Kerio and tooleaky?

I tried Tooleaky and it ran right through Kerio and said My firewall (kerio) is useless. If this is the case how do I fix it?

 

The current release version of Kerio (v2.14) does not handle this type of program hijacking or .dll injection.

One related post I found from the Kerio forum at DSLR:
http://www.dslreports.com/forum/remark,2823724~root=kerio~mode=flat

The v3.0x betas introduced measures to deal with this kind of potential vulnerability, but development stopped. Kerio is currently working on a new v3.5 which may be out shortly for beta testing. I would suspect it will also have measures to deal with this sort of thing.

For those not familiar with tooleaky:
http://tooleaky.zensoft.com/

Regards,

CrazyM

 

Hello,

You might run System Safety Monitor in conjunction with your FW and pass all
leaktests with flying colours.

Rgds,

 

I swictched to Kerio from Sygate cuz you're able to make a loopback rule. I didn't want progams piggybacking on Proxo. But now I see Kerio can't block this type of stuff. I wonder is McAfee firewall 4.0 will block piggybacks and tooleaky. Bloat up my computer to be safe. LOL I tried SSM and it gave me an error message. It don't work well with XP. I also tried LookNStop and it said something about a drive not installed. I don't know what that means but you know. Maybe I'll go back to Sygate and pray nothing piggybacks proxo will I'm online until they come up with a fix for it. Tanks guys for the help.

 

Hello,

SSM is at its best with WinXP

Don't hesitate to contact Max (bugsbunnyATe-mail.ru) if you encountered any problem.

Rgds,

 

I'll try it again. It could of been a bad install or a bad download. Thanks Jack.

 

Kerio and Proxo foil Tooleaky etc...

hi notageek - I use Kerio 2.13 and Proxo, and have always beaten tooleaky, leaktest and firehole, even when I used IE...

Do you mean that you do not get an alert that Leaktest wants access out, or that it gets out 'secretly'?

I have three simple rules that stop them all. I allow Opera/ Phoenix access to Proxo thru localhost:8080; I disallow any other apps any access to Proxo at all; and I allow Proxo full access out to any remote address;

When I run Leaktest or Firehole, Opera opens up and connects to my homepage, then I get an alert that 'Firewall Leak Test Utlity wants to connect to GRC' and I deny it....thats it...

Now, if you want it to be denyed, without any alert at all. then as I understand it you need the 'application blah blah filtering' that is supposed to be coming in the newer versions...

Now I may be wrong, I'm a novice and no one ever believes that I have always foiled leaktest, tooleaky and firehole, but its always worked for me. I think Tooleaky is hard wired to use IE, as it nevers even opens a connection on my machine, as far as I know...haha...

Good luck

dmc

 

Tooleaky sneaks out without me knowing it. Kerio has a slight learning curve. Maybe the new Kerio (whenever it comes out) might be a little better. But right now I'me waiting for the new Sygate or Outpost. I'm going to jump on the first one that comes out.

 

For those of you using SSM - Does it automatically work on all user profiles in WinXP Pro? Or does it have to be configured to do so?

I don't want to install it and then have the other users playing with it while I'm trying to learn what to do with it. Thanks. Pete

 

I haven't used it on XP, but it has a user mode, and can be password protected.
Its a small free program, so I think there is minimal risk in installing it and checking it out.
FWIW Pete, SSM is a must have in my security line up. If I had to choose between SSM and an AT, I would take SSM.
The best thing about it is that there are several exploits, aka leak tests, that have not even been discovered or publicized yet, and while firewall vendors will have to react to block them, SSM is already able to.

 

What the defference between SSM and Abtrusion Protector? Does it use less resource than Abtrusion Protection?

 

SSM protects all users but only the user that logs on at bootup will get the prompts for new applications. so another user that tries to install a new application will have no idea why they cant because the prompt will be on the original users screen.

 

Thank you, root and SC. I'm liking the sound of it more and more. Pete

 

Hello,

SSM uses about 6 Mo Ram on my system WinXP PRo, I don't remember how much for AP.

SSM is compatible with non NT OS AP is not.

The biggest issue with AP is that you must be ABSOLUTELY sure you OS is clean : when installing, it scans all exe and dll and everything is considered as trusted by default, as well an installed walware.

Rgds,

 

Thanks Jack.