Re: What's up with Jetico Firewall?


"Half_Light" <not@xxxxxxxxx> wrote in message
news:8a7p221r1fvheqnbcrrp5ct6svnotven9v@xxxxxxxxxx
I know this firewall is rated highly and is geeky but it's a pain in
the *** to use. I played around with it for a few hours last night
and it was interesting but also annoying. Everytime I rebooted it
would come up with some crap about "attacker installs system wide
windows hook atitray.exe". Well, yea, it installs a system wide
windows hook because it integrates into the context menu but it's not
malicious. No matter how may times I told it to accept tyhe prog it
would still complain about it. Then it came up with the same BS about
internt explorer. WTF?! After trying this one out and Kerio too I said
*** it and went back to using the XP firewall and using Aports on my
second monitor so I can see what's going on. Suppressing outbound
connections might be good for some people but I would rather monitor
for connections and then take the necessary action if I see some
shitware phoning home. The XP firewall is painles...ahhhh...bliss.

I don't use the XP FW on XP Pro on this laptop while on the road it's using
BlackIce that can't stop outbound either and has it's worthless Application
Control, like all worthless App. Controls are in personal FW(s), disabled.

I use Active Ports so I can see connections and somewhat what Applications
are making connections.

I use IPsec as a supplement to BI so that if I need to stop outbound
traffic, I can do it. IPsec can stop inbound and outbound traffic by port,
protocol or IP and is only a supplemental solution and not a front line
solution..

http://www.petri.co.il/block_ping_traffic_with_ipsec.htm

I implemented the AnalogX rules on the machine and set the services on the
client side that I wanted to come through, like POP3, SMTP, NNTP on the
client side etc, etc. I did have to adjust the rules for SMTP as it was set
for port 25 and I needed to change it to 587 that the ISP is using.

http://www.analogx.com/contents/articles/ipsec.htm

BI was whining about traffic hitting the Windows Networking ports the were
being blocked even on its highest notification level and I got tired of it.
So I went to the IPsec AnalogX rules for Windows Networking and set the rule
to *Deny* and never heard another peep out of BI again, even though BI was
blocking to begin with along with the MS File and Print Sharing was removed
off the dial-up connection and couldn't come through anyway..

However, IPsec on XP Home doesn't have a graphical UI like Pro that you can
access the IPsec policies. But that can be done at the DOS Command prompt.

http://support.microsoft.com/kb/813878

You should configure the XP O/S as much as possible to attack for a machine
that has a direct connection to the modem and the Internet.

http://labmice.techtarget.com/articles/winxpsecuritychecklist.htm

Duane :)


.

Quantcast