A Broadband and ADSL forum. BroadbanterBanter

Welcome to BroadbanterBanter.

You are currently viewing as a guest which gives you limited access to view most discussions and other FREE features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload your own photos and access many other special features. Registration is fast, simple and absolutely free so please, join our community today.

Go Back   Home » BroadbanterBanter forum » Newsgroup Discussions » uk.telecom.broadband (UK broadband)
Site Map Home Register Authors List Search Today's Posts Mark Forums Read Web Partners

uk.telecom.broadband (UK broadband) (uk.telecom.broadband) Discussion of broadband services, technology and equipment as provided in the UK. Discussions of specific services based on ADSL, cable modems or other broadband technology are also on-topic. Advertising is not allowed.

Tutorial for Kerio 2.1.5 ?



 
 
Thread Tools Display Modes
  #1  
Old May 16th 04, 02:49 PM posted to ntl.discussion.broadband.cm,uk.telecom.broadband,comp.security.misc,comp.security.firewalls
Nick H
external usenet poster
 
Posts: 5
Default Tutorial for Kerio 2.1.5 ?

Jackeline D wrote:
I have been using Kerio 2.1.5 on XP Pro for a few months. The PC
is standalone, at home and connected to the Net by cable.

When I look through the list of programs I am blocking I can't
really make much sense of what XP needs or doesn't need.

Also I can't make a lot of sense of how Kerio works - for example I
am struggling to do things like (1) export my list of Open
Connections At Local Host and (2) export my Firewall Configuration.

Is there a web site or group which helps new Kerio 2.1.5 users or
even tells them what they need to set up for basic broadband
surfing.

Yes, there is a user forum at http://www.dslreports.com/forum/kerio.
look for BZ's sticky at the top. Also look at the Kerio and pre-v3.0
Tiny PFW FAQ. There is also a group on Yahoo which I have not tried.

V2.1.5, which I run, is well regarded. V4.x.x is slated as still being
very buggy.

I think some of BZ's anti-spoofing rules are OTT, but if you're paranoid
they may be good. If you run IE, make sure you have a local loopback
rule or it will crawl. I would also block any e-mail program from
accessing remote port 80 at any address. In reality, I allow mail
programs to access the news servers and mailboxes explicitly by Port and
IP address and deny anything else (but log it in case some of the
addresses change as the newsgroup ones did earlier this year)

Also look at
http://homepage.ntlworld.com/robin.d.../security.html for
how to set up the firewall security for basic broadband access (DNS and
DHCP requirements)

Nick
  #2  
Old May 16th 04, 04:38 PM posted to ntl.discussion.broadband.cm,uk.telecom.broadband,comp.security.misc,comp.security.firewalls
Nick H
external usenet poster
 
Posts: 5
Default Tutorial for Kerio 2.1.5 ?

Nick H wrote:

Jackeline D wrote:

I have been using Kerio 2.1.5 on XP Pro for a few months. The PC is
standalone, at home and connected to the Net by cable.

When I look through the list of programs I am blocking I can't really
make much sense of what XP needs or doesn't need.

Also I can't make a lot of sense of how Kerio works - for example I am
struggling to do things like (1) export my list of Open Connections At
Local Host and (2) export my Firewall Configuration.

Is there a web site or group which helps new Kerio 2.1.5 users or even
tells them what they need to set up for basic broadband surfing.


Yes, there is a user forum at http://www.dslreports.com/forum/kerio.
look for BZ's sticky at the top. Also look at the Kerio and pre-v3.0
Tiny PFW FAQ. There is also a group on Yahoo which I have not tried.

V2.1.5, which I run, is well regarded. V4.x.x is slated as still being
very buggy.

I think some of BZ's anti-spoofing rules are OTT, but if you're paranoid
they may be good. If you run IE, make sure you have a local loopback
rule or it will crawl. I would also block any e-mail program from
accessing remote port 80 at any address. In reality, I allow mail
programs to access the news servers and mailboxes explicitly by Port and
IP address and deny anything else (but log it in case some of the
addresses change as the newsgroup ones did earlier this year)

Also look at
http://homepage.ntlworld.com/robin.d.../security.html for
how to set up the firewall security for basic broadband access (DNS and
DHCP requirements)

Nick

Jackeline,

Added to my last post, if you want to see which Win XP services you want
to have running have a look at http://www.blackviper.com/. You may be
able to disable a lot of stuff you're not using.

Nick
  #3  
Old May 16th 04, 09:45 PM posted to ntl.discussion.broadband.cm,uk.telecom.broadband,comp.security.misc,comp.security.firewalls
Garfield
external usenet poster
 
Posts: 4
Default Tutorial for Kerio 2.1.5 ?

