Kerio in WinXP

Archived from groups: comp.security.firewalls (More info?)

I've been looking at personal firewalls and just tried Kerio 4.x (I use
2.1.x a whle ago on a Win2000 install and it worked fine). I basically
want to be told what is trying to get "out/in" to my network and only
allow things that I want. This may give me an idea if I get some nasty
internet infection.

After the install the system rebooted but failed to display the login
box. I booted up in Safe Mode and disabled the Kerio service and on
rebooting the login screen appeared, I was then able to start the
firewall manually (not the ideal fix...)

Whenever I changed the configuration to start the firewall automatically
the system would not display the login screen and had to be reset, I've
since removed Kerio from my system and am using the built in firewall
which isn't as good IMHO but I guess it does the job even though it's a
pain to configure.

Has anyone else had this problem?

Cheers

JP

OS: Windows XP Pro SP1 (all updates installed)
16 answers Last reply
More about kerio winxp
  1. Archived from groups: comp.security.firewalls (More info?)

    JP <ft00mch@hotmail.com> wrote in news:ODHuc.2668$ez4.619
    @pathologist.blueyonder.net:

    > I've been looking at personal firewalls and just tried Kerio 4.x (I use
    > 2.1.x a whle ago on a Win2000 install and it worked fine). I basically
    > want to be told what is trying to get "out/in" to my network and only
    > allow things that I want. This may give me an idea if I get some nasty
    > internet infection.
    >
    > After the install the system rebooted but failed to display the login
    > box. I booted up in Safe Mode and disabled the Kerio service and on
    > rebooting the login screen appeared, I was then able to start the
    > firewall manually (not the ideal fix...)
    >
    > Whenever I changed the configuration to start the firewall
    automatically
    > the system would not display the login screen and had to be reset, I've
    > since removed Kerio from my system and am using the built in firewall
    > which isn't as good IMHO but I guess it does the job even though it's a
    > pain to configure.
    >
    > Has anyone else had this problem?
    >
    > Cheers
    >
    > JP
    >
    > OS: Windows XP Pro SP1 (all updates installed)
    >

    Since you're using the XP FW, it's not a bad FW at all. IMHO, the XP FW
    is as good as the others and does its job in stopping unsolicited inbound
    traffic.

    http://support.microsoft.com/default.aspx?scid=kb;en-us;q321050#appliesto

    Soon with the release of SP2 for XP, the XP FW will have application
    control and has been programmed to get to TCP/IP connection at boot,
    which I think is a vulnerable spot and PFW(s) don't seem to cover this
    area.

    There is another element on the XP O/S that acts very much like a FW and
    is a good complement to any host based FW it runs behind and that's IPsec
    and is a very powerful piece of software that can protect a server or
    workstation. It too gets to the TCP/IP connection at boot and can stop
    inbound or outbound by port, IP or protocol.

    http://www.securityfocus.com/infocus/1559
    http://www.petri.co.il/block_ping_traffic_with_ipsec.htm

    The AnalogX file when implemented will provide instant protection. You
    may have to enable an APS SecPol Client service or two like POP3 and
    NNTP.

    http://www.analogx.com/contents/articles/ipsec.htm

    http://www.microsoft.com/technet/itsolutions/network/security/ipsecld.msp
    x

    You may want to look into *hardening* the XP O/S a little bit.

    http://www.uksecurityonline.com/husdg/windowsxp.php

    Duane :)
  2. Archived from groups: comp.security.firewalls (More info?)

    > My initial feeling about XP's built-in firewall is that it would
    >obviously let through traffic that M$ wants to let through without
    >asking me about it. You might as well trust a fox to guard the chicken
    >coop. I think a 3rd party firewall is inherently more trustworthy than
    >that of the OS vendor.

    If you don't trust Microsoft, you shouldn't install their operating system. If
    they really wanted to sneak in and steal your soul, no software firewall would
    protect you. They'd just include the bypass in the TCP/IP driver. An exterior
    hardware firewall might block the Evil Empire, but if you are really that
    paranoid, you shouldn't run Windows in the first place.
    --
    Dave "Crash" Dummy - A weapon of mass destruction
    crash@gpick.com?subject=Techtalk (Do not alter!)
    http://lists.gpick.com
  3. Archived from groups: comp.security.firewalls (More info?)

