Avast WEBforum
Consumer Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Topic started by: Culpeper on March 30, 2005, 05:07:17 AM
-
Man, after much confusion and frustration over whether not Sygate was a good combo with Webshield, I decided to uninstall Sygate and try out Kerio. I'm sticking with Kerio. The default settings are all I need out of a firewall and it works great with Avast thus far. Sygate is history on my machines.
I used both Sygate Pro and Sygate Free with the same controversial problems associated with both of them. Sygate bad. Kerio good. Avast Webshield good.
-
Welcome to the dark side! ;)
John (another happy Kerio user)
-
And 4.2 is coming in the next few days!
Plus if you use the free version, you get the FULL firewall product, including intrusion detection. Sygate free isn't the full firewall.
-
I have to agree with you , Kiero looks a winner. ZA and its lousy memory can go jump :P
-
Another "dark-sider" here. ;)
I've run Kerio with Avast on the PC since version 4.0.8 and am currently trying the latest Kerio 4.2 beta 4 which has given no problems either. I think everyone will like the new update.
After several ZA debacles, I'm happy with Kerio and Avast which is, of course, my favourite AV!
Happy days
kakapo
-
I am very happy too, running Anast 4.6 with Kerio 4.2 Beta 4.
Non problem. All work smooth and fine. And memory usage quite normal.
I 'll stay with both of them.
Is there any information about final Kerio 4.2 release?
Thanks Alwil and Kerio. Great Job!
Have a nice day!
-
Dark side of Kerio. Switched to 4.1.3 and had the same problems I encountered with 4.2B4-Kerio doesn't always load at boot . Saw a few other messages about this on their website. No solution-don't know what the conflict is. In spite of being installed as an automatic service under XP SP2, it just comes up partially at boot (based on "protect a startup and shutdown being checked") and then goes away, never to be seen again, until you start it manually. Also tried putting it in the startup folder;didn't help. Happened only occasionally with 4.1.2. Watch carefully to be sure KPF 4 is really running if you plan to use it. No comment from their forum on the questions about it. Sygate is looking better again, unless Kerio comes up with an explanation/fix.
-
Is the WinXp firewall accidentally on.
-
No; it is disabled. Actually, I cheated a bit and am trying out KPF 2.1.5 as an alternative, but this was not a problem on 4.1.2; just cropped up on the 4.2 beta and now 4.1.3.
-
I'm using 4.1.2. Thanks for the input.
You're right. They're not much help on the subject on the Kerio board. I won't update my version until they resolve the bug.
-
Sded, won't be ZoneAlarm an alternative?
I used ZA for five years, changed to Outpost, went to Sygate and come back to Outpost.
Tried Kerio some time ago but version 4 seemed to much 'bloatware' for me... Maybe just an impression.
-
I used ZAF, ZAP, ZASS but found they didn't provide adequate logging or display insight into what was happening or how things should be configured. One use of a firewall is for figuring out what should/shouldn't have been blocked/allowed, and ZA never really helped me. But try the newest ZAF and see if it suits you. I am trying out Kerio 2.1.5, and so far seems fine. Like the KPF4 GUI, but don't understand the startup problem at all. Must be a conflict with something, but I don't have a complicated system and don't see any effort on the Kerio forum to help solve the previous comments on it.
-
I used ZAF, ZAP, ZASS but found they didn't provide adequate logging or display insight into what was happening or how things should be configured.
You're right... For ZoneAlarm, I always consider VisualZone (http://visualize.phenominet.com) a must have complement.
I don't have a complicated system and don't see any effort on the Kerio forum to help solve the previous comments on it.
Unfortunatelly (or not ;D), no other forum can give you the same support as here ;)
-
Agree, places like Kerio specifically don't do official forum support for their free versions, in spite of the fact they could point to it in their pay versions as "50K hours of beta testing" or some such. Oh well, wait to see what happens on Kerio. In the meantime, if you want to try it, a good free version of Kerio 2.1.5 is available at http://www.dslreports.com/forum/kerio along with a prebuilt set of rules to modify if you like. Will report back after trying it for a bit.
-
Not that it's overly relevant, but I've been using Kerio for many months and I've used a number of beta versions including all of the versions released recently and I've had no problems like that at all with Win XP Home SP1 or SP2.
It shouldn't be too hard to figure out what application is causing the conflict. Just stop everything but KPF from starting and slowly add apps back to your startup list. However, I have a feeling that you've done this already and weren't able to determine the culprit. Is that the case?
-
I'm planning on switching to Kerio too. I've been happy with Sygate, but ... Kerio looks like it offers more what I'm looking for in terms of fine-tuning control. I haven't decided whether to wait for 4.2, or go ahead and install either 2.1.5, or 4.1.2 or 4.1.3.
