Re: d-link dsl-504 + kerio firewall question

From: rello (relloman_at_beasty.com)
Date: 10/28/04 

Date: Thu, 28 Oct 2004 21:26:55 GMT

both have kerio loaded.....
the default filtering on the dsl-504 is supposed to block by default
unauthorised access...obviously not working.....i am not permitted to
mess with the router admin and am supposed to secure the machines
individually using software firewalls [kerio]

kerio usually generates a connection alert for every connect attempt
from grc which, if denied, shows stealth on all ports.....in this case
kerio doesnt generate any connection alerts....

i might try adding a final rule in kerio ruleset blocking all
protocols in and see if that makes the difference for port scans.....
thanks for your interest and any further comments

On Thu, 28 Oct 2004 18:39:20 +0100, "SteveB"
<sbrads@nildramDOTcoDOTuk> wrote:

>The problems can be on the PC you're not using as the incoming probes can't
>tell the difference between the 2. I get this with my DSL-500 plus switch
>feeding 3 PC's. My PC is watertight and stealthed when it's the only one
>switched on, but turn on a less well protected occasional usage laptop and
>probe the system from my PC using grc.com and I get some ports only closed
>not stealthed.
>
>
>"rello" <relloman@beasty.com> wrote in message
>news:4180e768.9514901@news-server...
>> set up a 2 pc network with the above 4 port modem and found that my
>> usual firewall, kerio showed holes everywhere when i ran a port scan
>> from grc.com ....some ports were stealthed but many showed closed with
>> a few open...i usually find the kerio default ruleset is fine for
>> bigpond, optus broadband and any dialup account....any body got an
>> idea why this is so???
>> thanks
>> relloman
>> relloman
>

relloman

Relevant Pages

  • Re: Security Newbie - DSNkong, Proxomitron, Kerio
    ... >>connect to cpanel, but still cannot FTP. ... When kerio is on I see that it is allowing ... (ANY local port, ANY remote port, action set to ... > Remote Address: ANY (or, if you FTP to the same IP or group of IPs, ...
    (comp.security.firewalls)
  • Kerio 2.1.5 vulnerability
    ... Linux ipchains Firewall Vulnerability ... As I used Kerio I put it in the 2do list as something to play with, ... Log Suspicious Packets. ... When sending a SYN to an open or closed port I got no reply. ...
    (comp.security.firewalls)
  • Re: Kerio 2.1.5 vulnerability
    ... >If Kerio returns a SYN ACK that's 2 thirds of the handshake completed, ... >but Hping2 doesn't send an ACK to complete the connection. ... TYPSoft FTP Server Version 1.10 was used to open port 21." ... Then I used netcat to open port 21 and spawn a shell on connection ...
    (comp.security.firewalls)
  • Re: Kerio Personal Firewall v2.1.5 & XPs remote desktop...
    ... Try to add the port manually through the kerio Admin toward the LAN's IP of the computer. ... I did Not try Kerio 2.15 with SP3, hopefully there is No compatibility problem. ... They are vast, timeless, and if they are aware of us at all, it is as little more than ants and we have as much chance of communicating with them as an ant has with us. ...
    (microsoft.public.windowsxp.network_web)
  • Re: kerio: (1) Former freeness, & (2) Filter rules precedence
    ... >> Kerio came about when developers from Tiny split from the parent ... a rule for SSH for a client should look something like ... Remote Port: ANY ...
    (comp.security.firewalls)