    In article <10bot1rjbvece51@corp.supernews.com>, dvader@deathstar.mil
    says...
    > > My initial feeling about XP's built-in firewall is that it would
    > >obviously let through traffic that M$ wants to let through without
    > >asking me about it. You might as well trust a fox to guard the chicken
    > >coop. I think a 3rd party firewall is inherently more trustworthy than
    > >that of the OS vendor.
    >
    > If you don't trust Microsoft, you shouldn't install their operating system. If
    > they really wanted to sneak in and steal your soul, no software firewall would
    > protect you. They'd just include the bypass in the TCP/IP driver. An exterior
    > hardware firewall might block the Evil Empire, but if you are really that
    > paranoid, you shouldn't run Windows in the first place.

    Sound advise from someone that doesn't understand that the same could be
    true in ANY OS. The Evil empire is not MS, but the massive number of
    lamers that post/hack all OS platforms for the fun of it.

    Windows platforms can be secured in a manner that will prevent
    infections from spreading, but, as many users are not technical, don't
    have a clue, don't even do any form of update, there is no expectation
    that it will stop. The same is true with non-technical Linux types,
    there are many holes in their OS/apps, and as long as they leave them
    unpatched they present easy targets. The real issue is the size of the
    target, the larger the target (MS) the more things that will attack it.

    While I use both platforms, and enjoy both, I'm almost hoping that Linux
    never makes it to the home user in the same level as the Windows
    platform has - once it becomes as big a target we'll have two (or more)
    versions of every virus running around the net and even more problems.

    --
    --
    spamfree999@rrohio.com
    (Remove 999 to reply to me)
  4. Archived from groups: comp.security.firewalls (More info?)

    JP wrote:
    > I've been looking at personal firewalls and just tried Kerio 4.x (I
    > use
    > 2.1.x a whle ago on a Win2000 install and it worked fine). I basically
    > want to be told what is trying to get "out/in" to my network and only
    > allow things that I want. This may give me an idea if I get some nasty
    > internet infection.

    <snip problem>

    > Has anyone else had this problem?
    > OS: Windows XP Pro SP1 (all updates installed)

    No, but I didn't like the overkill in Kerio 4 so I went back to version
    2.1.5, and it works perfect for me.
    You still can download version 2.1.5 and 2.1.4 from kerio.com (for example:
    http://eu.download.kerio.com/dwn/kpf/kerio-pf-2.1.5-en-win.exe)

    Good luck,

    GJ
  5. Archived from groups: comp.security.firewalls (More info?)

    Taking a moment's reflection, Leythos mused:
    |
    | Sound advise from someone that doesn't understand that the same could be
    | true in ANY OS. The Evil empire is not MS, but the massive number of
    | lamers that post/hack all OS platforms for the fun of it.

    I think the point was ... if you don't trust the software (any software)
    to that extent, then you shouldn't have it installed in the first place.
  6. Archived from groups: comp.security.firewalls (More info?)

    > I think the point was ... if you don't trust the software (any software)
    >to that extent, then you shouldn't have it installed in the first place.

    Exactly. Thank you. As a matter of fact, I have been using Windows client and
    server for over ten years without a single successful intrusion, infection or
    exploitation.
    --
    Dave "Crash" Dummy - A weapon of mass destruction
    crash@gpick.com?subject=Techtalk (Do not alter!)
    http://lists.gpick.com
  7. Archived from groups: comp.security.firewalls (More info?)

    In article <10bpg1d89sa6q7c@corp.supernews.com>, dvader@deathstar.mil
    says...
    > > I think the point was ... if you don't trust the software (any software)
    > >to that extent, then you shouldn't have it installed in the first place.
    >
    > Exactly. Thank you. As a matter of fact, I have been using Windows client and
    > server for over ten years without a single successful intrusion, infection or
    > exploitation.

    I've been working with computers, designing motherboards, designing
    code, etc... since the 70's and never had a single computer under my
    responsibility compromised. It's easy to do once you understand the
    threats and protection methods.

