LNstop and Kerio 2.15

Discussion in 'other firewalls' started by sinbad370, May 29, 2005.

Thread Status:
Not open for further replies.
  1. sinbad370

    sinbad370 Registered Member

    Joined:
    Mar 1, 2005
    Posts:
    68
    Location:
    Georgia
    I have a PIII computer (old) 768 meg ram so resource usage is important, I am currently using LNstop with Phantoms rules. I see many posts about Kerio 2.15 with blits rules. I am cureouse as to between the two of them, witch one offers (configured max protection) a more secure system and is lighter on resources (exclude the mem leak question - that hasn't been confirmed yet LNS). I haven't tried 2.15 yet. I prefer to get your thoughts on these two apps before i consider installing 2.15.
    Thanks
     
  2. Arup

    Arup Guest

    Stick to LnS, it does not have any vulnerabilities and is a newer firewall than Kerio 2.15 and supported fully, Kerio is an excellent firewall when combined with BZ rules but it is old, has a minor fragmented packet vulnerability issue.
     
  3. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,786
    I would stick with LnS also, however, I can confirm the memory leak problem. I tested it for several days and saw ram usage grow from 3.5 mb to 15 mb in a day and a half on 2 different occasions. Just because Frederic doesn't acknowledge the problem doesn't mean it doesn't exist. It most certainly does on my machine. Only way to find out for sure is to try it yourself though.. :)
     
  4. sinbad370

    sinbad370 Registered Member

    Joined:
    Mar 1, 2005
    Posts:
    68
    Location:
    Georgia
    I also noticed that Frederic doesn't look at it as a leak. o_O?.
     
  5. Stephanos G.

    Stephanos G. Registered Member

    Joined:
    Mar 29, 2005
    Posts:
    720
    Location:
    Cyprus
    Today i switched from LnS to Kerio 4 beta version. Looks better than Lns although i am not specialist.
     
  6. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,786
    I haven't kept up with the thread over at the LnS forum, but it doesn't matter what you call it in my opinion, it's still a problem of some kind and needs addressing. It was apparent that it was using more and more ram without releasing it, both normal and virtual memory.

    If it weren't for this little problem, I would probably be using it now and would perhaps have purchased it. But as it is now, I am using Outpost Pro with good results.
     
  7. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,786
    I tried the latest Kerio 4 beta yesterday since I do like Kerio, but it does use much more ram than LnS for example, so you have to accept that to begin with. Kerio 4 beta also seems to have some problem with the proxy type stuff in Avast. Kerio only asked me for permission for the web shield to connect out and not the individual browsers I ran. So you will not be asked about any of the "approved" browsers that Avast filters for, which bothers me a little. I would like to see it ask me for every program that tries to connect out.
     
  8. Trooper

    Trooper Registered Member

    Joined:
    Jan 26, 2005
    Posts:
    2,825
    Kerodo,

    Same here and as you know, I have the memory leak on my machine as well. :doubt:

    I feel the same however, it needs to be addressed. For now, I am not running a sw firewall just using the XP one and my router.

    If it were up to me to decide between Kerio and LnS, I would have to say it's a tossup.
     
  9. Stephanos G.

    Stephanos G. Registered Member

    Joined:
    Mar 29, 2005
    Posts:
    720
    Location:
    Cyprus
    Hi Kerodo,
    strange but kerio 4.2 asks me for any app that tries to connect in or out. Really i find it more friendly than LnS which i have to install some rules that i cant understand. Also there are many other functions that r missing from LnS.
    Thanks
     
  10. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,786
    I think that if you are using Avast AV and have the web shield turned on, then Kerio will not ask you for IE or Firefox permission. It WILL ask you for permission for Avast's web shield, but not the individual browsers that Avast supports.

    I will have to check the final 4.2 when it's released to see if this changes...
     
  11. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,786
    I liked them both as well. Just couldn't live with the LnS leak though. Right now I am using Outpost Pro and liking it pretty well. Seems to do a good job. :)
     
  12. Trooper

    Trooper Registered Member

    Joined:
    Jan 26, 2005
    Posts:
    2,825
    Kerodo,

    Glad you are liking Outpost, I know it's a good firewall. I stopped using it some time ago as I got frequent BSOD's. I have heard others complain of this as well, so I do not think it was just something with my system alone.
     
  13. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,786
    I had great luck with 2.6, and am going to try 2.7 again in a few days after I am done messing with BlackIce here.

