Sign in with
Sign up | Sign in
Your question

Tutorial for Kerio 2.1.5 ?

Last response: in Networking
Share
Anonymous
a b 8 Security
May 16, 2004 2:08:36 PM

Archived from groups: ntl.discussion.broadband.cm,uk.telecom.broadband,comp.security.misc,comp.security.firewalls (More info?)

I have been using Kerio 2.1.5 on XP Pro for a few months. The PC
is standalone, at home and connected to the Net by cable.

When I look through the list of programs I am blocking I can't
really make much sense of what XP needs or doesn't need.

Also I can't make a lot of sense of how Kerio works - for example I
am struggling to do things like (1) export my list of Open
Connections At Local Host and (2) export my Firewall Configuration.

Is there a web site or group which helps new Kerio 2.1.5 users or
even tells them what they need to set up for basic broadband
surfing.

More about : tutorial kerio

Anonymous
a b 8 Security
May 16, 2004 7:38:14 PM

Archived from groups: ntl.discussion.broadband.cm,uk.telecom.broadband,comp.security.misc,comp.security.firewalls (More info?)

Nick H wrote:

> Jackeline D wrote:
>
>> I have been using Kerio 2.1.5 on XP Pro for a few months. The PC is
>> standalone, at home and connected to the Net by cable.
>>
>> When I look through the list of programs I am blocking I can't really
>> make much sense of what XP needs or doesn't need.
>>
>> Also I can't make a lot of sense of how Kerio works - for example I am
>> struggling to do things like (1) export my list of Open Connections At
>> Local Host and (2) export my Firewall Configuration.
>>
>> Is there a web site or group which helps new Kerio 2.1.5 users or even
>> tells them what they need to set up for basic broadband surfing.
>
> Yes, there is a user forum at http://www.dslreports.com/forum/kerio.
> look for BZ's sticky at the top. Also look at the Kerio and pre-v3.0
> Tiny PFW FAQ. There is also a group on Yahoo which I have not tried.
>
> V2.1.5, which I run, is well regarded. V4.x.x is slated as still being
> very buggy.
>
> I think some of BZ's anti-spoofing rules are OTT, but if you're paranoid
> they may be good. If you run IE, make sure you have a local loopback
> rule or it will crawl. I would also block any e-mail program from
> accessing remote port 80 at any address. In reality, I allow mail
> programs to access the news servers and mailboxes explicitly by Port and
> IP address and deny anything else (but log it in case some of the
> addresses change as the newsgroup ones did earlier this year)
>
> Also look at
> http://homepage.ntlworld.com/robin.d.h.walker/cmtips/se... for
> how to set up the firewall security for basic broadband access (DNS and
> DHCP requirements)
>
> Nick
Jackeline,

Added to my last post, if you want to see which Win XP services you want
to have running have a look at http://www.blackviper.com/. You may be
able to disable a lot of stuff you're not using.

Nick
Anonymous
a b 8 Security
May 17, 2004 12:45:45 AM

Archived from groups: ntl.discussion.broadband.cm,uk.telecom.broadband,comp.security.misc,comp.security.firewalls (More info?)

If you don't know much what to let go and what to stop, I would strongly
advice you to get a router instead. By default, the NAT feature of it will
act as a basic firewall. If you get a SPI router, it would be even better.
It saves you from endless warning dialogue boxes. Most of them would so
logging too, which you can monitor all out going connection. A cheap router
cost you roughly 30 pounds which is more or less the same price as you paid
for some commercial firewall products.

In addition, you may get features like connection restriction, URL filter
etc, which is very useful if you have kids.

Here are few prices I gathered from ebuyer.com

NAT only
================
Linksys BEFSR41 (quickfind code: 37451)
35.09 GBP

Ebuyer 4 Port 10/100M Internet Broadband Router with USB Printer Server /
Origo BBR-1401 (quickfind code 52897)
27.02 GBP

U.S. Robotics Broadband Router with Paralell Print Server, USR 8000-02
(quickfind code: 44088)*
38.85 GBP

Netgear RP614 Broadband Router + 4 port 10/100 Switch (quickfind 35433)
38.11 GBP

With SPI
=======================
Linksys BEFSX41-Uk (ebuyer.co.uk , quickfind code: 45295)
50.25 GBP

Netgear FR114PUK (ebuyer.co.uk, quickfind code: 47104)
70.89 GBP


Anyway, this may sound a bit drastic but personally, I think it is a better
solution for novice users. So far my routers have saved me from MSBlaster
and Sasser Worms.

