Author Topic: My preview to new Kerio PF [4.2.0]  (Read 8423 times)

0 Members and 1 Guest are viewing this topic.

Offline YLAP

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 2118
My preview to new Kerio PF [4.2.0]
« on: July 09, 2005, 03:50:09 PM »
Now the version 4.1.3 is available, but there is 4.2.0 RC3  Beta available to try. It works till 2005.09.26. It's practically the same improved program. It has more comfortable interface for intrusion control

but the main new feature after 4.1.3 is Host Intrusion And Prevention System (HIPS)

All other features are well know for Kerio users. So if you are interested in new Kerio 4.2 - have a try.  ;)
It's a very small review, but I think it's not useless!  ;D

Version History is on Reply #5
« Last Edit: July 22, 2005, 04:06:43 PM by =YLAP= »

Offline rdsu

  • Avast Evangelist
  • Poster
  • ***
  • Posts: 534
  • ...
Re: My preview to new Kerio PF [4.2.0 RC3 BETA]
« Reply #1 on: July 09, 2005, 04:40:31 PM »
It consumes a lot of resources than the other versions?
Avast Free Antivirus: Web Shield & Home Network Security.

Offline YLAP

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 2118
Re: My preview to new Kerio PF [4.2.0 RC3 BETA]
« Reply #2 on: July 09, 2005, 04:48:03 PM »
Seems not. For me it seems to be almost the same as old 4.1.3. Loads fast and works good. Waiting for final release.
« Last Edit: July 09, 2005, 04:57:44 PM by =YLAP= »

Offline rdsu

  • Avast Evangelist
  • Poster
  • ***
  • Posts: 534
  • ...
Re: My preview to new Kerio PF [4.2.0 RC3 BETA]
« Reply #3 on: July 09, 2005, 04:49:25 PM »
OK, thanks ;)
Avast Free Antivirus: Web Shield & Home Network Security.

Offline FreewheelinFrank

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 4872
  • I'm a GNU
    • Don't Surf in the Nude!
Re: My preview to new Kerio PF [4.2.0 RC3 BETA]
« Reply #4 on: July 09, 2005, 09:10:07 PM »
4.2 has been through a number of Beta versions and Release Candidates. I reckon the final release should be here soon? The new featues look interesting- thanks for the review.
     Bambleweeny 57 sub-meson brain     Don't Surf in the Nude Blog

Offline YLAP

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 2118
Re: My preview to new Kerio PF [4.2.0 RC3 BETA]
« Reply #5 on: July 09, 2005, 09:56:46 PM »
I don't know anything about final version, but it's already 9th BETA.  I hope final version will be available soon, but it's hard to say. Maybe new BETA (RC4) will be at first!  ;D

Legend:
+ Added feature
* Improved/changed feature
- Bug fixed

    *

      Version 4.2.0 RC 3 - June 29, 2005
      - fixed bug that KPF permitted outgoing UDP packets when relevant firewall rule was set to 'ASK'. This bug prevented KPF to pass DNS leak test.
      - fixed bug that KPF blocked DHCP responses on interfaces without IP address.
      - fixed bug that when KPF was configured to ask the user for both application startup and modification, it asked only for the startup even if application was modified.
      - fixed bug that KPF detected new interface with address 0.0.0.0 when ethernet cable was disconnected.
      - fixed bug that when KPF password was enabled, it was not possible to close application change alert dialog without knowing password.
      - fixed many cosmetic and light bugs in KPF GUI.
    *

      Version 4.2.0 RC 2 - May 24, 2005
      + redesigned intrusion alert dialog

      - updated ad blocking rules
      - now it is possible to define webfilter exceptions using both '*' and '?'
      - fixed memory leak in logging of Network Security, Behavior Blocking and NIPS
      - improved HIPS detection routines (HIPS will produce less false positives)
      - log files now use CRLF for line breaks (instead of LF)
      - fixed problems with updated HIPS driver reload
      - fixed bug that registry hives were flushed every ten seconds
      - updated translations and help
    *

      Version 4.2.0 RC 1 - April 28, 2005
      * improved HIPS detection routines (HIPS will produce much less false positives)
      * updated translations and help
    *

      Version 4.2.0 Beta 6 - April 20, 2005
      * improved portscan detection mechanism
      * HIPS alert is now not displayed for permitted events
      + improved performance of HIPS driver
      * HIPS driver is now loaded permanently (it is not unloaded on KPF shutdown)
    *

      Version 4.2.0 Beta 5 - April 7, 2005
      + added popup dialog for HIPS events. User can decide whether event is caused by virus or legal application and send report to Kerio.
      + added exception for HIPS buffer overflow
      + added new predefined rule to webfilter. The rule enables proper functionality of windowsupdate.microsoft.com site.