    --
    --
    spamfree999@rrohio.com
    (Remove 999 to reply to me)
  8. Archived from groups: comp.security.firewalls (More info?)

    "Leythos" <void@nowhere.com> wrote:
    > I've been working with computers, designing motherboards, designing
    > code, etc... since the 70's and never had a single computer under my
    > responsibility compromised. It's easy to do once you understand the
    > threats and protection methods.

    That background is hardly typical of the average Windows user, so
    protection is not as simple to most of us as it is to you.

    R. P.
  9. Archived from groups: comp.security.firewalls (More info?)

    "R. P." <r_pol12gar@hotmail.com> wrote in message
    news:QDbvc.29194$pt3.20623@attbi_s03...
    > "Leythos" <void@nowhere.com> wrote:
    > > I've been working with computers, designing motherboards, designing
    > > code, etc... since the 70's and never had a single computer under my
    > > responsibility compromised. It's easy to do once you understand the
    > > threats and protection methods.
    >
    > That background is hardly typical of the average Windows user, so
    > protection is not as simple to most of us as it is to you.
    >

    I don't think anyone who replied to you is a typical/average Windows user.
    :)

    Duane :)
  10. Archived from groups: comp.security.firewalls (More info?)

    In article <QDbvc.29194$pt3.20623@attbi_s03>, r_pol12gar@hotmail.com
    says...
    > "Leythos" <void@nowhere.com> wrote:
    > > I've been working with computers, designing motherboards, designing
    > > code, etc... since the 70's and never had a single computer under my
    > > responsibility compromised. It's easy to do once you understand the
    > > threats and protection methods.
    >
    > That background is hardly typical of the average Windows user, so
    > protection is not as simple to most of us as it is to you.

    I think you are wrong, the fact that there are a zillion sites that
    explain how to secure you computer seems to indicate that you just need
    to read a little.

    Even MS tells you how to lock down a system, on every platform.

    My background gives me the ability to work with many platforms, Windows
    being just one of them. I happen to also use a RH9 system daily too, but
    I stick with my Windows based systems due to my clients needs and
    software constraints.

    If you want to secure a windows PC there are only a few things that you
    need to do:

    1) Get your system behind a NAT device.
    2) Install Antivirus software that gets frequent updates
    and runs all the time (must scan in/out email).
    3) Run Windows Update every day (can be automated).
    4) Change the default IE settings so that your internet zone
    is set to HIGH and your Trusted Zone is set to MEDIUM, put
    the sites you trust in the trusted zone.
    5) Uninstall windows options and applications you don't need.
    6) Don't open attachments from ANYONE unless you asked them to
    send you the attachment - not even from your mom.
    7) Don't run P2P sharing programs or other lame pirate ware.

    --
    --
    spamfree999@rrohio.com
    (Remove 999 to reply to me)
  11. Archived from groups: comp.security.firewalls (More info?)

    "Leythos" <void@nowhere.com> wrote:
    > I think you are wrong, the fact that there are a zillion sites that
    > explain how to secure you computer seems to indicate that you just
    need
    > to read a little.

    No kiddin'! I would actually have to read a little? You know what? If
    that was the only thing that required a little reading, life would be so
    easy. Unfortunately there are so many other, more important things that
    also require reading and there are just so many hours in a day available
    for it. Especially if one's got a life, too, besides reading computer
    related stuff. After all, computers are supposed to make life easier
    and free up more time for other things, right?

    > My background gives me the ability to work with many platforms,
    Windows
    > being just one of them. I happen to also use a RH9 system daily too,
    but
    > I stick with my Windows based systems due to my clients needs and
    > software constraints.

    Well, good for you.

    > If you want to secure a windows PC there are only a few things that
    you
    > need to do:
    >
    > 1) Get your system behind a NAT device.

    I've got it. Behind a Syslink router. Still amazing how many attempts
    are detected by ZoneAlarm.

    > 2) Install Antivirus software that gets frequent updates
    > and runs all the time (must scan in/out email).

    Got it: PC-cillin 2003, with automatic virus pattern updates.

    > 3) Run Windows Update every day (can be automated).

    Have it, too.

