Archived from groups: opera.general,24hoursupport.helpdesk,comp.security.firewalls (
More info?)
In article <MPG.1b75c8b66ef3fe4b9896be@news.central.cox.net>, kerodonospamkenny@hotmail.com says...
> In article <MPG.1b75dc7c18da1b0c98976e@news.west.earthlink.net>,
> casey@nosuch.net says...
> > In article <MPG.1b75b7e6c78886bf9896bd@news.central.cox.net>, kerodonospamkenny@hotmail.com says...
> > > In article <MPG.1b75ce59805e45fa98976d@news.west.earthlink.net>,
> > > casey@nosuch.net says...
> > > > In article <MPG.1b7599ea4a993f4c9896bc@news.central.cox.net>, kerodonospamkenny@hotmail.com says...
> > > > > In article <MPG.1b75a2885bc025c698976c@news.west.earthlink.net>,
> > > > > casey@nosuch.net says...
> > > > > > >
> > > > > > You might want to try Sygate firewall. I have been using
> > > > > > Opera and Sygate together back through many earlier versions
> > > > > > of each. Not one problem have I had.
> > > > > >
http://soho.sygate.com/free/default.php
> > > > > > Casey
> > > > >
> > > > > Or for that matter Kerio. I've been trying the latest Kerio 4.1 betas
> > > > > and Kerio now has stateful inspection for all protocols and in the next
> > > > > beta they're finally adding good logging. There are still bugs, but
> > > > > it's shaping up nicely. So far, no problems here...
> > > > >
> > > > > Sygate is very good, I actually purchased the Pro version myself, but
> > > > > the main advantage ZA has over it is the stateful inspection. But to
> > > > > get that, you also have to put up with the bloat of unwanted "features"
> > > > > as well.
> > > > >
> > > > >
> > > > Sygate has Stateful Packet Inspection (SPI).
> > > >
> > > > Quoted from Sygate FAQ:
> > > > Q-- Does Sygate Personal Firewall do Stateful Packet Inspection?
> > > > A-- Yes, Sygate® Personal Firewall does Stateful Packet Inspection
> > > > on every Remote TCP connection. Sygate® Personal Firewall also
> > > > uses an algorithm to check Remote UDP and DHCP traffic to make
> > > > sure that the communication is secure.
> > > > Unquote
> > > >
http://forums.sygate.com/vb/showthread.php?s=7e70845e3330c7f26ab2a2c7fd0245c0&threadid=52
> > >
> > > That's news to me! Interesting.. Although I notice that it says SPI on
> > > TCP connections only. But that's good then..
> > >
> > >
> > I'm certainly no "knowledge whiz" when it comes to protocols but
> > I believe it would destroy the usefulness of UDP and ICMP if you
> > tried to SPI them <G>.
>
> I know next to nothing about the subject, but I believe Kerio SPI's UDP
> and ICMP now, and I'm pretty sure ZA does too. I used to get random
> "garbage" packets from my DNS servers (UPD) with Sygate, but with ZA and
> Kerio I don't. Perhaps that's why?
>
>
I solved that with an advanced rule:
Allow, UDP, remote port 53, in/out, to my ISP primary dns IP and
secondary dns IP. At tools/options/security smart dns is not
enabled.
Casey