Re: Sponge Kerio binary rules set

From: YK (YKnot_at_home.invalid)
Date: 05/28/03 

Date: Wed, 28 May 2003 03:04:19 GMT

Mike Liu wrote:
> on 27 May 2003, Joe Canuck <Joe_Canuck@Canada.ca> wrote in
> news:LEQAa.3667$fj7.427776@news20.bellglobal.com:
>
>> Mike Liu wrote:
>>
>>> Has anyone used either the binary or text versions of sponge's
>>> rule sets for kerio? The text version for level 2 looks like it
>>> changes the MD5 signatures for various programs and does other
>>> weird stuff. Are these programs safe to use? It's possible they
>>> could be installing backdoors into kerio.
>>
>> Sponge has put a lot of ongoing effort into providing us with
>> his lists... I think your comments are unfounded.
>>
>> I'd suggest you wipe the slate clean on the MD5 side of it and
>> start fresh with your own setup. Sponge may run different
>> versions of the same programs that you do... which explains for
>> the different signatures.
>
> Ok, but I don't understand why he finds it necessary to input new
> MD5 signatures into other peoples' kerio config files. Care to
> explain? Also, what's this (and the rest of his non rule config
> changes) all about?
>
> ReadWritePassword = "00000000000000000000000000000000",
> ReadOnlyPassword = "00000000000000000000000000000000",
>
> I thought he was presenting rule sets to reject spam and spy
> sites. Why is it necessary to alter a bunch of other variables in
> as shown in his text ruleset file?
>
> If he expects me to take his word that a binary file inputed into
> my computer is ok, sorry, but I'm not gonna do that. Nor am I
> going to change the MD5 signatures of kerio just so I can use his
> rules.
>
> Why doesn't he just present the ip ranges of the sites that are
> offensive? Why the other stuff? If he's marketing some type of
> program to supplement kerio he ought to just say so, not tell us
> that he is simply presenting new rules to block spammers, data
> miners, etc.

How about explaining how the Merge function works in Kerio? If you go
look there is only Save and Load. There is no Merge. If you don't
trust them make your own. Invest your own time coming up with your own
rules instead of trying to convince us to not trust Sponge's work. Come
back when you have a Web site with your rules added and we'll see how long
it takes you.

Relevant Pages

  • Re: Sponge Kerio binary rules set
    ... > changes the MD5 signatures for various programs and does other ... Are these programs safe to use? ... > could be installing backdoors into kerio. ... Sponge has put a lot of ongoing effort into providing us with his ...
    (comp.security.firewalls)
  • Re: Sponge Kerio binary rules set
    ... > MD5 signatures into other peoples' kerio config files. ... You're raising an issue with the MD5 signatures where there isn't one. ... Kerio will compare what it has as the MD5 ... Bear in mind that without a ruleset ...
    (comp.security.firewalls)
  • Re: Problem with kerio personal firewall
    ... sponge wrote: ... >> I have install kerio personal firewal, but when I try to open Administration ... Kerio 3 is a test version that is very unstable. ...
    (comp.security.firewalls)
  • Re: Popup warnings that Im wide open
    ... sponge wrote: ... > Those pop-ups are a scam. ... > I believe at least one of the products being sold incorporates spyware ... > Kerio can be used as an ad-blocker as well as a spyware stopper; ...
    (comp.security.firewalls)
  • Re: Kerio not working with Windows 98SE
    ... sponge wrote: ... > Kerio 4.0.x is buggy to the point of being useless. ... and a last rule at lesat blocking all incoming traffic ... What is the reason for blocking PERSFW.EXE from connecting? ...
    (comp.security.firewalls)