| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 40629 | 2003-12-13 03:37:00 | Kerio's latest version... | Greg S (201) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 200078 | 2003-12-14 12:14:00 | I've been using the revamped version for about a month now and have added the updates as they become available I don't see any problems with the rules settings, I imported the old ones any way then decided to re-do them all by deleting them all and setting it to ask for permissions each connection attempt. It's just as configurable if not more so than the old version just a different layout. Cheers Murray P |
Murray P (44) | ||
| 200079 | 2003-12-14 20:32:00 | > I find it offers the same information Susan, in Overview|Connections, just need to expand out the individual programs . Yes, I know that . But I do not like having to "expand out the individual programs", I like seeing the complete overview that the old version gives . It is just something that needs getting used to probably . > I don't see any problems with the rules settings, I imported the old ones any way then decided to re-do them all by deleting them all and setting it to ask for permissions each connection attempt . I don't know if you have ICS on your computer, Murray, but if you have give Steve's probe test a run and see how "locked up" your system is with the default settings . You may be surprised . ;-) |
Susan B (19) | ||
| 200080 | 2003-12-15 00:38:00 | > I've been using the revamped version for about a > month now and have added the updates as they become > available > I don't see any problems with the rules settings, I > imported the old ones any way then decided to re-do > them all by deleting them all and setting it to ask > for permissions each connection attempt. It's just as > configurable if not more so than the old version just > a different layout. > > Cheers Murray P Ok it claimed to have imported by old rules as well... but my last 2 rules are block all incomming TCP and UDP. Guess what those 2 rules were not imported!! as the mass of prompt boxes for port 445 scans that followed my connection after install. Also the first time I ran Eudora the rule wizzard poped up even after it claimed to have imported my old rules which were all setup for Eudora. The same for all other apps. Just a note any rule for an application that allowed all incomming and outgoing traffic did import and work... So I thought to be fair I would try replicating the rules in the new version. After reading the help I found it is now the same as NPF in that the last rules to be actioned are the "application rules" so I figured I needed to put the rules at the bottom of the list of "detected" applications. But I could not find how to make a rule in that catagory that would disallow all incoming trafic.. also even if I had managed to do it any more "automatic" rules would be under the rules and have all there incomming trafic blocked and I would have to keep moving the rules, which I could not see how to do. Also with the old version I am able to block SYSTEM and svchost from any traffic, but not with the new version as they are in the "internal rules" and are allowed to do what ever they like by default, much like NPF. In fairness you can block off ports for them, but not any the "internal rules" concider being critical to system operation.. i.e. DCOM & SMB. All in all I will stick with the old version for now, I still think its the next best thing since AtGuard and we all know what Norton did to that! |
ugh1 (4204) | ||
| 200081 | 2003-12-15 01:04:00 | > I don't know if you have ICS on your computer, Murray, but if you have > give Steve's probe test a run and see how "locked up" your system is > with the default settings . You may be surprised . Hi Susan . No I don't use ICS . I use a switch and my adsl router is the gateway for the network . I didn't entirely trust the importation of the rules and as I had just done a fresh install of windows, patches and programs the MD5's would all be different anyway and I was getting alerts all over the place . I decided to start from scratch and set it to alert all so that I could make new rules as the need arose, ie, no default settings, no communications for any app or protocol without my say so or a new rule set . I've figured out since that I appear to have the full trial version (got xx days alert box) rather than the free version I thought I was updating to so, I may have more functionality than you (I'm still not sure how that happened, must have been day dreaming :) ) > > Ok it claimed to have imported by old rules as > > well . . . but my last 2 rules are block all incomming > > TCP and UDP . Guess what those 2 rules were not > > imported!! as the mass of prompt boxes for port 445 > > scans that followed my connection after install . Also > > the first time I ran Eudora the rule wizzard poped up > > even after it claimed to have imported my old rules > > which were all setup for Eudora . The same for all > > other apps . Just a note any rule for an application > > that allowed all incomming and outgoing traffic did > > import and work . . . See above to Susan B . > > So I thought to be fair I would try replicating the > > rules in the new version . > > After reading the help I found it is now the same as > > NPF in that the last rules to be actioned are the > > "application rules" so I figured I needed to put the > > rules at the bottom of the list of "detected" > > applications . But I could not find how to make a rule > > in that catagory that would disallow all incoming > > trafic . . also even if I had managed to do it any more > > "automatic" rules would be under the rules and have > > all there incomming trafic blocked and I would have > > to keep moving the rules, which I could not see how > > to do . > > Also with the old version I am able to block SYSTEM > > and svchost from any traffic, but not with the new > > version as they are in the "internal rules" and are > > allowed to do what ever they like by default, much > > like NPF . In fairness you can block off ports for > > them, but not any the "internal rules" concider being > > critical to system operation . . i . e . DCOM & SMB . Don't you have a System tab with; Permit, Ask and Deny options? or the Packet Filter in the Network Security tab? Cheers Murray P |
Murray P (44) | ||
| 200082 | 2003-12-15 01:23:00 | After some interesting reading, I'm going to stick with 2.1.4. Bye |
Peter H (220) | ||
| 200083 | 2003-12-15 01:37:00 | After reading this post (although not understanding what you`s are on about),it certainly boosts my confidence when asking for help at this forum.It`s quite apparent that a lot of effort/time is put in working things out amongst youselves,no doubt for the benefit of people like myself who will be needing help in future.So I would just like to say ,keep up the good work,it is most appreciated by those of lesser ability. Cheers A. P.S. Sorry for interupting your thread. |
albatross (343) | ||
| 200084 | 2003-12-15 01:42:00 | > Don't you have a System tab with; Permit, Ask and > Deny options? or the Packet Filter in the Network > Security tab? > > Cheers Murray P See comment on internal rules and also the Packet Filter has precedent over the application rules wich means if you block anything there it will affect the application rules.... so if I block all incoming TCP then no application will be able to receive any incomming traffic.. |
ugh1 (4204) | ||
| 1 2 | |||||