Kerio and NAV

Discussion in 'other firewalls' started by Gio7707, Aug 6, 2005.

Thread Status:
Not open for further replies.
  1. Gio7707

    Gio7707 Registered Member

    Joined:
    Mar 26, 2004
    Posts:
    16
    Hello ,
    I have researched again and again but found no solution, I am getting pinged constantly by some chinese network to my port 1027, unfortunatley the NAV pops in first and allows me to block it, but with no possibility to creat a rule!

    The Kerio firewall does not pop in first !

    How can I permanently block those ping requests so that I can create a rule and will not be asked again.

    Thanks in adavance for all the help !!

    Gio
     
  2. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    Which version of Kerio?
    Do you have a Deny All Inbound rule at the end of your Kerio rule set?

    Regards,

    CrazyM
     
  3. Gio7707

    Gio7707 Registered Member

    Joined:
    Mar 26, 2004
    Posts:
    16
    Thanks for your reply, (crash course) where exactly can I find the "deny all inbound rule" and will that not apply to all other inboound traffic ??
     
  4. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    First we need to know which version of Kerio.
    If these are unsolicited inbound packets they should not be getting through and would indicate something is not configured correctly. In Kerio 2.1.5 the "Deny All Inbound" is not a default rule and one you need to create.

    Regards,

    CrazyM
     
  5. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,779
    I don't see what NAV has to do with anything(?). Are you running two firewalls, Kerio and NIS?

    The block all rule is typically put at the end of all the other rules, so it will be seen last, allowing all other allowed traffic to work properly first.

    Which Kerio (again)? Kerio 2.1.5 is quite different from Kerio 4.2.
     
  6. The Hammer

    The Hammer Registered Member

    Joined:
    May 12, 2005
    Posts:
    5,619
    Location:
    Toronto Canada
  7. Gio7707

    Gio7707 Registered Member

    Joined:
    Mar 26, 2004
    Posts:
    16
    Ok, version is 4.2.0, yes I have checked with GRC and the common ports are stealth !
     
  8. Gio7707

    Gio7707 Registered Member

    Joined:
    Mar 26, 2004
    Posts:
    16
    I have NAV as my AV protection but it also detects that particular ping request (I believe on their part it's detected as Internet worm protection,similiar to firewall).All I need to know is how to configure it so that Kerio comes in first and I can create a rule!! o_O
     
  9. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    Are these showing up in the Kerio logs at all?
    Have you tried disabling that functionality in NAV to see if Kerio then blocks and logs these? If NAV is in fact seeing these unsolicited inbound packets before Kerio you may be stuck with the alerts or disabling that part of NAV.

    Regards,

    CrazyM
     
  10. Gio7707

    Gio7707 Registered Member

    Joined:
    Mar 26, 2004
    Posts:
    16
    Thanks ,

    so far I have not received any new alerts , which means that the ping requests most probably are triggered by human input and not by computer automatic signals.

    However I am still researching and I know it's justa configuration problem.I will work it out.

    Thanks again

    GB
     
  11. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    Keep us posted on how you make out.

    Regards,

    CrazyM
     
Thread Status:
Not open for further replies.