Regards

Garfield

* personally, I own a USR 8000-02 router. It is simple to configure, and
allow to connect my Kyocera FS1010 printer to the network.

"Nick H" <me@privacy.net> wrote in message
news:p kKpc.111$eP6.93@newsfe1-gui.server.ntli.net...
> Jackeline D wrote:
> > I have been using Kerio 2.1.5 on XP Pro for a few months. The PC
> > is standalone, at home and connected to the Net by cable.
> >
> > When I look through the list of programs I am blocking I can't
> > really make much sense of what XP needs or doesn't need.
> >
> > Also I can't make a lot of sense of how Kerio works - for example I
> > am struggling to do things like (1) export my list of Open
> > Connections At Local Host and (2) export my Firewall Configuration.
> >
> > Is there a web site or group which helps new Kerio 2.1.5 users or
> > even tells them what they need to set up for basic broadband
> > surfing.
> Yes, there is a user forum at http://www.dslreports.com/forum/kerio.
> look for BZ's sticky at the top. Also look at the Kerio and pre-v3.0
> Tiny PFW FAQ. There is also a group on Yahoo which I have not tried.
>
> V2.1.5, which I run, is well regarded. V4.x.x is slated as still being
> very buggy.
>
> I think some of BZ's anti-spoofing rules are OTT, but if you're paranoid
> they may be good. If you run IE, make sure you have a local loopback
> rule or it will crawl. I would also block any e-mail program from
> accessing remote port 80 at any address. In reality, I allow mail
> programs to access the news servers and mailboxes explicitly by Port and
> IP address and deny anything else (but log it in case some of the
> addresses change as the newsgroup ones did earlier this year)
>
> Also look at
> http://homepage.ntlworld.com/robin.d.h.walker/cmtips/se... for
> how to set up the firewall security for basic broadband access (DNS and
> DHCP requirements)
>
> Nick
Related resources
Anonymous
a b 8 Security
May 17, 2004 2:18:03 AM

Archived from groups: ntl.discussion.broadband.cm,uk.telecom.broadband,comp.security.misc,comp.security.firewalls (More info?)