If you don't know much what to let go and what to stop, I would strongly
advice you to get a router instead. By default, the NAT feature of it will
act as a basic firewall. If you get a SPI router, it would be even better.
It saves you from endless warning dialogue boxes. Most of them would so
logging too, which you can monitor all out going connection. A cheap router
cost you roughly 30 pounds which is more or less the same price as you paid
for some commercial firewall products.

In addition, you may get features like connection restriction, URL filter
etc, which is very useful if you have kids.

Here are few prices I gathered from ebuyer.com

NAT only
================
Linksys BEFSR41 (quickfind code: 37451)
35.09 GBP

Ebuyer 4 Port 10/100M Internet Broadband Router with USB Printer Server /
Origo BBR-1401 (quickfind code 52897)
27.02 GBP

U.S. Robotics Broadband Router with Paralell Print Server, USR 8000-02
(quickfind code: 44088)*
38.85 GBP

Netgear RP614 Broadband Router + 4 port 10/100 Switch (quickfind 35433)
38.11 GBP

With SPI
=======================
Linksys BEFSX41-Uk (ebuyer.co.uk , quickfind code: 45295)
50.25 GBP

Netgear FR114PUK (ebuyer.co.uk, quickfind code: 47104)
70.89 GBP


Anyway, this may sound a bit drastic but personally, I think it is a better
solution for novice users. So far my routers have saved me from MSBlaster
and Sasser Worms.

Regards

Garfield

* personally, I own a USR 8000-02 router. It is simple to configure, and
allow to connect my Kyocera FS1010 printer to the network.

"Nick H" wrote in message
news
Jackeline D wrote:
I have been using Kerio 2.1.5 on XP Pro for a few months. The PC
is standalone, at home and connected to the Net by cable.

When I look through the list of programs I am blocking I can't
really make much sense of what XP needs or doesn't need.

Also I can't make a lot of sense of how Kerio works - for example I
am struggling to do things like (1) export my list of Open
Connections At Local Host and (2) export my Firewall Configuration.

Is there a web site or group which helps new Kerio 2.1.5 users or
even tells them what they need to set up for basic broadband
surfing.

Yes, there is a user forum at http://www.dslreports.com/forum/kerio.
look for BZ's sticky at the top. Also look at the Kerio and pre-v3.0
Tiny PFW FAQ. There is also a group on Yahoo which I have not tried.

V2.1.5, which I run, is well regarded. V4.x.x is slated as still being
very buggy.

I think some of BZ's anti-spoofing rules are OTT, but if you're paranoid
they may be good. If you run IE, make sure you have a local loopback
rule or it will crawl. I would also block any e-mail program from
accessing remote port 80 at any address. In reality, I allow mail
programs to access the news servers and mailboxes explicitly by Port and
IP address and deny anything else (but log it in case some of the
addresses change as the newsgroup ones did earlier this year)

Also look at
http://homepage.ntlworld.com/robin.d.../security.html for
how to set up the firewall security for basic broadband access (DNS and
DHCP requirements)

Nick



  #4  
Old May 16th 04, 11:18 PM posted to ntl.discussion.broadband.cm,uk.telecom.broadband,comp.security.misc,comp.security.firewalls
Nick H
external usenet poster
 
Posts: 5
Default Tutorial for Kerio 2.1.5 ?

Garfield wrote:
If you don't know much what to let go and what to stop, I would strongly
advice you to get a router instead. By default, the NAT feature of it will
act as a basic firewall. If you get a SPI router, it would be even better.
It saves you from endless warning dialogue boxes. Most of them would so
logging too, which you can monitor all out going connection. A cheap router
cost you roughly 30 pounds which is more or less the same price as you paid
for some commercial firewall products.

In addition, you may get features like connection restriction, URL filter
etc, which is very useful if you have kids.

Here are few prices I gathered from ebuyer.com

NAT only
================
Linksys BEFSR41 (quickfind code: 37451)
35.09 GBP

Ebuyer 4 Port 10/100M Internet Broadband Router with USB Printer Server /
Origo BBR-1401 (quickfind code 52897)
27.02 GBP

U.S. Robotics Broadband Router with Paralell Print Server, USR 8000-02
(quickfind code: 44088)*
38.85 GBP

Netgear RP614 Broadband Router + 4 port 10/100 Switch (quickfind 35433)
38.11 GBP

With SPI
=======================
Linksys BEFSX41-Uk (ebuyer.co.uk , quickfind code: 45295)
50.25 GBP

Netgear FR114PUK (ebuyer.co.uk, quickfind code: 47104)
70.89 GBP


Anyway, this may sound a bit drastic but personally, I think it is a better
solution for novice users. So far my routers have saved me from MSBlaster
and Sasser Worms.

