Re: Possible firewall problem?

From: Kerodo (kerodonospamkenny_at_hotmail.com)
Date: 08/30/04

• Next message: Copelandia Cyanescens: "Re: Possible firewall problem?"
• Previous message: Lars M. Hansen: "Re: Possible firewall problem?"
• In reply to: Lars M. Hansen: "Re: Possible firewall problem?"
• Next in thread: Copelandia Cyanescens: "Re: Possible firewall problem?"
• Reply: Copelandia Cyanescens: "Re: Possible firewall problem?"
• Reply: optikl: "Re: Possible firewall problem?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Sun, 29 Aug 2004 15:58:25 -0700

In article <crk4j0termvi6l3kbhl2dups2hjs85295p@4ax.com>,
badnews@hansenonline.net says...
> On Sun, 29 Aug 2004 13:06:11 -0700, Kerodo spoketh
>
> >
> >Ok, thanks Lars.. But doesn't it mean then that a packet is getting
> >thru the firewall rules somehow and getting in? What I'm concerned
> >about is that there is a "hole" in the firewall..
>
> Even if it was not the firewall itself that were sending the reply
> packet but rather the OS, it really doesn't matter a whole lot. If you
> don't have anything running on port 25, then no external (or internal
> for that matter) clients can connect to this port.
>
> I agree that it is somewhat odd that the firewall logs the outgoing
> "rst" packet rather than simply logging the connection attempt from the
> external source ... and, most desktop firewalls actually "stealths" port
> rather than sending out rst's. But I still don't think it's anything to
> lose sleep over.

Ok, thanks. While I have your attention there, maybe I can ask one more
question. I have a choice between 2 rule based firewalls to run here.
I like both. One is Jetico Personal Firewall beta, which we have been
talking about above, and the other is Kerio 2.1.5. Jetico has stateful
inspection. Kerio does not. Which would be the better choice? Is
stateful inspection really that important or desirable?
 

-- 
Kerodo

---

• Next message: Copelandia Cyanescens: "Re: Possible firewall problem?"
• Previous message: Lars M. Hansen: "Re: Possible firewall problem?"
• In reply to: Lars M. Hansen: "Re: Possible firewall problem?"
• Next in thread: Copelandia Cyanescens: "Re: Possible firewall problem?"
• Reply: Copelandia Cyanescens: "Re: Possible firewall problem?"
• Reply: optikl: "Re: Possible firewall problem?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: Kerio PFW 2.14 - Safe? ... >> stateful inspection stopped it and kept the firewall from accepting the ... A fancy name for just dropping packets rather than issuing ... Kerio 2, I DO see it, due to no stateful inspection (so ... > every bit the firewall ZA is in context. ... (comp.security.firewalls) Re: Kerio PFW 2.14 - Safe? ... > If Kerio 2.14/5 states it's stateful, ... > Stateful inspection is also completely useless without, ... the rules set the firewall applies. ... (comp.security.firewalls) Re: What about Look n Stop ... I'm not sure if it has stateful inspection or ... the only thing that comes close is Kerio 2.1.5. ... Have you tried or looked at VisNetic Firewall? ... (comp.security.firewalls) Re: Any suggestions? ... trying to get the Kerio program to recognize the proxy browser, ... We have scanned your system for open ports and for ports visible to others ... > "Firewall" tab to "Ask Me First". ... > then see the five or six default rules supplied by Kerio. ... (comp.security.firewalls) Re: how to on firewall ... I have Kerio. ... The firewall frequently alerts. ... Certain web sites and/or web pages won't load because of blocking ... (alt.computer.security)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > comp.security.firewalls  > 2004-08