I just purchased this little gem,after having so much stability issues with Outpost 4.0 not being other Software compatible, They so called fixed this,but I wouldnt consider what they did a fix, and yet still more bugs, "Oh Dear Agnitum Pull Your Socks Up" Anyway although I have a lifetime licence to Outpost, and Sunbelt Kerio is renewable every 12 months I must say I'm highly pleased with Sunbelt Kerio, it just as reliable as what Kerio was before Sunbelt Aquired the Company,and for the price that I paid $19.95 + $5 Discount Coupon I found on the Net making it $14.95 per year it's a Top Quality Firewall. It might not figure so well in leaktests, but who the hell cares anymore, leaktests are irrelivent if your ports are stealthed, and with Kerio they are. Plus not having bundled additions to make the program even more resource heavy than it should be ,as a standalone firewall Kerio is right at the top of the pile in several reviews
You appear to be contradicting yourself: Leaktests have nothing to do with your firewalls ability to drop unsolicited inbound "SYN" packets. Could you explain why you state that "leaktest are irrelevant if your ports are stealthed"
Since I am still evaluating what firewall software to install on one my PCs, I think the statement regarding that having all ports stealthed would make it difficult for a hacker to send you a trojan which will send outbound communications, hence leak tests (and the program's outbound control) are not that important. The Windows XP SP2 firewall shows all ports stealthed on GRC.COM, but there is no outbound communication control as everyone knows. So it would fail all leaktests. Does that mean that the XP firewall is adequate for most users? Maybe and maybe not. So if leak tests are irrelevant, then I would go with the XP firewall since it is free and not a resouce hog like all of the other third party software. I personally think that the termination properties of a firewall is more important than the leak test results. If a firewall can be shut off by malware, then that exposes you to a lot more possible problems than just the outbound control problem alone.
I dont see any contradiction Stem, I never actually said I didnt use a Firewall, even with this Kerio I'm quite aware hackers can break it. What I did say was I was pleased with its performance compared to the other named brand. As to the leaktests, have you ever experienced any leaks physically? I doubt you even know its going on, 12 months or more ago, nobody was paranoid like they are about leaktests like they are now, its only cause some silly ass decided to scream and shout about them that people took notice. theres always open ports on your Network, you must realize this, otherwise you wouldnt be able to connect to the net, the ones that are needed for a connection ,are the ones hackers target and kick your ass with, if they feel like. This argument could go on forever, but lets not sway from my Original Statement, I found a Firewall I like,and for my daily needs (hackers aside) it does its job well, regardless of the fact it can be bypassed or not ,(They All Can) As for leaktest being irrelevant, its the ports the hackers target, not whether or not your computer firewall leaks.
The contradiction I see, is the fact you first state that an hacker can gain entry through any firewall, and then state that "leaktest are irrelevant if your ports are stealthed". As I see most attacks these days, they are automated, and will normally consist of entry, with a dropped file/script (or other), most of this is done (as example) via unpatched windows services, or through the browser. So once this is done, there is certainly a need for leak prevention. Now dont misunderstand me, first of all, the point of being "Stealthed", this means nothing to me, a lot of users for some reason think this will protect them, but as you have mentioned this is partly true, there should not actually be an open port, as this would indicate an application is listening on port and allowed inbound connections. This is one of the reasons I always try to put forward the need to configure firewall rules correctly for browsers, and not to simply "allow all" comms, or place the browser into a "trusted zone" within a firewall. It is a fact, that the only time you can be fully "Stealthed" is when you are not connected to the internet at all. Correct filtering of packets can go a long way in attack prevention. Good to hear. Just remember to use the advanced rules, and keep a tight ruleset for your applications. With my own PC`s, no, I have yet to be breached, and would certainly know if I had. But I have seen to many other users who have, and HJT logs which show keyloggers/trojans to simply say leak prevention is irrelevant. Well, as more and more users now use their PC`s for, example, online banking etc, there is a need to alert users to the possibility of leaks. I can understand firewall manufacturers now including "leak prevention" as a lot of users simply do not set up their firewall correctly to block inbound attacks, or take correct measures to protect personal info. Are you arguing?, I am simply have a discussion. It is in fact the application/service on the port that is attacked.
Hello, DVD, the fatalistic approach - they can pwn me if they like - does not really help you. Computers are no black magic. Even the best hackers - and here I'm talking about people who really understand the bowels of the computers and operating systems and are pretty good in math - must still obey the architecture. Invest time in learning the architecture, even the basics, and you will realize that it all comes down to very simple things. And now, DVD, if you say that a hacker can break through - this means you believe or know that he can - can you explain how he might do that? Have fun? Mrk
I could explain,but I'm not going to, all you need to know is Somewhere someplace, someone is watching you
all the versions of kerio crashed my system at times but i play multiplayer online, p2p, etc. so it's tough for a firewall.