      - fixed "more information" links of several IDS rules
      - fixed problem with proxy detection when advanced settings were used
      - fixed problem that upon initialization, KPF permitted several packets that shouldn't be permitted
      - several cosmetic fixes on license registration wizard
      - fixed bug that when a popup dialog was displayed for longer than one minute, KPF gui was restarted.
    *

      Version 4.2.0 Beta 4 - March 9, 2005
      - removed directory access restrictions. KPF now doesn't restrict its directory access for SYSTEM and Administrators only.
    *

      Version 4.2.0 Beta 3 - March 3, 2005
      + improved code injection detection routines
      + better HIPS logging
      + KPF now set its directory permitions to be accessible only by administrator and local system accounts

      - fixed a GDI leak that occured when user closed and again opened configuration window
      - fixed problems with nested IP groups with too long name
      - fixed problems with many local IP addresses
      - removed IDS rules that caused false positive detections
      - fixed incompatibility with SafeTP
      - fixed problems with gateway mode - connections going through gateway were sometimes treated as incomming connections
      - fixed false buffer overflow detection of Borland Delphi and C++ Builder
    *

      Version 4.2.0 Beta 2 - February 10, 2005
      + added possibility to define application exceptions for HIPS's code injection

      - fixed double logging of closed port connections
      - improved buffer overflow detection routine
      - fixed collision with AMD64's NX bit
      - fixed crash of new HIPS driver under particular circumstances
    *

      Version 4.2.0 Beta 1 - January 24, 2005
      + added Host Intrusion Prevention System (HIPS). HIPS prevents attacks that reach vulnerable applications from succeeding by blocking any illegitimate behavior attempted by the affected applications.
      + simpler configuration window
      - System Security was renamed to Behavior Blocking to meet current industry conventions.
      - Intrusions were renamed to NIDS (Network IDS) to distinguish between network intrusions and new Host Intrusions (HIPS).
      - New Intrusions pane was created. It includes three types of intrusion blocking - NIDS, HIPS and Behavior Blocking.
      - 'System' log and 'Intrusions' log were renamed to be consistent with new Intrusions pane.

      - dropped support for Windows 98, ME, NT4.
      - improved parameters sanity checks of hooked kernel API functions
      - fixed occasional unresponsiveness of logview
      - minor gui bugs were fixed
« Last Edit: July 09, 2005, 10:05:36 PM by =YLAP= »

Offline YLAP

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 2118
Re: My preview to new Kerio PF [4.2.0 RC3 BETA]
« Reply #6 on: July 10, 2005, 10:01:31 AM »
I think I've noticed on big bug in HIPS: I can't watch almost any .avi or .mpg movie (Windows Media Player and K-Lite Codec Pack 2.50 full) as  on file opening Kerio HIPS reports about blocked intrusion in explorer.exe or sometimes in wmplayer.exe. After that Windows reports about unknown error in Windows Explorer, and so on. As all error details from HIPS are sent to Kerio, I hope to have this stupid bug fixed in later releases. Now I have turned off HIPS module for a while...  :-\

Offline YLAP

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 2118
Re: My preview to new Kerio PF [4.2.0]
« Reply #7 on: July 22, 2005, 04:07:52 PM »
4.2.0 - July 21, 2005
+ added Host Intrusion Prevention System (HIPS). HIPS prevents attacks that reach vulnerable applications from succeeding by blocking any illegitimate behavior attempted by the affected applications. This feature is available in registered version only.
+ simpler configuration window
- System Security was renamed to Behavior Blocking to meet current industry conventions.
- Intrusions were renamed to NIPS (Network IPS) to distinguish between network intrusions and new Host Intrusions (HIPS).
- New Intrusions pane was created. It includes three types of intrusion blocking - NIPS, HIPS and Behavior Blocking.
- 'System' and 'Intrusions' logs were renamed to be consistent with new Intrusions pane.


- dropped support for Windows 98, ME, NT4.
- many improvements and bug fixes

Offline YLAP

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 2118
Re: My preview to new Kerio PF [4.2.0]
« Reply #8 on: July 22, 2005, 04:18:34 PM »
It's a pitty I can't say if the bug mentioned
I think I've noticed on big bug in HIPS: I can't watch almost any .avi or .mpg movie (Windows Media Player and K-Lite Codec Pack 2.50 full) as on file opening Kerio HIPS reports about blocked intrusion in explorer.exe or sometimes in wmplayer.exe. After that Windows reports about unknown error in Windows Explorer, and so on. As all error details from HIPS are sent to Kerio, I hope to have this stupid bug fixed in later releases. Now I have turned off HIPS module for a while... :-\
is repaired as I'm using unregistered version.  :-\ Besides, you do not have to restart ypour pc after installation.  ;D

kakapo

  • Guest
Re: My preview to new Kerio PF [4.2.0]
« Reply #9 on: July 22, 2005, 11:53:47 PM »
Thank you for this report Ylap.

I've used the free Kerio for a while but updated from version 4.1.2 to 4.0.2 last night. After installation I had to reboot, but then all went well. The new version flew thru' Shields Up fully stealthed and no ports open. All good, I thought.

