Evening all,
Just completed another reinstall, (*note to self: Leave things alone!*). Anyway, basically, ive found, to my horror, that kerio has been updated at long last. However, its horror as theve set up the network rules really strangly, virtually everything was set to "ask", which is very annoying when firefox causes it to pop up 20 times per web page!!
Anyhow, set it as the following: EDIT: Changed embedded pic to link so u can zoom!
http://img401.imageshack.us/img401/9035/eekll9.jpg (http://img401.imageshack.us/img401/9035/eekll9.jpg)width=750 height=600]
No idea if thats the usual / safe etc, so can anyone lend a helping hand?!
NOOOOOOOOO!
You have got access allowed for any other app.And there are other settings there that are BAD.
In full application control mode it will ask for every connection and prog/app start until it learns and sets the rules you make.
Go here.......SKPFASSISTANT (http://one.xthost.info/skpf/)
check out thesettings shown ,if you get stuck leave a message there........Graham will be able to help.
Here is the official support forum...........CASTLECOPS (http://www.castlecops.com/f208-Sunbelt_Kerio.html)
You should find Graham lurking in there too ;)
Thanks :)...but...
I play alot of games, and i cant afford for it to ask every time. Especially since its asking when i install games, which can make a mess of them...
Im going to try to turn the network security to what he says, but in "HIPS" (Intrusions) ive got to turn the "block execuitable code" option off. There are to many applications, such as xfire and game auto-updates that require this not to be blocked...i think!
I assume its "ok" to turn this off!?
EDIT: Ive now got this: EDIT: oops, adding link: http://img442.imageshack.us/img442/5192/eek2da9.jpg (http://img442.imageshack.us/img442/5192/eek2da9.jpg)
Yup,in that section in HIPS you can make specific exceptions to the executable code area.
Things like anonymiser are blocked unless you make a rule to allow it.
Click the advanced tab in HIPS.....the popup that opens shows Buffer overflow and Code injection,click exceptions and enter all those things you wish to allow.
The applications that you specifically want to allow...when the warning window opens tick the write a rule box and allow the prog /app.
Ok, thanks for your help Doreset :) - Id give you a karma or two...but, you know ;)
Seems with the old version of kerio, i left it in a "Unsafe" setup...may explain why i used to have to install/reinstall/image alot lol
EDIT: ive lost the karma vote thread, as i havent voted yet!! - Can anyone direct me to it?
Easily done .
But with time you can make Kerio VERY secure...........Graham games a lot ,he uses the packet filter rules which really tie it down.
The real beauty of the full application control is that nothing can get out,no app can start or start another prog without you giving permission or knowing about it.
You should be able to set your games to run with out interruption.
Quote from: AvengerUK on Feb 24, 2007, 19:23:22
Ok, thanks for your help Doreset :) - Id give you a karma or two...but, you know ;)
Seems with the old version of kerio, i left it in a "Unsafe" setup...may explain why i used to have to install/reinstall/image alot lol
EDIT: ive lost the karma vote thread, as i havent voted yet!! - Can anyone direct me to it?
Karma thread is in this section 2 or 3 posts down
http://www.avengeruk.co.uk/kpf1.jpg (http://www.avengeruk.co.uk/kpf1.JPG)
http://www.avengeruk.co.uk/kpf2.jpg
(http://www.avengeruk.co.uk/kpf2.JPG)
Are these kerio defaults ok?