Re: Kerio 2.1.5 - Unable to Attach TCP Message



Martin wrote:

Windows 2000 SP4 with Kerio firewall 2.1.5.

Kerio 2.1.5 was good but it's outdated now (cause of security flaws :-( ).

After closing port 445 using

Do you need the smb-direct protocol?

either Windows Worms Cleaner
Whats' this?

or by editing the registry,

SMBDeviceEnabled=0?

I get the messageon boot up "Kerio Personal Firewall Driver: Unable to
attach 'TCP"

Mmmmh, I used Kerio in conjunction with WinNT and that system didn't know
anything abou smb-direct.

followed by similar messages for other protocols.Google indicates this is
a known bug. Nevertheless, on running the ShieldsUp probe, my computer
is still stealthed despite the error messages.

"stealth" is bad, it's a misconfiguration.

I tried uninstalling Kerio,
closing the port, then reinstalling Kerio, but that didn't fool it.

What about wipfw? It's actual and very smart ;-)

I can't see any fix for this bug on Google.
see above.

Any thoughts? (In the meantime, I have reversed the registry changes
so that port 445 shows as listening but is at least protected by the
firewall.)

That's a workaround with security flaws. What does the Kerio FW have to do?
Make it unnecessary (German says: überflüssig == superfluous) or change to
f.e. ipsecpol or wipfw.

HTH
Wolfgang

.



Relevant Pages

  • Re: Security Newbie - DSNkong, Proxomitron, Kerio
    ... >>connect to cpanel, but still cannot FTP. ... When kerio is on I see that it is allowing ... (ANY local port, ANY remote port, action set to ... > Remote Address: ANY (or, if you FTP to the same IP or group of IPs, ...
    (comp.security.firewalls)
  • Kerio 2.1.5 vulnerability
    ... Linux ipchains Firewall Vulnerability ... As I used Kerio I put it in the 2do list as something to play with, ... Log Suspicious Packets. ... When sending a SYN to an open or closed port I got no reply. ...
    (comp.security.firewalls)
  • Re: Kerio Personal Firewall v2.1.5 & XPs remote desktop...
    ... Try to add the port manually through the kerio Admin toward the LAN's IP of the computer. ... I did Not try Kerio 2.15 with SP3, hopefully there is No compatibility problem. ... They are vast, timeless, and if they are aware of us at all, it is as little more than ants and we have as much chance of communicating with them as an ant has with us. ...
    (microsoft.public.windowsxp.network_web)
  • Re: Kerio 2.1.5 vulnerability
    ... >If Kerio returns a SYN ACK that's 2 thirds of the handshake completed, ... >but Hping2 doesn't send an ACK to complete the connection. ... TYPSoft FTP Server Version 1.10 was used to open port 21." ... Then I used netcat to open port 21 and spawn a shell on connection ...
    (comp.security.firewalls)
  • Re: kerio: (1) Former freeness, & (2) Filter rules precedence
    ... >> Kerio came about when developers from Tiny split from the parent ... a rule for SSH for a client should look something like ... Remote Port: ANY ...
    (comp.security.firewalls)