Regards

Garfield

* personally, I own a USR 8000-02 router. It is simple to configure, and
allow to connect my Kyocera FS1010 printer to the network.

"Nick H" wrote in message
news
Jackeline D wrote:

I have been using Kerio 2.1.5 on XP Pro for a few months. The PC
is standalone, at home and connected to the Net by cable.

When I look through the list of programs I am blocking I can't
really make much sense of what XP needs or doesn't need.

Also I can't make a lot of sense of how Kerio works - for example I
am struggling to do things like (1) export my list of Open
Connections At Local Host and (2) export my Firewall Configuration.

Is there a web site or group which helps new Kerio 2.1.5 users or
even tells them what they need to set up for basic broadband
surfing.


Yes, there is a user forum at http://www.dslreports.com/forum/kerio.
look for BZ's sticky at the top. Also look at the Kerio and pre-v3.0
Tiny PFW FAQ. There is also a group on Yahoo which I have not tried.

V2.1.5, which I run, is well regarded. V4.x.x is slated as still being
very buggy.

I think some of BZ's anti-spoofing rules are OTT, but if you're paranoid
they may be good. If you run IE, make sure you have a local loopback
rule or it will crawl. I would also block any e-mail program from
accessing remote port 80 at any address. In reality, I allow mail
programs to access the news servers and mailboxes explicitly by Port and
IP address and deny anything else (but log it in case some of the
addresses change as the newsgroup ones did earlier this year)

Also look at
http://homepage.ntlworld.com/robin.d.../security.html for
how to set up the firewall security for basic broadband access (DNS and
DHCP requirements)

Nick




Garfield,

I sort of agree with you but not fully. I have recently purchased a
Linksys BEFSX41, but you do have to watch carefully which firmware you
run. It is buggy. http://www.dslreports.com/ has some good forums to
research the problems of various makes and models.

One thing with any router is that it will only give you inbound
protection. Checking the router logs will not tell you which application
is making the connection. It is relatively easy to create a simple
set-up on a personal firewall such as ZoneAlarm. KPF needs a bit more
understanding but it is much more powerful (that is ZA Free vs KPF
Free). If Jackeline is concerned about which programs are allowed to
dial out, a router is not going to help. I run WinME, but in WinXP,
should svchost.exe be allowed to dial out? If so, should it be
restricted to certain servers or ports for its time synchronisation
function, or is it safe to give it unrestricted access (probably not).
How will a router help you with this?

Having said that, I would have thought, on balance, that if I had 40 to
spend on a firewall, it is probably better spent on a hardware firewall
than a software one. Then, if you want, go for a free software firewall
like KPF where any mistake you make with inbound rules is protected by
the router. The choice is personal. People will have very strong
feelings on this subject and you will find very polarised views.

Nick
  #5  
Old May 17th 04, 12:32 AM posted to ntl.discussion.broadband.cm,uk.telecom.broadband,comp.security.misc,comp.security.firewalls
Garfield
external usenet poster
 
Posts: 4
Default Tutorial for Kerio 2.1.5 ?

I agree and understand a router could only protect you from inbound
intrusions, however, from my personal experience, I oftenly press one OK
button too much as after a while you sort of fedup with all these endless
warning dialoug boxes from said ZoneAlarm.

I know router/ connection log won't stop out-bound connections, but it
should tell you where you have connected to, and hope the user can detect
any abnormalies, and rectify the problems.

Like many reports had mentioned lately, many people install these utility
software and forget about them. Which in turns, reduce their effectiveness
significantly.

I guess if you are caution about all connections, software firewall is
necessary. However, if you are a novice user, i.e. all TCP/IP means to you
is no more than 5 letters, then, the chance of the user can interpret the
(vague) warning message from firewall is very little (e.g. what does
svchost.exe attempts to connection 124.56.89.42 means average users?) Even
if you are a computer literate, worms oftenly uses names that is very close
to normal system program, i.e. lsasss.exe Which in many occassions, catch
even caution users.

I totally agree software firewalls have their place and value in internet
security. The question is, for an average user, does it worth all these
hassles? Personally, I hate pop-ups ad, but I equally hate excessive
warning message.