Garfield wrote:
> If you don't know much what to let go and what to stop, I would strongly
> advice you to get a router instead. By default, the NAT feature of it will
> act as a basic firewall. If you get a SPI router, it would be even better.
> It saves you from endless warning dialogue boxes. Most of them would so
> logging too, which you can monitor all out going connection. A cheap router
> cost you roughly 30 pounds which is more or less the same price as you paid
> for some commercial firewall products.
>
> In addition, you may get features like connection restriction, URL filter
> etc, which is very useful if you have kids.
>
> Here are few prices I gathered from ebuyer.com
>
> NAT only
> ================
> Linksys BEFSR41 (quickfind code: 37451)
> 35.09 GBP
>
> Ebuyer 4 Port 10/100M Internet Broadband Router with USB Printer Server /
> Origo BBR-1401 (quickfind code 52897)
> 27.02 GBP
>
> U.S. Robotics Broadband Router with Paralell Print Server, USR 8000-02
> (quickfind code: 44088)*
> 38.85 GBP
>
> Netgear RP614 Broadband Router + 4 port 10/100 Switch (quickfind 35433)
> 38.11 GBP
>
> With SPI
> =======================
> Linksys BEFSX41-Uk (ebuyer.co.uk , quickfind code: 45295)
> 50.25 GBP
>
> Netgear FR114PUK (ebuyer.co.uk, quickfind code: 47104)
> 70.89 GBP
>
>
> Anyway, this may sound a bit drastic but personally, I think it is a better
> solution for novice users. So far my routers have saved me from MSBlaster
> and Sasser Worms.
>
> Regards
>
> Garfield
>
> * personally, I own a USR 8000-02 router. It is simple to configure, and
> allow to connect my Kyocera FS1010 printer to the network.
>
> "Nick H" <me@privacy.net> wrote in message
> news:p kKpc.111$eP6.93@newsfe1-gui.server.ntli.net...
>
>>Jackeline D wrote:
>>
>>>I have been using Kerio 2.1.5 on XP Pro for a few months. The PC
>>>is standalone, at home and connected to the Net by cable.
>>>
>>>When I look through the list of programs I am blocking I can't
>>>really make much sense of what XP needs or doesn't need.
>>>
>>>Also I can't make a lot of sense of how Kerio works - for example I
>>>am struggling to do things like (1) export my list of Open
>>>Connections At Local Host and (2) export my Firewall Configuration.
>>>
>>>Is there a web site or group which helps new Kerio 2.1.5 users or
>>>even tells them what they need to set up for basic broadband
>>>surfing.
>>
>>Yes, there is a user forum at http://www.dslreports.com/forum/kerio.
>>look for BZ's sticky at the top. Also look at the Kerio and pre-v3.0
>>Tiny PFW FAQ. There is also a group on Yahoo which I have not tried.
>>
>>V2.1.5, which I run, is well regarded. V4.x.x is slated as still being
>>very buggy.
>>
>>I think some of BZ's anti-spoofing rules are OTT, but if you're paranoid
>>they may be good. If you run IE, make sure you have a local loopback
>>rule or it will crawl. I would also block any e-mail program from
>>accessing remote port 80 at any address. In reality, I allow mail
>>programs to access the news servers and mailboxes explicitly by Port and
>>IP address and deny anything else (but log it in case some of the
>>addresses change as the newsgroup ones did earlier this year)
>>
>>Also look at
>>http://homepage.ntlworld.com/robin.d.h.walker/cmtips/se... for
>>how to set up the firewall security for basic broadband access (DNS and
>>DHCP requirements)
>>
>>Nick
>
>
>
Garfield,

I sort of agree with you but not fully. I have recently purchased a
Linksys BEFSX41, but you do have to watch carefully which firmware you
run. It is buggy. http://www.dslreports.com/ has some good forums to
research the problems of various makes and models.

One thing with any router is that it will only give you inbound
protection. Checking the router logs will not tell you which application
is making the connection. It is relatively easy to create a simple
set-up on a personal firewall such as ZoneAlarm. KPF needs a bit more
understanding but it is much more powerful (that is ZA Free vs KPF
Free). If Jackeline is concerned about which programs are allowed to
dial out, a router is not going to help. I run WinME, but in WinXP,
should svchost.exe be allowed to dial out? If so, should it be
restricted to certain servers or ports for its time synchronisation
function, or is it safe to give it unrestricted access (probably not).
How will a router help you with this?

Having said that, I would have thought, on balance, that if I had £40 to
spend on a firewall, it is probably better spent on a hardware firewall
than a software one. Then, if you want, go for a free software firewall
like KPF where any mistake you make with inbound rules is protected by
the router. The choice is personal. People will have very strong
feelings on this subject and you will find very polarised views.

Nick
Anonymous
a b 8 Security
May 17, 2004 3:32:17 AM

Archived from groups: ntl.discussion.broadband.cm,uk.telecom.broadband,comp.security.misc,comp.security.firewalls (More info?)

I agree and understand a router could only protect you from inbound
intrusions, however, from my personal experience, I oftenly press one OK
button too much as after a while you sort of fedup with all these endless
warning dialoug boxes from said ZoneAlarm.

I know router/ connection log won't stop out-bound connections, but it
should tell you where you have connected to, and hope the user can detect
any abnormalies, and rectify the problems.

Like many reports had mentioned lately, many people install these utility
software and forget about them. Which in turns, reduce their effectiveness
significantly.

I guess if you are caution about all connections, software firewall is
necessary. However, if you are a novice user, i.e. all TCP/IP means to you
is no more than 5 letters, then, the chance of the user can interpret the
(vague) warning message from firewall is very little (e.g. what does
svchost.exe attempts to connection 124.56.89.42 means average users?) Even
if you are a computer literate, worms oftenly uses names that is very close
to normal system program, i.e. lsasss.exe Which in many occassions, catch
even caution users.

I totally agree software firewalls have their place and value in internet
security. The question is, for an average user, does it worth all these
hassles? Personally, I hate pop-ups ad, but I equally hate excessive
warning message.

