Re: Older PFWs: Sygate, Kerio 2.1.5, etc.

On 12/28/2006 8:40 AM, something possessed You guess to write:
On Thu, 21 Dec 2006 22:51:53 -0500, louise <louise@xxxxxxxxxxxxxxx>

bassbag wrote:
In article <ab58o29e4fcd5gcd88m5tfo55ok0kas633@xxxxxxx>, none@xxxxxxxxxxxxxxx says...
I realize that some here are of the opinion that effective outbound
protection on a Windows system is impossible and that all PFWs are
useless. That aside...

I still see people recommending Sygate's PFW and Kerio 2.1.5. It
doesn't seem prudent to me to use security software that hasn't been
updated in a long time.

At approximately the same time (middle/end of 2005) Kerio was sold to
Sunbelt, Sygate was sold to Symantec and development of some DiamondCS
product(s) (ProcessGuard?) stopped.

Was some major flaw in these products disclosed at that time?

Given that any PFW is of value, is it wise to run PFWs that have long
since been supported?

It is possible to have effective outbound protection using kerio 2.15 and / or sygate.Not 100% of course ...but every little helps.I personally prefer kerio 2.15.Volker and cohorts of course suggest otherwise ,and prefer the puritanical approach ,which in laboratory conditions or being members of the said families ..may suffice.The choice is yours...suck it and see ;)
I'm still using an old Sygate on my desktop and Windows Firewall on my laptop which is often used wirelessly.

I'm not really happy with either solution even though at home I run a NAT router.

Why do you prefer Kerio over Sygate?



I have a couple of questions. Why do some people think they need to
update their PFW? If it used to work, why do you think it won't work

The argument that a PFW is just a packet filter is correct, isn't that
what all firewalls are? They examine packets of data that are sent or
received and filter out the "bad" ones according to rules you have
set. Am I missing something here?

Subscribing to updates for an antiviral program makes sense, viruses
change and the writers come up with better ways to implant their
malware. But if your PFW can tell which program exactly is attempting
to send packets, then isn't it doing what you want it to do?


avast! Antivirus: Outbound message clean.
Virus Database (VPS): 0664-0, 12/28/2006
Tested on: 12/28/2006 11:40:56 AM
avast! - copyright (c) 1988-2006 ALWIL Software.

Certain "packet filters" may contain discovered vulnerabilities in the older versions which, when exploited, may give a remote user improper privileges on the local machine/network. Not to mention we want to keep an eye out for all those "zero-day vulnerabilities" as well ;-)

Relevant Pages

  • MSN Messenger and Kerio 2.1.5 rule set?
    ... I'd prefer not to allow msn messenger full, ... BTW I finally had to give up on Kerio PFW v4 on XP Pro. ... After the 3rd time it lost my rule ...
  • Re: Older PFWs: Sygate, Kerio 2.1.5, etc.
    ... protection on a Windows system is impossible and that all PFWs are ... I still see people recommending Sygate's PFW and Kerio 2.1.5. ...
  • Re: HP ScanJet 6200C USB Problem
    ... Nach erfolgreicher Installation kann ich den Kerio PFW dann wieder ... Die HP PrecisionScan Pro (HP Scan Software) ... nach Hause telefonieren und verweigerte solange die weitere Installation? ...
  • Re: Problem: Speicherkarte auslesen unter Windows
    ... Hat ja bisher auch mit PFW (Kerio) funktioniert. ... Irgendwelche Tuning-Tools mal ... Deinstalliert und neu gestartet. ... Klar, habe ich ja gesagt, dass so ein PFW keine 100%ige Sicherheit ...
  • Re: Dienste starten nicht
    ... Jahr habe ich das bereits getan und mich wegen fehlender Features (im ... Vergleich zu Kerio) gegen ihn entschieden. ... diese verändert wurde (Virus), schlägt PFW Alarm. ...