCs I've installed Kerio on, they're all stealthed. Are the scans of port 0 showing up in Kerio's log? The ones targeting port 0 will contain "localhost:0". Make sure that the "log packets addressed to unopened ports" option is checked. If the kerio log doesn't contain the entries shown in the image I posted earlier, either your ISP or another piece of hardware (modem, router, etc.) is intercepting the packets addressed to port 0.
Rick

 

Hi Rick:

To do a Shields up I think I need to remove the hardware FW I have in front of my router since it claims to stealth all ports from the www.

Does this make sense to you?

As you know I get fuzzy on the router/ side of life!

 

Makes complete sense. The Shields Up scan will probe the first firewall it encounters, whether it's installed on the PC or on a separate piece of hardware connected ahead of the PC.
Rick

 

On your setup, you would need to remove the "Alpha shield", then DMZ the IP of your PC within the router. Dont do this.
Set up, scan from your second PC on LAN (which you have)

 

Hi Stem:

In the 2nd PC on my Lan, I gather that shields up must have a way of specifying my PC as the scan target? I figured the alpha would go.

I do have a procedure to dmz 1 of the 4 physical ports on the router believe it or not. Never used it. But I will hold.