The bottom line is down to personal preference as mentioned by Nick

Regards

Garfield

* Linksys BEFSX41 is just an example. It has been around for a while now,
hence, many problems would have been looked into. A SPI router is
preferred, but in most cases, simple NAT would do the trick (SPI has been
implemented in many new routers as a standard now)


"Nick H" <me@privacy.net> wrote in message
news:p NRpc.544$eP6.197@newsfe1-gui.server.ntli.net...
Garfield wrote:
> If you don't know much what to let go and what to stop, I would strongly
> advice you to get a router instead. By default, the NAT feature of it
will
> act as a basic firewall. If you get a SPI router, it would be even
better.
> It saves you from endless warning dialogue boxes. Most of them would so
> logging too, which you can monitor all out going connection. A cheap
router
> cost you roughly 30 pounds which is more or less the same price as you
paid
> for some commercial firewall products.
>
> In addition, you may get features like connection restriction, URL filter
> etc, which is very useful if you have kids.
>
> Here are few prices I gathered from ebuyer.com
>
> NAT only
> ================
> Linksys BEFSR41 (quickfind code: 37451)
> 35.09 GBP
>
> Ebuyer 4 Port 10/100M Internet Broadband Router with USB Printer Server /
> Origo BBR-1401 (quickfind code 52897)
> 27.02 GBP
>
> U.S. Robotics Broadband Router with Paralell Print Server, USR 8000-02
> (quickfind code: 44088)*
> 38.85 GBP
>
> Netgear RP614 Broadband Router + 4 port 10/100 Switch (quickfind 35433)
> 38.11 GBP
>
> With SPI
> =======================
> Linksys BEFSX41-Uk (ebuyer.co.uk , quickfind code: 45295)
> 50.25 GBP
>
> Netgear FR114PUK (ebuyer.co.uk, quickfind code: 47104)
> 70.89 GBP
>
>
> Anyway, this may sound a bit drastic but personally, I think it is a
better
> solution for novice users. So far my routers have saved me from MSBlaster
> and Sasser Worms.
>
> Regards
>
> Garfield
>
> * personally, I own a USR 8000-02 router. It is simple to configure, and
> allow to connect my Kyocera FS1010 printer to the network.
>
> "Nick H" <me@privacy.net> wrote in message
> news:p kKpc.111$eP6.93@newsfe1-gui.server.ntli.net...
>
>>Jackeline D wrote:
>>
>>>I have been using Kerio 2.1.5 on XP Pro for a few months. The PC
>>>is standalone, at home and connected to the Net by cable.
>>>
>>>When I look through the list of programs I am blocking I can't
>>>really make much sense of what XP needs or doesn't need.
>>>
>>>Also I can't make a lot of sense of how Kerio works - for example I
>>>am struggling to do things like (1) export my list of Open
>>>Connections At Local Host and (2) export my Firewall Configuration.
>>>
>>>Is there a web site or group which helps new Kerio 2.1.5 users or
>>>even tells them what they need to set up for basic broadband
>>>surfing.
>>
>>Yes, there is a user forum at http://www.dslreports.com/forum/kerio.
>>look for BZ's sticky at the top. Also look at the Kerio and pre-v3.0
>>Tiny PFW FAQ. There is also a group on Yahoo which I have not tried.
>>
>>V2.1.5, which I run, is well regarded. V4.x.x is slated as still being
>>very buggy.
>>
>>I think some of BZ's anti-spoofing rules are OTT, but if you're paranoid
>>they may be good. If you run IE, make sure you have a local loopback
>>rule or it will crawl. I would also block any e-mail program from
>>accessing remote port 80 at any address. In reality, I allow mail
>>programs to access the news servers and mailboxes explicitly by Port and
>>IP address and deny anything else (but log it in case some of the
>>addresses change as the newsgroup ones did earlier this year)
>>
>>Also look at
>>http://homepage.ntlworld.com/robin.d.h.walker/cmtips/se... for
>>how to set up the firewall security for basic broadband access (DNS and
>>DHCP requirements)
>>
>>Nick
>
>
>
Garfield,

I sort of agree with you but not fully. I have recently purchased a
Linksys BEFSX41, but you do have to watch carefully which firmware you
run. It is buggy. http://www.dslreports.com/ has some good forums to
research the problems of various makes and models.