The bottom line is down to personal preference as mentioned by Nick

Regards

Garfield

* Linksys BEFSX41 is just an example. It has been around for a while now,
hence, many problems would have been looked into. A SPI router is
preferred, but in most cases, simple NAT would do the trick (SPI has been
implemented in many new routers as a standard now)


"Nick H" wrote in message
news Garfield wrote:
If you don't know much what to let go and what to stop, I would strongly
advice you to get a router instead. By default, the NAT feature of it

will
act as a basic firewall. If you get a SPI router, it would be even

better.
It saves you from endless warning dialogue boxes. Most of them would so
logging too, which you can monitor all out going connection. A cheap

router
cost you roughly 30 pounds which is more or less the same price as you

paid
for some commercial firewall products.

In addition, you may get features like connection restriction, URL filter
etc, which is very useful if you have kids.

Here are few prices I gathered from ebuyer.com

NAT only
================
Linksys BEFSR41 (quickfind code: 37451)
35.09 GBP

Ebuyer 4 Port 10/100M Internet Broadband Router with USB Printer Server /
Origo BBR-1401 (quickfind code 52897)
27.02 GBP

U.S. Robotics Broadband Router with Paralell Print Server, USR 8000-02
(quickfind code: 44088)*
38.85 GBP

Netgear RP614 Broadband Router + 4 port 10/100 Switch (quickfind 35433)
38.11 GBP

With SPI
=======================
Linksys BEFSX41-Uk (ebuyer.co.uk , quickfind code: 45295)
50.25 GBP

Netgear FR114PUK (ebuyer.co.uk, quickfind code: 47104)
70.89 GBP


Anyway, this may sound a bit drastic but personally, I think it is a

better
solution for novice users. So far my routers have saved me from MSBlaster
and Sasser Worms.

Regards

Garfield

* personally, I own a USR 8000-02 router. It is simple to configure, and
allow to connect my Kyocera FS1010 printer to the network.

"Nick H" wrote in message
news
Jackeline D wrote:

I have been using Kerio 2.1.5 on XP Pro for a few months. The PC
is standalone, at home and connected to the Net by cable.

When I look through the list of programs I am blocking I can't
really make much sense of what XP needs or doesn't need.

Also I can't make a lot of sense of how Kerio works - for example I
am struggling to do things like (1) export my list of Open
Connections At Local Host and (2) export my Firewall Configuration.

Is there a web site or group which helps new Kerio 2.1.5 users or
even tells them what they need to set up for basic broadband
surfing.


Yes, there is a user forum at http://www.dslreports.com/forum/kerio.
look for BZ's sticky at the top. Also look at the Kerio and pre-v3.0
Tiny PFW FAQ. There is also a group on Yahoo which I have not tried.

V2.1.5, which I run, is well regarded. V4.x.x is slated as still being
very buggy.

I think some of BZ's anti-spoofing rules are OTT, but if you're paranoid
they may be good. If you run IE, make sure you have a local loopback
rule or it will crawl. I would also block any e-mail program from
accessing remote port 80 at any address. In reality, I allow mail
programs to access the news servers and mailboxes explicitly by Port and
IP address and deny anything else (but log it in case some of the
addresses change as the newsgroup ones did earlier this year)

Also look at
http://homepage.ntlworld.com/robin.d.../security.html for
how to set up the firewall security for basic broadband access (DNS and
DHCP requirements)

Nick




Garfield,

I sort of agree with you but not fully. I have recently purchased a
Linksys BEFSX41, but you do have to watch carefully which firmware you
run. It is buggy. http://www.dslreports.com/ has some good forums to
research the problems of various makes and models.

One thing with any router is that it will only give you inbound
protection. Checking the router logs will not tell you which application
is making the connection. It is relatively easy to create a simple
set-up on a personal firewall such as ZoneAlarm. KPF needs a bit more
understanding but it is much more powerful (that is ZA Free vs KPF
Free). If Jackeline is concerned about which programs are allowed to
dial out, a router is not going to help. I run WinME, but in WinXP,
should svchost.exe be allowed to dial out? If so, should it be
restricted to certain servers or ports for its time synchronisation
function, or is it safe to give it unrestricted access (probably not).
How will a router help you with this?

Having said that, I would have thought, on balance, that if I had 40 to
spend on a firewall, it is probably better spent on a hardware firewall
than a software one. Then, if you want, go for a free software firewall
like KPF where any mistake you make with inbound rules is protected by
the router. The choice is personal. People will have very strong
feelings on this subject and you will find very polarised views.

Nick


  #6  
Old May 17th 04, 09:42 AM posted to uk.telecom.broadband,comp.security.misc,comp.security.firewalls,opera.general
Jackeline D
external usenet poster
 
Posts: 1
Default Tutorial for Kerio 2.1.5 ?

