netveda

Protowall is the name of the ip blocker. [if you can't see the board, and don't wanna register, simply move to the downloads page]
http://www.bluetack.co.uk/forums/index.php?showforum=127

IP Blacklists are available for download. They may not be to your liking.

 

I have used Peer Guardian with Bluetack manager, pretty good stuff for enterprise level, not really needed for home users.

 

You guys are a lot more tech smart that I....but I'm sure I'm far older than
anyone here....so I have a different way of looking at things...and it may be
a left brain thing.
The bottom line....is that it is so old....that it is new...
My phone company.....sells it"s new business customers name to who knows
how many....."spammers" been in biz now about a year and a half...and still get
callers daily......My state used to sell car buyers names to ppl.
A retailler offered a free ISP service a few years back...just fill out a form
with questions number ppl in family ...income range...etc....I wonder how
many poor lambs filled that in....having complete trust in the company...and how many times that info was sold.
Why do you think double click ...ccw....and all the rest gather this information
in the GREAT DAtABASES IN SKY......the more info they have on you....
the more your name is worth....for resale.

Its just a high tech way of doing things....Just a little bit different slant
but samo samo bottom line......MONEY

 

Just a quick note here before I go to work.. I have been in touch with NetVeda about another issue. I believe that I am seeing fragmented packets getting thru here, just like Kerio 2. Same scenario. They asked me if I would like to see an option to block fragmented packets and I said Yes, that would be excellent. So perhaps they'll add that soon. And even if I am wrong here, it will add some further peace of mind and security to the product. Other firewalls have the ability to block fragments, so it would be excellent to see this in Netveda as well.

 

Kerodo,

Does Jetico block fragmented packets? I know that it blocked Wallbreaker pretty effectively.

 

Arup, yep, I have no troubles with Jetico. If you look in the Internet section (I think), there's a specific rule to block fragmented packets. I never had any problems with Jetico.

The whole fragmented packet phenomenon is interesting. Running Jetico, Sygate or Look N Stop, I can see the fragments come in (in the logs) maybe 6 to 8 times a day. There's always a pair of UDP packets. One fragmented and one along with it (same exact time) to port 1026. I believe it's just messenger spam and they're trying to use the fragmented packet thing to get past some people's firewalls. Anyway I can see them in the logs. I have no router, just a cable setup here. If you're running a router you'd never see them. And probably not if you're on dial-up either.

When one gets thru Kerio 2 or Netveda, I see an immediate outbound icmp type 3 code 3 to the address of the sender (not my dns servers address). This means that the UDP fragment got thru the firewall to the OS, and the OS is responding with the outbound icmp type 3 code 3 (port closed). I saw it yesterday in Netveda, just like Kerio 2.

I'm sure that's what's happening, but I suppose there's some slight chance that I'm wrong. But those are the only two firewalls I've ever seen it happen in, and I've tried dozens here.

The good news is that NetVeda is likely to add an option to block them, so that's nice. With Kerio 2, you have to live with it because it's no longer being supported or worked on.

Again, whether it's even a valid concern or not is another question. Incoming UDP to a closed port is of little concern. I wouldn't worry about it much I guess. I think it's just interesting when I do see it happen. NetVeda seems to be interested also. I'd look for (hopefully) this option in the next release if there's time.

 

K,

I saw that rule too, although in Jetico, by default, they are set to 'Accept', I set them to 'Reject', Jetico is truly a very good program and as others have mentioned, a good successor to Kerio 2.15 What it really needs is a better interface for rules, like one in NetVeda.

 

I didn't know it defaulted to accept. I thought it was reject. Should be anyway.. The Jetico interface is a little weird and something one has to adjust to I guess. I kinda liked it first time I saw it, but later thought that it was overly complex and a little difficult to use. Still, it's a good one..

Seems like most people around here are early birds instead of night people. I get up late around 10:00 or so and find a thousand new posts already. At night it slows down considerably.

 

K,

I am in India, it is 12 in the afternoon here.

 

Wow.. I guess you have a point. I tend to think that everyone is in my own time zone. My mistake!

 

No problem, we all tend to do that from time to time, one question about Jetico, do you get services.exe popping up from time to time, even though you have put in in the services zone rule already?

 

No, I don't get any popups from Services.Exe. Only thing it does here is DNS lookups. I never see any prompts though...

 

Strange, I get services.exe pop ups at least once in a day.

 

Arup,

I have spent a bunch of time in India, although it has been a while since my last trip. Fascinating place.

Re: Jetico. What that baby needs, in addition to a lot of regular firewall features they left out, is to cut down on the user interaction. Too many requests for network access from programs that do not actually connect out.

 

Diver,

Next time you come down here, be my guest. What exactly fascinated you about India? I am curious, PM me.
I have moved back to India after 17 years in NY, so for me, it is another learning process, left India when I was 16.

 

Arup - Re: services.exe, you might take a closer look at what Jetico is telling you in the prompts for services.exe.. i.e., is it trying to connect to some remote address and port, or is it just trying to access the network, etc etc. That may give you a clue as to what's going on. Could possibly be something unsavory.. hard to tell though. The only thing services.exe does here (on Win2k) is dns lookups only to my dns servers, never anything else, ever.

 

K,

That was the first thing that stuck me, however, this was a app related pop up and not an access to network type, funny thing is that the new Jetico looses connection with LAN after 10 minutes or so and I have to hit Allow All and then Optimal to get LAN access. I have done a thorough scan with Avast, Ewido, a2, Clam and BitDefender so dont think there is any chance of a virus left.

For the time being I am back with the trustworthy Kerio 2.15+BZ with SSM.

 

You guys are going WAY OFF TOPIC here can we please try to keep it to netveda. If you have problems with another firewall then start another thread or pm each other please this ones getting long already. ty!!!

 

anonymous moderation!
LOL

 

Yeah, that's a good one eh no13?

He does have a point though.. But I don't see how you can stay on topic in any thread. The subject matter is always going to wander some no matter what you do...

 

Everyone-

Forgive me for bumping this thread and its previous 50 off topic posts. However, I did get around to taking a look at Netveda. It did not use much memory. Like Hipgnosis, I could not get it to allow netbios inbound from trusted lan addresses. The interface is, from my point of view, frustrating. Sorry that I can not be more specific, it just did not impress me. Anyone can quote me on that, but try it yourself. After all, it is free.

 

It might become pretty good in the future, but it did have a lot of features that I don't make use of. Can't say about the LAN problem as I don't have one here. Seems like another potentially good firewall which needs a little more work.