One thing with any router is that it will only give you inbound
protection. Checking the router logs will not tell you which application
is making the connection. It is relatively easy to create a simple
set-up on a personal firewall such as ZoneAlarm. KPF needs a bit more
understanding but it is much more powerful (that is ZA Free vs KPF
Free). If Jackeline is concerned about which programs are allowed to
dial out, a router is not going to help. I run WinME, but in WinXP,
should svchost.exe be allowed to dial out? If so, should it be
restricted to certain servers or ports for its time synchronisation
function, or is it safe to give it unrestricted access (probably not).
How will a router help you with this?

Having said that, I would have thought, on balance, that if I had £40 to
spend on a firewall, it is probably better spent on a hardware firewall
than a software one. Then, if you want, go for a free software firewall
like KPF where any mistake you make with inbound rules is protected by
the router. The choice is personal. People will have very strong
feelings on this subject and you will find very polarised views.

Nick
Anonymous
a b 8 Security
May 17, 2004 11:42:13 AM

Archived from groups: uk.telecom.broadband,comp.security.misc,comp.security.firewalls,opera.general (More info?)

"Garfield" <garfield_online@no_spam.lycos.co.uk> wrote:

> If you don't know much what to let go and what to stop, I
> would strongly advice you to get a router instead. By
> default, the NAT feature of it will act as a basic firewall.
> If you get a SPI router, it would be even better. It saves you
> from endless warning dialogue boxes. Most of them would so
> logging too, which you can monitor all out going connection.
> A cheap router cost you roughly 30 pounds which is more or
> less the same price as you paid for some commercial firewall
> products.


Thank you for the info.

Here is something odd. I Googled for "SPI" and tried to access
this page using my Opera browser:

<http://tanuki.homeftp.org:443/modules.php?name=News&fil...
id=70>

I got a popup message from Opera saying "Access to this port is
disabled for security reasons".

Why is this coming up? Is it due to Opera? I daren't try Internet
Explorer in case it lets some problem through!
Anonymous
a b 8 Security
May 17, 2004 2:53:17 PM

Archived from groups: uk.telecom.broadband,comp.security.misc,comp.security.firewalls,opera.general (More info?)

On Mon, 17 May 2004 07:42:13 GMT, Jackeline D <jenny@privacy.net> wrote:

> Here is something odd. I Googled for "SPI" and tried to access
> this page using my Opera browser:
>
> <http://tanuki.homeftp.org:443/modules.php?name=News&fil...
> id=70>
>
> I got a popup message from Opera saying "Access to this port is
> disabled for security reasons".

Well although I haven't actually been able to access the page, I
haven't received any nasty popup :) 

ant :) 
Anonymous
a b 8 Security
May 17, 2004 5:26:32 PM

Archived from groups: ntl.discussion.broadband.cm,uk.telecom.broadband,comp.security.misc,comp.security.firewalls (More info?)

"Nick H" <me@privacy.net> wrote in message
news:p NRpc.544$eP6.197@newsfe1-gui.server.ntli.net...
[snip]
>>V2.1.5, which I run, is well regarded. V4.x.x is slated as still being
>>very buggy.

I appeared on this scene only a few months ago (upgraded to Win2K
from Win95) and purchased KPF4, only to find out later that KPF2.1.5
is a far superior product.

> KPF needs a bit more
> understanding but it is much more powerful (that is ZA Free vs KPF
> Free). If Jackeline is concerned about which programs are allowed to
> dial out, a router is not going to help. I run WinME, but in WinXP,
> should svchost.exe be allowed to dial out? If so, should it be
> restricted to certain servers or ports for its time synchronisation
> function, or is it safe to give it unrestricted access (probably not).

It's ok for svchost to listen (UDP), it will whether you set a rule or not,
but you have to set a rule that denies any TCP input to svchost. Also set
similiar rules for SYSTEM
and MSTASK.
Anonymous
a b 8 Security
May 18, 2004 12:07:40 AM

Archived from groups: ntl.discussion.broadband.cm,uk.telecom.broadband,comp.security.misc,comp.security.firewalls (More info?)

