Kerio firewall help...

AvengerUK · Feb 24, 2007, 18:48:48

Evening all,

Just completed another reinstall, (*note to self: Leave things alone!*). Anyway, basically, ive found, to my horror, that kerio has been updated at long last. However, its horror as theve set up the network rules really strangly, virtually everything was set to "ask", which is very annoying when firefox causes it to pop up 20 times per web page!!

Anyhow, set it as the following: EDIT: Changed embedded pic to link so u can zoom!

http://img401.imageshack.us/img401/9035/eekll9.jpgwidth=750 height=600]

No idea if thats the usual / safe etc, so can anyone lend a helping hand?!

DorsetBoy · Feb 24, 2007, 18:57:01

NOOOOOOOOO!

You have got access allowed for any other app.And there are other settings there that are BAD.

In full application control mode it will ask for every connection and prog/app start until it learns and sets the rules you make.

Go here.......SKPFASSISTANT

check out thesettings shown ,if you get stuck leave a message there........Graham will be able to help.

DorsetBoy · Feb 24, 2007, 19:10:34

Here is the official support forum...........CASTLECOPS

You should find Graham lurking in there too

AvengerUK · Feb 24, 2007, 19:11:13

Thanks

...but...

I play alot of games, and i cant afford for it to ask every time. Especially since its asking when i install games, which can make a mess of them...

Im going to try to turn the network security to what he says, but in "HIPS" (Intrusions) ive got to turn the "block execuitable code" option off. There are to many applications, such as xfire and game auto-updates that require this not to be blocked...i think!

I assume its "ok" to turn this off!?

EDIT: Ive now got this: EDIT: oops, adding link: http://img442.imageshack.us/img442/5192/eek2da9.jpg

DorsetBoy · Feb 24, 2007, 19:18:14

Yup,in that section in HIPS you can make specific exceptions to the executable code area.

Things like anonymiser are blocked unless you make a rule to allow it.

Click the advanced tab in HIPS.....the popup that opens shows Buffer overflow and Code injection,click exceptions and enter all those things you wish to allow.

The applications that you specifically want to allow...when the warning window opens tick the write a rule box and allow the prog /app.

AvengerUK · Feb 24, 2007, 19:23:22

Ok, thanks for your help Doreset

- Id give you a karma or two...but, you know

Seems with the old version of kerio, i left it in a "Unsafe" setup...may explain why i used to have to install/reinstall/image alot lol

EDIT: ive lost the karma vote thread, as i havent voted yet!! - Can anyone direct me to it?

DorsetBoy · Feb 24, 2007, 19:29:11

Easily done .

But with time you can make Kerio VERY secure...........Graham games a lot ,he uses the packet filter rules which really tie it down.

The real beauty of the full application control is that nothing can get out,no app can start or start another prog without you giving permission or knowing about it.

You should be able to set your games to run with out interruption.

DorsetBoy · Feb 24, 2007, 19:36:47

Quote from: AvengerUK on Feb 24, 2007, 19:23:22
Ok, thanks for your help Doreset - Id give you a karma or two...but, you know

Seems with the old version of kerio, i left it in a "Unsafe" setup...may explain why i used to have to install/reinstall/image alot lol

EDIT: ive lost the karma vote thread, as i havent voted yet!! - Can anyone direct me to it?

Karma thread is in this section 2 or 3 posts down

AvengerUK · Mar 03, 2007, 23:23:40

http://www.avengeruk.co.uk/kpf1.jpg

http://www.avengeruk.co.uk/kpf2.jpg

Are these kerio defaults ok?