-
No probs with 4.1.3 here 8)
-
Tried to isolate the interfering program; no luck. Problem is that it doesn't happen 100% of the time, so is probably load order dependent. Easier to switch than spend any more time trying to diagnose it. It simply shouldn't happen to a firewall, ever-makes me wonder about probable malware vulnerability. And I wouldn't know what the next interferor might be. I never saw any of the others who had the problem come up with anything either, or any comments from Kerio or the peer support group on it. So far KPF 2.1.5 is a fine replacement. Or Sygate is acceptable, in spite of its PITA characteristics. No reason not to use KPF 4 if you have no problems. Just a warning to KPF 4 users to watch out for it occasionally not loading-assume easily noticed if often not loading.
-
Problem is that it doesn't happen 100% of the time, so is probably load order dependent.
Will it help if you use Startup Delayer to control the order of programs load?
http://www.r2.com.au/
-
Thought about the startup delayer, but decided that was too much trial and error vs switching, And still worried about the next problem program for Kerio. Thanks for the suggestion, though. Will probably see if Kerio has any suggestions, otherwise stay switched to something else. Even a small unreliability is unacceptable in a firewall, and I would find it hard to trust KPF 4 again without some real solution.
-
Hi!
I tried to upgrade today from Kerio 4.1.2 to 4.1.3 but there seemed to be a problem with Kerio 4.1.3 (at least in my machine). It refused to load. Neither on boot nor manually afterwards...so i had to uninstall it.
And now, while using the Windows XP SP2 built-in firewall, i noticed that the VoIP program Skype is functioning more properly.With kerio i couldnt dial any number while connected to the university network (i thought that the external university firewall was blocking it) but now without kerio i can without any problem.
I think i will stick with the XP SP2 firewall until kerio 4.2 is released....
-
Just stick with the Win firewall since you are already behind a server firewall.
-
The best and leanest as well as meanest Kerio is the original lightweight Kerio 2.15, combine that with BZ rules from http://www.broadbandreports.com/forum/remark,8023708 , add freeware Antihook from www.infoprocess.biz and if you want an Intrusion Detection System like in Kerio 4, get the even better and free Nuzzler which is Snort based and comes from www.securepoint.cc By the way Securepoint also makes a very good firewall of their own.
-
2.1.5 is a fine firewall, but it takes a bit more than just copying the BZ ruleset to make it work. There are also some additional rules for dealing with the avast! web proxy at http://www.dslreports.com/forum/remark,12848459. And a little adaptation for the mail proxies. Not nearly as difficult as some of the forum comments indicate, through. Seems to be a continual work in progress, though; current avast! related set is shown. As far as the KPF 4 IDS, my experience was 100% false alarms POS, usually several a day when a site that was not in accordance with their database was visited.
-
Yep,
Have to create two software proxy loopback rules with list of ports that include the POP, SMTP, IMAP, NNTP ports as well as port 12080.
-
Have to create two software proxy loopback rules with list of ports that include the POP, SMTP, IMAP, NNTP ports as well as port 12080.
Can you post the rules here?
Port numbers, protocols, local and remote IP, etc. etc.
I think could be very useful for the users to know how to configure them...
Thanks.
-
Kerio 4 IDS files can be edited to eleminate certain types of false positives from one computer on the network to another computer on the network. For example, there were a couple of rule sets in the .rlk files that were creating false positives in the intrusion log. Simply placing a "#" at the beginning of the line will disable that particular rule rather than turning off the medium intrusion module. The instrusion module is independent of the trusted area in Kerio.
-
I have a good IDS in my DSL router (Cayman 3220h) that covers
IP Source Address Spoofing
Source Routing
Subnet Broadcast Amplification
Illegal Packet Size (Ping of Death)
Port Scan (TCP/UDP)
Excessive Pings
Admin Login Failure
MAC Address Spoofing
Works very well, no false alarms, catches things.
Out of KPF 4 I got about 20 false alarms a day because of the way it interpreted normal activity from various sites. I could probably have tried to dumb it down, but thought it was already adequately dumb and ignored it. Worthless POS advertising gimmick in my opinion, but YMMV. ::)
-
Have to create two software proxy loopback rules with list of ports that include the POP, SMTP, IMAP, NNTP ports as well as port 12080.
Can you post the rules here?
Port numbers, protocols, local and remote IP, etc. etc.
I think could be very useful for the users to know how to configure them...
Thanks.
