kerio PF 4 problem

  • Thread starter Thread starter Pine
  • Start date Start date
P

Pine

I installed Kerio PF 4 yesterday.

This morning I noticed that my access to the Internet was completely
blocked. I had two comps attached to a DSL router and I could not
connect to the router from either of them. Ony one had Kerio installed
and the other linux OS installed. I ended up unintalling Kerio PF4 and
resetting the router.

Has anyone experienced this kind of problem. Shocked
 
Pine said:
I installed Kerio PF 4 yesterday.

This morning I noticed that my access to the Internet was completely
blocked. I had two comps attached to a DSL router and I could not
connect to the router from either of them. Ony one had Kerio installed
and the other linux OS installed. I ended up unintalling Kerio PF4 and
resetting the router.

Has anyone experienced this kind of problem. Shocked
Click to expand...

Had the same problem on XP, never got it to work successfully - ended up
reverting to v2.15

Clive
 
I had two comps attached to a DSL router and I could not
connect to the router from either of them.
Click to expand...

Then dispense with the unneeded firewall and leave it to the router.
More resources for other things and no firewall waiting to block
something which never comes.


Jim.
 
Clive a écrit :
Had the same problem on XP, never got it to work successfully - ended up
reverting to v2.15

Clive
Click to expand...
I'm very surprised , because I'm using Kerio 4.0.16.435 with Win XP SP2
and I haven't had any problem with my Internet access ( In the
"configuration" of Kerio , I turned my browser Mozilla on "permit" )

JJ
 
Then dispense with the unneeded firewall and leave it to the router.
More resources for other things and no firewall waiting to block
something which never comes.
Click to expand...


Isn't it a case though that a software firewall is easier to configure for
traffic that is trying to connect to the Net by being able to prevent
individual applications in connecting...?

--
Best wishes

Morgan

Hard drive noisy...?
www.flyinglizard.freeserve.co.uk
 
James said:
Then dispense with the unneeded firewall and leave it to the router.
More resources for other things and no firewall waiting to block
something which never comes.
Click to expand...

I wish it was so simple, but then you get cases like the one I had the
other day, where a user receives a Bofra worm, it isn't detected by his
AV (AVG, in case you're wondering) but it's blocked by ZoneAlarm when it
tries to call out. External firewalls can't tell a worm from a regular
mail client because they have no way of knowing what program is
attempting to make the connection.
 
I wish it was so simple, but then you get cases like the one I had the
other day, where a user receives a Bofra worm, it isn't detected by his
AV (AVG, in case you're wondering) but it's blocked by ZoneAlarm when it
tries to call out. External firewalls can't tell a worm from a regular
mail client because they have no way of knowing what program is
attempting to make the connection.
Click to expand...

I understand what you're saying but that compromise was not caused by
a failure of the router because it was permitted traffic. The outgoing
notification protection offered by zonealarm is only as good as the
malware it is trying to prevent is poor. Since it is already running
the malware can do whatever it likes. Last time I tried it, a simple
WM_DESTROY signal to the zonealarm process and it's gone leaving the
malware to run with impunity. So yes, there is limited functionality
in using zonealarm as you've shown, but it's a trade off against the
availability of additional resources and the absense of problems
caused when the firewall (regularly) misfires. For a properly patched
machine behind a nat device and used by a clueful clicker zonealarm
(or other similar) is not necessary. It can also lead to false sense
of security issues as discussed in another recent thread.


Jim.
 
Back
Top