    I had an unpleasant experience when I tried to just install 2.7 as an upgrade over top of 2.6. It told me that it removed 2.6 successfully, and then rebooted and continued to install, but when it finally got to the part where it "updated system settings" or some such message, it just hung there forever. Tried it several times, tried reinstalling 2.6 and tried to then remove it, but it wouldn't uninstall then. Finally had to manually remove everything and delete all the registry entries I could find, along with the stuff in hidden devices in device manager, and then finally got 2.7 to install ok without any hangups.

    Whew... :)

    Anyway, I am looking forward to trying out 2.7 shortly.. It's a good firewall. I think if I had just uninstalled 2.6 first, then I probably wouldn't have had any problems.. Outpost is now one of my favorites at any rate...
     
  14. Trooper

    Trooper Registered Member

    Joined:
    Jan 26, 2005
    Posts:
    2,825
    Kerodo,

    If memory serves me correctly, OP was sort of a resource hog was it not? Or amd I mixing it up with the newest Kerio?

    In any event, I also wonder if the BSOD problems have been fixed. Also OP is not free correct?
     
  15. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,786
    On my machine, Outpost used about 10-13mb. I wouldn't call that a resource hog, no. That's not bad.

    I had troubles with the new 2.7 so I am back to Kerio 2 for now. 2.7 failed to install, so I had to manually run install.exe in the OP folder and then restart. That installed it. Since the install failed, the uninstall wouldn't work either. It complained about a bad install.log file and refused to run. So I had to manually remove OP.

    Also OP crashes at Windows shutdown on my machine, putting errors in my event viewer. Couldn't get that to stop. The fix was to manually shut down Outpost from the tray first, then shut down windows. Too much trouble for me, so I will wait for a future version to fix these problems before I try again.

    Meanwhile I'm running my favorite, good old Kerio 2.1.5. :)
     
  16. Trooper

    Trooper Registered Member

    Joined:
    Jan 26, 2005
    Posts:
    2,825
    That is good to know regarding OP. Thanks for the heads up.

    As far as Kerio 2.1.5, I always found it a bit intimidating with all of the rulesets. Much more so than say LnS.

    Perhaps I will give it another look. I peeked at BZ's rules but they did not make much sense to me. Altho I am by no means an expert at firewalls which is most likely my downfall when it comes to Kerio 2.1.5.
     
  17. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,786
    Kerio 2.1.5 takes a little work when it's new to you, but it's worth the effort. It is one of the best IMO. Light, gets the job done and it's very configurable.
     
  18. Trooper

    Trooper Registered Member

    Joined:
    Jan 26, 2005
    Posts:
    2,825
    Kerodo,

    I could not agree with you more. After getting some help from Rmus and his tutorial, I could not agree more. :)

    I was able to create my own rules after that, use some of BZ's ruleset and had ghost look em over on dslreports.

    This firewall is very light and configurable for sure! I do not know what I waited so long to give this firewall another chance. So far, I am liking it a lot. And, it's FREE!

    Regards,

    Jag
     
  19. halcyon

    halcyon Registered Member

    Joined:
    May 14, 2003
    Posts:
    373
    That's not necessarily a leak. It's just growing memory allocation.

    AFAIK, LnS has no memory leak, but I could be wrong.

    It'd be interesting if you could show how the memory LnS has allocated is not freed up, when you quit LnS. This would be a memory leak.

    Or if LnS would end up consuming all of your memory (or just enough to slow the system down a lot). This would also be a memory leak (secondary).

    Can you show a detailed information that LnS has a memory leak (definition of a memory leak : http://en.wikipedia.org/wiki/Memory_leak )?

    Thanks!

    best regards,
    halcyon

    PS I think Kerio is MUCH easier than LnS (for those not having tried both). I think LnS is very nice in many regards, but the lack of specific application filtering rules and needlessly obscure interface lower its mark in my book.
     
  20. sinbad370

    sinbad370 Registered Member

    Joined:
    Mar 1, 2005
    Posts:
    68
    Location:
    Georgia
    I haven't ever tried Kerio. I think I will give it a go.
     
  21. gnwd

    gnwd Registered Member

    Joined:
    Aug 15, 2005
    Posts:
    23
    I am considering the rule of LnS: "authorize most common internet services"
    is too loose.
     
    Last edited: Sep 6, 2005
  22. Kye-U

    Kye-U Security Expert

    Joined:
    Jun 11, 2004
    Posts:
    481
    I tried LnS before, and I experienced a big slowdown in the Apps list (when adding/modifying an App-specific filter). If you have too many Applications, it will take a long time to open the list, and sometimes there are duplications.

    Using Kerio 2.1.5 right now.
     
Thread Status:
Not open for further replies.