Certainly,
For Software Proxy Loopback 1
Protocol: TCP/UDP
Direction: Outgoing
Port Type: Any Port
Application: Any
Address Type: Network Mask
Network Address/Mask: 127.0.0.1/255.0.0.0
List of Ports:1-24,26-109,111-118,120-142
Rule Valid: Always and Action: Permit
For Software Proxy Loopback 2 everything will remain the same except add ports 144-12079,12081-65535 to the list. This way all or any programs trying to access these ports will need explicit permission from you.
Credit to this goes to the one and only Kerio 2.15 guru BZ, I have only modded it to suit Avast's scanning at his suggestion.
-
Noticed that some of the users have KPF loading problem. I'm using Syagate Personal Firewall 5.6 build 2808. Occasionally it does not load at machine boot. There are also similar reports on their forum.
Regarding Kerio, are you guys using the free version? I am considering switching from Sygate to Kerio. Is the "Internet gateway", which is provided by the paid version but not the free version (http://www.kerio.com/kpf_comparison_version.html), a vital element that a usual user should not be lack of?
-
No, the web portion of the paid version is disabled after 30 day trial. You don't need it. It's just a basic popup and advert blocker with some cookie options as well. Nothing important in my opinion. I'm using 4.1.2. There is reports that 4.1.3 is buggy on WinXP startup.
-
Thanks, Culpeper.
Do you mean that the "Runs as internet gateway" (see http://www.kerio.com/kpf_comparison_version.html) is unimportant either?
From where can I download 4.1.2? My machine is running on Win 98.
-
The "run as a gateway" says it is to support Internet Connection Sharing-is that even applicable with W98? In any case, Kerio has announced they will no longer support W98 for 4.2 and beyond. Try 2.1.5 if you want Kerio; the bugs in 4.1 will never be fixed for W98.
-
dito
I misunderstood about the internet gateway. I confused it with content filtering.
-
kenwong,
older versions of kerio (all the way back to 2.1.4) are available at:
http://download.kerio.com/archive/
(But they don't seem to have added the 4.1.2 yet ... )
-
Thanks, Culpeper and sded.
Installed 4.1.3. Was smooth initially. But the machine hanged during boot and needed to force a hard reboot!
May need to go back to Sygate. Could you please advise me about Outpost - how is it compared to Sygate and Kerio? My machine is running on Win 98. Thanks.
-
I used to use Outpost 1.0 on Win98 and I liked it very much. Can't remember why I quit using it though. If you have access to ftp let me know and I'll upload Kerio 4.1.2 install file.
-
Can anybody compare the Outpost Professional 2.5 with the 'old' Free 1.0 available?
Seems that the company isn't updating the free version very often... Why?
-
I don't think they have done a thing to version 1.0 since they came out with Outpost 2. Just just throw 1.0 out as a freebie.
-
Thanks, Culpeper and sded.
Installed 4.1.3. Was smooth initially. But the machine hanged during boot and needed to force a hard reboot!
May need to go back to Sygate. Could you please advise me about Outpost - how is it compared to Sygate and Kerio? My machine is running on Win 98. Thanks.
This got my curosity up so I disabled the router firewall and tested Outpost 1.0 (free version) and it still passes all the Sygate (sos) and Shields Up! tests. So, good enough for me on my Win98SE machine. I forgot how much I missed that old program. I love the way you can define application rules. There are some unneeded plugins like ads removal, DNS caching, and so forth that can be disabled. This old Outpost firewall is still viable security.
Also, did the same test with the WinXP firewall with the same results. Both run well with Avast!.
-
Man, after much confusion and frustration over whether not Sygate was a good combo with Webshield, I decided to uninstall Sygate and try out Kerio. I'm sticking with Kerio. The default settings are all I need out of a firewall and it works great with Avast thus far. Sygate is history on my machines.
I used both Sygate Pro and Sygate Free with the same controversial problems associated with both of them. Sygate bad. Kerio good. Avast Webshield good.
Also, did the same test with the WinXP firewall with the same results. So, I'm just going to use the WinXP firewall on the main machine and the old Outpost firewall on the remote Win98SE machine, both behind a router firewall. Both run well with Avast!. Good enough for my ladies.
Any software firewall should provide you 'stealth" with port scan tests.
I really thinked you were after strong outbound application control. ???
Another guy whose words are hard to be taken serious again.
Even ZA is better than XP SP2 firewall.
-
Outbound is only as good as the person allowing the access. What? You sit there and every single time your browser needs to send out you allow it manually? I'm not that concerned about outbound. I'm concerned about inbound more. I'm not going to plug one firewall after another up my butt when one is basically just as good as another. Kerio's default settings basically allow all outbound transmission anyway.