    > 4) Change the default IE settings so that your internet zone
    > is set to HIGH and your Trusted Zone is set to MEDIUM, put
    > the sites you trust in the trusted zone.

    This I need to check, but how is one to know ahead of time if a new site
    can be trusted?

    > 5) Uninstall windows options and applications you don't need.

    Oh, that would take some reading time I haven't found yet.

    > 6) Don't open attachments from ANYONE unless you asked them to
    > send you the attachment - not even from your mom.

    Been there, done that.

    > 7) Don't run P2P sharing programs or other lame pirate ware.

    Never have, never will.
    To my knowledge my system so far has been well protected, but that's no
    reason to lower my guard, is it?

    Thanks for sharing nevertheless,
    R. P.
  12. Archived from groups: comp.security.firewalls (More info?)

    You're wasting your time. The arrogance and the ignorance of the person are
    unbelievable. :)

    Duane :)
  13. Archived from groups: comp.security.firewalls (More info?)

    In article <Hjxvc.35460$3x.5351@attbi_s54>, r_pol12gar@hotmail.com
    says...
    > > 4) Change the default IE settings so that your internet zone
    > > is set to HIGH and your Trusted Zone is set to MEDIUM, put
    > > the sites you trust in the trusted zone.
    >
    > This I need to check, but how is one to know ahead of time if a new site
    > can be trusted?

    A new site can only be trusted if it's a commercial site (like a bank)
    or a site that you are somehow sure it's not a hacker site. It's one of
    those things that you have to make the call on yourself. Worst case it
    will act like the normal IE settings (since you set the Trusted Zone to
    MEDIUM).

    --
    --
    spamfree999@rrohio.com
    (Remove 999 to reply to me)
  14. Archived from groups: comp.security.firewalls (More info?)

    In article <Hjxvc.35460$3x.5351@attbi_s54>, r_pol12gar@hotmail.com
    says...
    > > 2) Install Antivirus software that gets frequent updates
    > > and runs all the time (must scan in/out email).
    >
    > Got it: PC-cillin 2003, with automatic virus pattern updates.

    I never use PC-Cillian or McAfee, they have proven to miss thing in our
    testing. While people may complain about it, Symantec AV products have
    never failed any of our tests and we've never had a compromised system
    while running Symantec AV products.

    --
    --
    spamfree999@rrohio.com
    (Remove 999 to reply to me)
  15. Archived from groups: comp.security.firewalls (More info?)

    Taking a moment's reflection, R. P. mused:
    |
    | No kiddin'! I would actually have to read a little? You know what? If
    | that was the only thing that required a little reading, life would be so
    | easy. Unfortunately there are so many other, more important things that
    | also require reading and there are just so many hours in a day available
    | for it.

    So, security through obtuseness? How's that working for you?
    Obviously, you are interested in security, or you wouldn't be here ... yet
    you profess to find it unimportant enough to take any time on. So, wait ...
    why are you here?
  16. Archived from groups: comp.security.firewalls (More info?)

    "GJ" <no@mail.invalid> wrote in message
    news:c9i5vc$49i$1@netlx020.civ.utwente.nl...
    > JP wrote:
    > > I've been looking at personal firewalls and just tried Kerio 4.x (I
    > > use
    > > 2.1.x a whle ago on a Win2000 install and it worked fine). I basically
    > > want to be told what is trying to get "out/in" to my network and only
    > > allow things that I want. This may give me an idea if I get some nasty
    > > internet infection.
    >
    > <snip problem>
    >
    > > Has anyone else had this problem?
    > > OS: Windows XP Pro SP1 (all updates installed)
    >
    > No, but I didn't like the overkill in Kerio 4 so I went back to version
    > 2.1.5, and it works perfect for me.
    > You still can download version 2.1.5 and 2.1.4 from kerio.com (for
    example:
    > http://eu.download.kerio.com/dwn/kpf/kerio-pf-2.1.5-en-win.exe)
    >


    Thanks, got it and installed no probs. Nice to be able to monitor outgoing
    connections again.

    J

    --
    There are 10 types of people in this world
    Those that understand binary and those that don't
Ask a new question

Read More

Firewalls Login Networking