"Jackeline D" <jenny@privacy.net> wrote in message
news:94EB672F3936A53F89A@194.168.222.122...
> I have been using Kerio 2.1.5 on XP Pro for a few months. The PC
> is standalone, at home and connected to the Net by cable.
>
> When I look through the list of programs I am blocking I can't
> really make much sense of what XP needs or doesn't need.
>
> Also I can't make a lot of sense of how Kerio works - for example I
> am struggling to do things like (1) export my list of Open
> Connections At Local Host and (2) export my Firewall Configuration.
>
> Is there a web site or group which helps new Kerio 2.1.5 users or
> even tells them what they need to set up for basic broadband
> surfing.

Yes.
A manual can be downloaded at
http://www.kerio.com/us/supp_kpf_manual.html
It's quite comprehensive.
l.
Anonymous
a b 8 Security
May 18, 2004 12:43:36 AM

Archived from groups: ntl.discussion.broadband.cm,uk.telecom.broadband,comp.security.misc,comp.security.firewalls (More info?)

"lubinok" <somebody@somewhere.con> wrote in message
news:gY8qc.44006$TT.22167@news-server.bigpond.net.au...
>
> "Jackeline D" <jenny@privacy.net> wrote in message
> news:94EB672F3936A53F89A@194.168.222.122...
> > I have been using Kerio 2.1.5 on XP Pro for a few months. The PC
> > is standalone, at home and connected to the Net by cable.
> >
> > When I look through the list of programs I am blocking I can't
> > really make much sense of what XP needs or doesn't need.
> >
> > Also I can't make a lot of sense of how Kerio works - for example I
> > am struggling to do things like (1) export my list of Open
> > Connections At Local Host and (2) export my Firewall Configuration.
> >
> > Is there a web site or group which helps new Kerio 2.1.5 users or
> > even tells them what they need to set up for basic broadband
> > surfing.
>
> Yes.
> A manual can be downloaded at
> http://www.kerio.com/us/supp_kpf_manual.html
> It's quite comprehensive.

PS I got the 2.1.5 Version of the manual last year.
This one is V4 and has more bells and whistles.
But should be of help .
The pdf version looks great.
l.
Anonymous
a b 8 Security
May 18, 2004 1:21:25 AM

Archived from groups: ntl.discussion.broadband.cm,uk.telecom.broadband,comp.security.misc,comp.security.firewalls (More info?)

"lubinok" <somebody@somewhere.con> wrote in message
news:Yt9qc.44012$TT.15438@news-server.bigpond.net.au...
>
> "lubinok" <somebody@somewhere.con> wrote in message
> news:gY8qc.44006$TT.22167@news-server.bigpond.net.au...
> >
> > "Jackeline D" <jenny@privacy.net> wrote in message
> > news:94EB672F3936A53F89A@194.168.222.122...
> > > I have been using Kerio 2.1.5 on XP Pro for a few months. The PC
> > > is standalone, at home and connected to the Net by cable.
> > >
> > > When I look through the list of programs I am blocking I can't
> > > really make much sense of what XP needs or doesn't need.
> > >
> > > Also I can't make a lot of sense of how Kerio works - for example I
> > > am struggling to do things like (1) export my list of Open
> > > Connections At Local Host and (2) export my Firewall Configuration.
> > >
> > > Is there a web site or group which helps new Kerio 2.1.5 users or
> > > even tells them what they need to set up for basic broadband
> > > surfing.
> >
> > Yes.
> > A manual can be downloaded at
> > http://www.kerio.com/us/supp_kpf_manual.html
> > It's quite comprehensive.
>
> PS I got the 2.1.5 Version of the manual last year.
> This one is V4 and has more bells and whistles.
> But should be of help .
> The pdf version looks great.

*PPS*. The 2.15 Manual can be downloaded from
http://www.asu.edu/it/fyi/comm/documents/Kerio/userguid...
I hope this helps.
l.
May 18, 2004 1:21:47 AM

Archived from groups: ntl.discussion.broadband.cm,uk.telecom.broadband,comp.security.misc,comp.security.firewalls (More info?)

Aye, and keep your virus definitions and spyware removal tools uptodate.
Prevention is better than cure!

B
!