Kerio 4.2.b1 Added interesting things

Discussion in 'other firewalls' started by zorro zorrito, Jan 25, 2005.

Thread Status:
Not open for further replies.
  1. southcat

    southcat Registered Member

    Joined:
    Dec 27, 2004
    Posts:
    212
    Very interesting and useful function. :)
     
  2. no13

    no13 Retired Major Resident Nutcase

    Joined:
    Sep 28, 2004
    Posts:
    1,327
    Location:
    Wouldn't YOU like to know?
    Not much new there...
    just code injection and buffer overflow protection... aka HIPS
    NIDS was IDS before [which explains your shot of the logs screen]
    and "app behaviour blocking" was previously called app control. Nothing new there.
    Question: Can it block leaktests now, because it's seriously easier to use compared to tiny [just a couple of missing features, a slow logging window and the fact that it has some basic flaws - since patched - which meant I said G'bye to it.]
     
  3. no13

    no13 Retired Major Resident Nutcase

    Joined:
    Sep 28, 2004
    Posts:
    1,327
    Location:
    Wouldn't YOU like to know?
    http://www.kerio.com/beta_kpf_history.html
    This mostly confirmed whwatever I had said before ;)
    Have fun.
     
  4. Infinity

    Infinity Registered Member

    Joined:
    May 31, 2004
    Posts:
    2,651
    sounds nice to me, curious though about the leaktest and "dll injection protection" cause that wasn't "dll injection protection" with the previous releases.
     
  5. Kerio

    Kerio Guest

    These new features, looks like they are responding to Jetico's 1.0 release.
     
  6. no13

    no13 Retired Major Resident Nutcase

    Joined:
    Sep 28, 2004
    Posts:
    1,327
    Location:
    Wouldn't YOU like to know?
    @Kerio
    two things I find worth mentioning
    1. Betas take a LONG LONG time to develop
    2. Kerio and Jetico have different audiences [Kerio v4 Free would still pose a challenge to JPF due to ease of use ;)]
    I hope you understand what I want to say ;) :D

    @Infinity
    DLL injection was always there with ZA Pro and Outpost Pro and Sygate Pro and TPF ...
    About time they brought it up to speed... even the petite LnS and JPF were beating it EASY!!

    Edit: "DLL injection" isn't specifically mentioned.... "code injection", however, is.
    So all you "Grammar and punctuation" nuts, be gentle...please?
     
    Last edited: Jan 25, 2005
  7. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,779
    I may give it a try, but if they haven't fixed the completely bungled up network logging by this time then I refuse to use this firewall.
     
  8. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,779
    Well, I checked out the new 4.2 beta 1 and the duplicate logging problem still is not fixed. I just can't believe they haven't fixed this yet, even when many people have mentioned it in the Kerio forum. It's unreal.. Oh well... :p
     
  9. dukebluedevil

    dukebluedevil Registered Member

    Joined:
    Sep 14, 2002
    Posts:
    177
    I remeber back over a year ago when the first version 4 beta was out, the logging was screwed up way back then too which I don't think they fixed for the longest time either. It wouldn't log packets to unopened ports. Now its duplicate logging? Tiny/Kerio 2 never had any of these issues with logging and yet they can't seem to get it right in version 4. That is really messed up. The quality of there products seemed to have really gone downhill since the end of Kerio 2.
     
  10. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,779
    Now they have logging to unopened ports, but it's messed up. It's really a shame that they can't get something as simple as that straightened out, because otherwise I think it might be a pretty good firewall. The logging is very messed up in general. When using rules, you can't get them to log properly. If you have a rule say to block inbound tcp/udp to port 1026 and you enable logging, it doesn't log because it matches that rule, it logs because it matches an internal rule called "log packets to unopened ports". So you can't do things like create rules and then turn logging of that event off. It will always log any packet to an unopened port if you have that general option enabled. Pretty much sucks...

    The logging to closed ports was added later as an afterthought I think. I don't know how they got things into such a design mess, but they did. And it shows...
     
  11. dukebluedevil

    dukebluedevil Registered Member

    Joined:
    Sep 14, 2002
    Posts:
    177
    I think its safe to say that version 4 has been just one huge mess. :) Its unfortunate that they didn't just stick with and complete version 3 a long time ago. I don't even remeber having any logging issues with that version at all and it was just a beta. Instead they had to create a new fancy GUI and add some web filtering and waist even more time creating version 4. Kerio version 3 beta's looked kind of similar to Jetico's layout with the tree structure which I prefer over there current bloated GUI.

    If you look at the release history of version 4 its just pathetic all the stuff that they have had to fix. The quality in my opinion is just horrible. I have no plans on ever using Kerio again unless its there late great Kerio 2.1.5 version. I just don't have much faith in there current development team anymore. I prefer now to just watch firewalls such as Jetico, CHX-I, 8Signs, LookNstop, Tiny.
     
    Last edited: Jan 28, 2005
  12. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,779
    Yep, I totally agree...
     
Thread Status:
Not open for further replies.