"Garfield" wrote:

If you don't know much what to let go and what to stop, I
would strongly advice you to get a router instead. By
default, the NAT feature of it will act as a basic firewall.
If you get a SPI router, it would be even better. It saves you
from endless warning dialogue boxes. Most of them would so
logging too, which you can monitor all out going connection.
A cheap router cost you roughly 30 pounds which is more or
less the same price as you paid for some commercial firewall
products.



Thank you for the info.

Here is something odd. I Googled for "SPI" and tried to access
this page using my Opera browser:

http://tanuki.homeftp.org:443/module...file=article&s
id=70

I got a popup message from Opera saying "Access to this port is
disabled for security reasons".

Why is this coming up? Is it due to Opera? I daren't try Internet
Explorer in case it lets some problem through!
  #7  
Old May 17th 04, 10:42 AM posted to ntl.discussion.broadband.cm,uk.telecom.broadband,comp.security.misc,comp.security.firewalls
Joe Bloggs
external usenet poster
 
Posts: 1
Default Tutorial for Kerio 2.1.5 ?

"Jackeline D" wrote in message
...
On Sun, 16 May 2004 Garfield said...

Linksys BEFSX41 is just an example. It has been around for
a while now, hence, many problems would have been looked
into. A SPI router is preferred, but in most cases, simple
NAT would do the trick (SPI has been implemented in many new
routers as a standard now)



chris wrote:

I, personally, find SPI a ****ing *pain*. nmap doesnt work
with it enabled, UDP time requests outbound frequently fail
and other niggles happen when using my debian box for
dns-utils.

Basically, SPI is good, but its over sensitive and can cause
great annoyance if you're not a 'standard' net user.


I Googled "SPI" and found some info.

Is SPI an alternative to something else called "NAT"?

Do I have to choose one or the other?


No.

Jackie. Just enable the XP built in firewall and uninstall any other
unnecessary complexity you've added.
Use the tools mentioned elsewhere in this thread to put your mind at rest as
far as viruses, trojans and spyware are concerned. If you don't have any
viruses/trojans/spyware on the system then they can't make outgoing
connections so they don't need a firewall to stop them.

Joe



  #8  
Old May 17th 04, 11:53 AM posted to uk.telecom.broadband,comp.security.misc,comp.security.firewalls,opera.general
Antonio Remedios
external usenet poster
 
Posts: 1
Default Tutorial for Kerio 2.1.5 ?

On Mon, 17 May 2004 07:42:13 GMT, Jackeline D wrote:

Here is something odd. I Googled for "SPI" and tried to access
this page using my Opera browser:

http://tanuki.homeftp.org:443/module...file=article&s
id=70

I got a popup message from Opera saying "Access to this port is
disabled for security reasons".


Well although I haven't actually been able to access the page, I
haven't received any nasty popup

ant
  #9  
Old May 17th 04, 07:26 PM posted to ntl.discussion.broadband.cm,uk.telecom.broadband,comp.security.misc,comp.security.firewalls
Alan Illeman
external usenet poster
 
Posts: 1
Default Tutorial for Kerio 2.1.5 ?


"Nick H" wrote in message
news [snip]
V2.1.5, which I run, is well regarded. V4.x.x is slated as still being
very buggy.


I appeared on this scene only a few months ago (upgraded to Win2K
from Win95) and purchased KPF4, only to find out later that KPF2.1.5
is a far superior product.

KPF needs a bit more
understanding but it is much more powerful (that is ZA Free vs KPF
Free). If Jackeline is concerned about which programs are allowed to
dial out, a router is not going to help. I run WinME, but in WinXP,
should svchost.exe be allowed to dial out? If so, should it be
restricted to certain servers or ports for its time synchronisation
function, or is it safe to give it unrestricted access (probably not).


It's ok for svchost to listen (UDP), it will whether you set a rule or not,
but you have to set a rule that denies any TCP input to svchost. Also set
similiar rules for SYSTEM
and MSTASK.


  #10  
Old May 17th 04, 10:21 PM posted to ntl.discussion.broadband.cm,uk.telecom.broadband,comp.security.misc,comp.security.firewalls
Beavis
external usenet poster
 
Posts: 1
Default Tutorial for Kerio 2.1.5 ?

Aye, and keep your virus definitions and spyware removal tools uptodate.
Prevention is better than cure!

B
 




Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT +1. The time now is 05:07 PM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2019, Jelsoft Enterprises Ltd.Content Relevant URLs by vBSEO 2.4.0
Copyright 2004-2019 BroadbanterBanter.
The comments are property of their posters.