I then went to attach some pics to an email and got the Explorer error you mention. I can, however watch WMP vids etc without the error (so far anyway) and everything else seems to work ok. Will let you know if I uncover any other wee bugs.

Zero degrees C down here today..........brrrrrrr

Happy, sunny days to all

Offline szc

  • Avast Evangelist
  • Starting Graphoman
  • ***
  • Posts: 6927
Re: My preview to new Kerio PF [4.2.0]
« Reply #10 on: July 23, 2005, 12:14:29 AM »
Hello Kakapo... I'm really sorry for that cold weather down there even more under down-under... haha, perplex maximum...

Here in Toronto, last few weeks is unbearable... between 35-43 Celsius degrees every single day (including humidity)... oh God, it's killing me... I'm more of a cold weather person. And they say Canada is cold... of course it is, but more on the north.

Anyway, I just wanted to say that =YLAP= is doing wonderful job testing this firewall, and letting us know about those results... and also to point your attention to one thread...

..::BUTTERFLY FIELD ::..

I hope you'll enjoy...

Cheers !
MB: GIGABYTE GA-Z77X-UD3H Intel 7 Series  - LGA1155, CPU: Intel Core i5-3570K - Quad Core, 3.40GHz (3.80GHz Max Turbo), CPU COOLER: Cooler Master Hyper 212 EVO Direct Heat Pipe R2, RAM: 16 GB Kingston HyperX Blu DDR3, VIDEO CARD: Galaxy GeForce GTX 560 Ti - 1GB, GDDR5, POWER SUPPLY: Corsair Enthusiast Series TX750 V2 - 750 Watts, HD: Seagate Barracuda - 2TB, 7200RPM, 64MB, SATA 6Gb/s

Offline YLAP

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 2118
Re: My preview to new Kerio PF [4.2.0]
« Reply #11 on: July 23, 2005, 09:01:31 AM »
I've used the free Kerio for a while but updated from version 4.1.2 to 4.0.2 last night. After installation I had to reboot, but then all went well. The new version flew thru' Shields Up fully stealthed and no ports open. All good, I thought.

Maybe I was wrong, but I wasn't asked to reboot...  :-\

I then went to attach some pics to an email and got the Explorer error you mention. I can, however watch WMP vids etc without the error (so far anyway) and everything else seems to work ok. Will let you know if I uncover any other wee bugs.

Strange, something's wrong with HIPS. I think we'll have new beta soon!  ;) And when I'll post about it here!  ;D

Zero degrees C down here today..........brrrrrrr

Be warm!  ;D

Anyway, I just wanted to say that =YLAP= is doing wonderful job testing this firewall, and letting us know about those results....

Thanks sZc, it's very nice to hear it. It's not hard to write things I noticed during everyday work. As this firewall is not bad and it's FREE, I thought it is worth to review it for people who wants to know what are they installing.  ;)

Offline szc

  • Avast Evangelist
  • Starting Graphoman
  • ***
  • Posts: 6927
Re: My preview to new Kerio PF [4.2.0]
« Reply #12 on: July 23, 2005, 02:34:14 PM »
Exactly Lithuania, hehe... and that's the point of making a review. To inform people, so they know what they should expect in case they decide to go with installation of that particular program. Most of those reviews out these are biased, and they all should be unbiased reviews, so they can help others.

You are doing great job, keep it up that way !

I never used Kerio in my life, but few times that thought crossed my mind... I wanted to test it a little bit just to see how it's doing it's job. Lack of time and some other things "helped" me to stay with ZA.  ;D

Cheers !
MB: GIGABYTE GA-Z77X-UD3H Intel 7 Series  - LGA1155, CPU: Intel Core i5-3570K - Quad Core, 3.40GHz (3.80GHz Max Turbo), CPU COOLER: Cooler Master Hyper 212 EVO Direct Heat Pipe R2, RAM: 16 GB Kingston HyperX Blu DDR3, VIDEO CARD: Galaxy GeForce GTX 560 Ti - 1GB, GDDR5, POWER SUPPLY: Corsair Enthusiast Series TX750 V2 - 750 Watts, HD: Seagate Barracuda - 2TB, 7200RPM, 64MB, SATA 6Gb/s

darth.mikey

  • Guest
Re: My preview to new Kerio PF [4.2.0]
« Reply #13 on: July 25, 2005, 08:50:37 AM »
The new kerio rocks!!!For me it's just the best firewall there is!I actually used kaspersky AV and AntiHacker for a month now because avast and kerio 4.1.3 had some issues so i decided  to wait  for the  new kerio(4.2.0) cause the betas weren't stable for me and when it finally arived i put back avast installed the new kerio and everything seems to work very well!Let me tell you just one more thing kaspersky av and anti hacker SUCK thy use huge amount of resources(my dvd's were actually burned 2 minutes longer!!!)and i am never installing either of them  on my comp again!Avast + Kerio is the way to go!