Sorry, another question with firewall (kerio 2.1.5)

Hi, I'm still stuck with this free firewall questions...
I tried using Comodo, but it really doesn't suit me.
It slows down my pc, hard to uninstall, slows down my internet connection etc.

So the only *FREE* firewall that is *GOOD* (in my opinion)
is Kerio 2.1.5... with BZ rule set.

However, I heard someone saying that BZ rule set won't really help me,
because I have to optimize it correctly for my own pc setting.

Is that true? Is it also true that Kerio 2.1.5 is only suitable for pros who
can actually touch the settings?

Oh well, for a newbie like me, I think XP SP2 Firewall is my only choice...
Is there any firewall, that is easy to use, light on resource, and free?
Am I being too greedy? sorry...

Anyways, thanks for reading these annoying questions

-Omegakilo-

 

It was that firewall and a tutorial that expanded my knowledge on networking, and firewalls. This is the tutorial. Research every concept he tells you to, from Wikipedia or another good source. Wikipedia will explain most, if you get stuck on some, i can through another source if you want.
Then having read those, don't worry if you think you don't get the big picture. Read the rest of the tutorial, how he builds rules. THEN get the BZ ruleset and read what HE says about it. You will understand then.

This is a good path

 

first, sorry for my english ( i'm french ).

i think you should try this one : sygate
light, easy configuration and good protection, and doesn't slow down your connection
i used it for several years =>>never let me down !

http://dl1u.savefile.com/530175bae89e05b1731a6aa50d0659a5/spf5_5b2710.zip

 

I forgot to say, even though it's obvious, when you've read the concepts and read the rest of the tutorial, make the rules. Learning by doing applies here.

 

I've been considering kerio 2.1.5x as well, I have some basic idea of networking, but anyways, where does the tutorial site you listed have info on the BZ ruleset, and where can you download it?

 

The tutorial does not mention the BZ ruleset. But it is a comprehensive ruleset, and the OP mentioned it already.
I just think one should first know how to build rules, and how to use Kerio 2.1.5 first. Then import that ruleset and read the thread.
Having a hard look at the rules, and understanding them, one should adjust them to ones needs (deleting unnecessary rules etc.).

 

Well I already understand the basic principles of networking, so by reading the tutorial, looking up what I don't know, and then going from there I should be able to setup Kerio 2.1.5 for my system fairly easily then?

 

It is my understanding that yes, you will be able to use it.
The tutorial isn't the answer for everything, and there are always doubts of course.
I think it's a good way to go.

 

Thanks all of you for sharing ideas.
The knowledge of basic networking is really really hard for me to obtain...
I think it will take some time to get use to it.

 

Regarding the BZ ruleset, it's not designed to be a universal replacement for the entire ruleset. It's designed to function with most network setups and operating systems but is not matched to any specific system. It's not possible for it to be any different. The ruleset contain broad "permit" rules for many network configurations, most of which won't apply to a given system. The user would pick the one(s) that best match their setup, then edit the IPs to match those used by their local network. Likewise the DNS rules should be edited to match the IPs of your DNS servers.

One of Kerio 2's strengths is the control it gives over local connections, aka loopback connections. The standard loopback rule in BZs ruleset permits any application or system component to connect back locally to any port. The rule allows apps that use local connections to function but does nothing to control those connections. Without this rule, apps that require local connections wouldn't function. This rule should be replaced with rules that allow loopback connections only for the apps that require them. An example would be a rule that allows your browser to connect back to proxy software installed on the same PC, using a specific port.

First of all, you don't need to be a "pro". All you need is a basic understanding of how the internet works. Things like the format IP addresses use, what the basic protocols are (TCP, UDP, ICMP), what local and remote ports are and what some of the common port numbers are for, how DNS works, the difference between inbound and outbound connections, what the basic requirements of the apps you use are, etc. It doesn't need to be detailed knowlege, just the basics. Wikipedia was mentioned earlier as a good place to start. It's not as hard as it sounds. With a bit of study and practice, the average person could pick up a basic working knowlege in a day or 2. Items like loopback might take a bit longer. You don't need to master the subject to start. A ruleset can be treated as a work in progress.

The BZ ruleset has no rules for any specific applications. The user needs to add these for all apps that use the internet. It takes a bit of time but isn't that difficult. Whether you use the BZ ruleset or the default rules Kerio starts with, you're still better protected with the firewall than without it. The more you match the rules to your internet service and operating system, the stronger that protection becomes. You can do this at your own pace. With the majority of firewalls now using some form of automatic rule creation, the writing of good firewall rules is rapidly becoming a lost art. It's a shame as rules that are matched to your system, service and needs are much more secure than those made by the automatic rule creation components. If you need help, feel free to ask. Kerio has lots of users here.

Rick

 

Rick,
Thanks for your reply, I really appreciate it.
I'm kind of studying about the basic knowledge of the pc, internet, rules.
Wish me good luck
-Omegakilo