Nevertheless, this isn't a firewall support board. My main concern is to use a reliable firewall system that adapts well with Avast. Nothing more and nothing less. I normally keep technical matters outside of that on the appropriate support forum.
And be careful taking my inventory. I have chuncks of guys like you in my stool.
-
::)
Why did you change then from Sygate?
Avast's webshield has always worked with it. Scanning viruses.
It never had any other problem, but that in the first webshield version the outbound application control was lost, especially if not setting a manual prowser proxy setting.
You even recommended Kerio, cause Sygate had in your opinion a weakened outbound app control.
-
You're incorrect about your assumptions of my concerns about outbound controls. Sure I'm concerned about unwanted outbound transmission but I'm not studying any traffic logs paranoid. But a firewall is a management process and not a silver bullet and every single firewall has their own brand of leaks. The most important line of defense is keeping the bad guys out. Once in however, it would be the job of a good AV program to stop or warn about malicious activity. I'm not changing my mind about Kerio's brand of ease and safety. I also have resources to consider and I think a hardware firewall as well as a basic software firewall is sufficient. In fact, I still have Kerio installed on the WinXP machine. I was merely testing the Outpost and WinXP firewalls with the router firewall disabled. And they worked fine with Avast and passed the standard online tests! I think all the hype and paranoia about outbound transmissions are overstated.
I haven't stabbed Kerio in the back. Just letting people know they have options without being biased about one program over another. My beef with Sygate was all the controversy over it in regard to Avast.
-
I used ZAF, ZAP, ZASS but found they didn't provide adequate logging or display insight into what was happening or how things should be configured.
You're right... For ZoneAlarm, I always consider VisualZone (http://visualize.phenominet.com) a must have complement.
I don't have a complicated system and don't see any effort on the Kerio forum to help solve the previous comments on it.
Unfortunatelly (or not ;D), no other forum can give you the same support as here ;)
Technical, here I am again with another noob question. Has the VisualZone program been tested by you or by others who are competent to insure it contains no hacks or spyware? I suspect you must feel it is safe since you are recommending it, but felt i should double check before adding it to my system. Thanks......Smoke
-
Technical, here I am again with another noob question. Has the VisualZone program been tested by you or by others who are competent to insure it contains no hacks or spyware? I suspect you must feel it is safe since you are recommending it, but felt i should double check before adding it to my system. Thanks......Smoke
VisualZone is a log file analyser.
No spyware, no adware, safe and secure.
It has a feature to 'back trace' the intrusions. You can use or not (called DShield if I do not forget...).
-
Technical, here I am again with another noob question. Has the VisualZone program been tested by you or by others who are competent to insure it contains no hacks or spyware? I suspect you must feel it is safe since you are recommending it, but felt i should double check before adding it to my system. Thanks......Smoke
VisualZone is a log file analyser.
No spyware, no adware, safe and secure.
It has a feature to 'back trace' the intrusions. You can use or not (called DShield if I do not forget...).
Technical, thank you for your reply. I had already searched for reviews of VisualZone on the internet, but there were very few and they lacked depth and detail. I am trying to decide if I want to try it. Does it use much memory/resources?
I have Windows 98SE, 512mb of 333ddr memory, Athlon XP2100+(1733mhz clock) but running ZoneAlarm(latest version) and Avast!Home (4.6.623) at startup takes me all the way down to 70% on my resources! :'(
-
Technical, thank you for your reply. I had already searched for reviews of VisualZone on the internet, but there were very few and they lacked depth and detail. I am trying to decide if I want to try it. Does it use much memory/resources?
I have Windows 98SE, 512mb of 333ddr memory, Athlon XP2100+(1733mhz clock) but running ZoneAlarm(latest version) and Avast!Home (4.6.623) at startup takes me all the way down to 70% on my resources! :'(
I see no problem with your computer but... see, Visual Zone is not a firewall, it's just a tool to analyse the ZoneAlarm logs...
It does not take much resources and you can disable it whenever you need/want...
Opening it again it will analyse all log file since you boot 8)
-
Thank you again, Technical! ;D
-
this might be a bit off-topic, but ...
thanks for the tip on Kerio !
i was using ZoneAlarm on my laptop and Outpost 2.5 on my desktop at home. very happy with OP, but ZA started to annoy me when vsmon.exe started using almost 100% cpu during downloads (with Firefox).
going to try Kerio 4.1.3 ... looks nice ;-)
only thing i "miss" in Kerio (and ZA) are the rules that you can define for applications.
edit : oh wait, you can "create advanced filter rules" when setting up a new app. in Kerio ... i'll have a look.