Hello , I have researched again and again but found no solution, I am getting pinged constantly by some chinese network to my port 1027, unfortunatley the NAV pops in first and allows me to block it, but with no possibility to creat a rule! The Kerio firewall does not pop in first ! How can I permanently block those ping requests so that I can create a rule and will not be asked again. Thanks in adavance for all the help !! Gio
Which version of Kerio? Do you have a Deny All Inbound rule at the end of your Kerio rule set? Regards, CrazyM
Thanks for your reply, (crash course) where exactly can I find the "deny all inbound rule" and will that not apply to all other inboound traffic ??
First we need to know which version of Kerio. If these are unsolicited inbound packets they should not be getting through and would indicate something is not configured correctly. In Kerio 2.1.5 the "Deny All Inbound" is not a default rule and one you need to create. Regards, CrazyM
I don't see what NAV has to do with anything(?). Are you running two firewalls, Kerio and NIS? The block all rule is typically put at the end of all the other rules, so it will be seen last, allowing all other allowed traffic to work properly first. Which Kerio (again)? Kerio 2.1.5 is quite different from Kerio 4.2.
Have you checked a site such as Gibson's Research Shields Up to make sure all ports are stealthed? Sounds like your still visable on the net.https://www.grc.com/x/ne.dll?bh0bkyd2
I have NAV as my AV protection but it also detects that particular ping request (I believe on their part it's detected as Internet worm protection,similiar to firewall).All I need to know is how to configure it so that Kerio comes in first and I can create a rule!!
Are these showing up in the Kerio logs at all? Have you tried disabling that functionality in NAV to see if Kerio then blocks and logs these? If NAV is in fact seeing these unsolicited inbound packets before Kerio you may be stuck with the alerts or disabling that part of NAV. Regards, CrazyM
Thanks , so far I have not received any new alerts , which means that the ping requests most probably are triggered by human input and not by computer automatic signals. However I am still researching and I know it's justa configuration problem.I will work it out. Thanks again GB
