Just tried PE demo and I'm very impressed. I have a question though. I'm using the Kerio firewall (WIN 95, rules block everything not explicitly allowed by a previous rule). I did not get any alerts from Kerio while using PE even though I did not make any rule to allow it. Is that because it does not open/use any ports or does it somehow bypass Kerio? It seems to work fine but I just want to understand what is going on before I decide to register it/keep it. Thanks.
Hello Emmanuel and welcome! Not using Kerio hard to answer your question but others will jump in for sure. In my fw i had to grant PE internet access and i wonder if you did such a thing somehow/somewhere in rules or other ways. Do you see actual connections, processses, if you try the utilities like whois and scrolling through spam emails, do you see the emails calling home to get the images displayed for you? PE itself doesn't open other ports then connecting to whois servers like you can see in the display. Can tell you i really love the tools, PE, TDS, WG and the others, having them all working together and jumping from the one to the other seemlessly, really like this experience!
Hello Emmanuel & welcome, PE will only require an outgoing connection when using one of the utilities (see the utilities menu) such as ping & traceroute. At all other times it is passive, just watching & recording the various connections. Enjoy Pilli
Emmanuel, Port Explorer only looks at/analyses existing sockets - it doesn't make any changes to existing sockets, or create any new sockets, so no firewall will alert as there is no reason to alert - nothing is changing. It's like when you run netstat, you wouldn't expect your firewall to alert then either - this is the same with Port Explorer.
I granted PE access to internet in the firewall, routine i guess and to be able to get whois results, but that is always because i ask for it.
Everyone: Thank you for your prompt replies! I had not used any of the utilities yet and that explains why I did not get any alerts from Kerio. I just tried whois and sure enough I got an alert. My main interest in the program was the process spying ability but now I love the utilities too (and made appropriate allow rules). Great program!!
Emmanuel, To keep things simple you might as well grant Port Explorer full network access, as there are no phone-home capabilities or anything that may warrant concern (feel free to use 3rd party packet-sniffers if you don't believe me) . Then you'll be able to use all components of Port Explorer without alerts from your firewall. Best regards, Wayne
Some firewalls like to block all programs which even load Winsocks, or load themselves into the LSP like Port Explorer. So it really depends on how paranoid your firewall is, most of them though only will alert when Port Explorer tries to connect to the internet through either "Check for new version" or Whois,Resolve,Ping, etc. -Jason-
It completely depends on your configurations, the program is not application based, its rule based, so when something is already permitted by your rules, it doesn't ask twice so the problem is in your configuration. Kerio isn't for everyone as you have to understand what all your rules, and the few settings you have permit otherwise your configuration can be too loose and restrictive at the same time for different things. The main reason for things like this are purely loose rules, or people running software proxy servers without restricting access to their localhost.