Farewell Kerio continued
in [Freeware]
|
Prev: Parted Magic 4.9
Next: What I like about Chrome
From: John Corliss on 30 Dec 2009 15:29 Les Nagy wrote: > John Corliss wrote: > >>> probably never will. Kerio can crash the system in certain >>> circumstances and increasing its buffer almost always fixes this >>> problem. >> >> Just curious Les, how does one increase the buffer in Kerio 2.1.5? > > That it answered in the following link you have already quoted. >> >>> - Kerio's Buffer size needs to be patched in registry not to >>> cause a buffer problem >>> http://www.dslreports.com/forum/remark,3060806?hilite=registry+buffer Sorry, I meant to remove my question after I found that link and obviously forgot to do so. >>> - It sometimes loses it's rules completely >> > > The link above addresses the problem below >>> Some people have noticed a BSOD with fwdrv.sys though: >>> >>> http://www.dslreports.com/forum/remark,12530877 >> >> I've never experienced this one. I looked in the registry and the value that showed was over 16000. However, the binary code for that value was "4000". It wasn't clear if I was supposed to put 16000 in as a binary code and since I haven't been having the problem the tweak corrects, I didn't do the tweak. -- John Corliss BS206. Using News Proxy, I block all Google Groups posts due to Googlespam, and as many posts from anonymous remailers (like x-privat.org for eg.) as possible due to forgeries posted through them. No ad, cd, commercial, cripple, demo, nag, share, spy, time-limited, trial or web wares OR warez for me, please.
From: David H. Lipman on 30 Dec 2009 16:01 From: "hummingbird" <hummingb�rd(a)127.0.0.1> | 'David H. Lipman' wrote thus: >>The OS will query the user when OBJECT.EXE tries to access the Internet to allow or >>deny >>OBJECT.EXE that access. >>However in XP OBJECT.EXE can write its own FireWall Policy to allow itself access to >>the >>Internet and thus not query the user. | Do you mean that it can effectively by-pass the user's PFW? | or just the Windows firewall? ...or both? Under WinXP - yes. Malware can (and does as I often see this) insert a Policy to allow the malcious file access to the Internet. -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
From: David H. Lipman on 30 Dec 2009 16:03 From: "N4469P" <samuelluter(a)gmail.com> | On Wed, 30 Dec 2009 12:25:36 GMT, hummingbird wrote: >> 'David H. Lipman' wrote thus: >>>The OS will query the user when OBJECT.EXE tries to access the >>>Internet to allow or deny OBJECT.EXE that access. >>>However in XP OBJECT.EXE can write its own FireWall Policy to >>>allow itself access to the Internet and thus not query the user. >> Do you mean that it can effectively by-pass the user's PFW? >> or just the Windows firewall? ...or both? >>>This was fixed in Vista and strengthened in Win7. | Cite? Don't need to. I have replicated the ability of malware inserting a FireWall Policy allowing in WinXP and it fails under Vista. -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
From: David H. Lipman on 30 Dec 2009 16:04 From: "John Corliss" <q34wsk20(a)yahoo.com> | David H. Lipman wrote: >> John Corliss wrote: >>> David H. Lipman wrote: >>>> Hutton Conyers wrote: >>>>>>> Bear Bottoms wrote: >>>>> (snip) >>>>>>>> However, I agree >>>>>>>> with David Lipman that the Windows firewall is the very best and if you >>>>>>>> feel the need for more protection, use a hardware firewall. >>>>> But how does this stop programs calling home? Particularly MS? Does >>>>> Windows firewall prevent outgoing connectons? I think not. But >>>>> correct me if I am wrong. >>>> A FireWall appliance would have greater control over that. >>>> The MS built-in can limit it as well based upon settings in the OS based FireWall >>>> context. >>> From what I understand about the Windows firewall in Vista and Windows >>> 7 though, it only will block outgoing that you specify rather than >>> asking about every outgoing and allowing you to set rules. Please feel >>> free to correct me if I'm wrong since I still use XP. >> The OS will query the user when OBJECT.EXE tries to access the Internet to allow or >> deny >> OBJECT.EXE that access. >> However in XP OBJECT.EXE can write its own FireWall Policy to allow itself access to >> the >> Internet and thus not query the user. | David, almost everybody in this group knows that the XP firewall will do | nothing to block outgoing connections. What you're talking about is a | policy to allow OBJECT.EXE to accept *incoming* connections. If you | don't believe me, check out this page: | http://www.microsoft.com/windowsxp/using/networking/security/winfirewall.mspx >> This was fixed in Vista and strengthened in Win7. | You must be referring to incoming policies. Go to this website: | http://www.windowsecurity.com/articles/Whats-new-Windows-7-Firewall.html | and look at figure 3. | I also suggest that you read this article: | http://www.pcmag.com/article2/0,2817,2335235,00.asp | and notice how carefully the author avoids any use of the term "outgoing | connections", just like Microsoft itself does. Nope. The FireWall CAN block outgoing. If you want to have a full understanding of the FireWall, take it to an appropriate FireWall News Group. -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
From: John Corliss on 30 Dec 2009 17:42
David H. Lipman wrote: > From: "N4469P" <samuelluter(a)gmail.com> > > | On Wed, 30 Dec 2009 12:25:36 GMT, hummingbird wrote: > >>> 'David H. Lipman' wrote thus: >>>> The OS will query the user when OBJECT.EXE tries to access the >>>> Internet to allow or deny OBJECT.EXE that access. > >>>> However in XP OBJECT.EXE can write its own FireWall Policy to >>>> allow itself access to the Internet and thus not query the user. > >>> Do you mean that it can effectively by-pass the user's PFW? >>> or just the Windows firewall? ...or both? > > >>>> This was fixed in Vista and strengthened in Win7. > > | Cite? > > Don't need to. I have replicated the ability of malware inserting a FireWall Policy > allowing in WinXP and it fails under Vista. Actually, yes, you do need to cite if you're going to make a claim in this group. Demanding that others take your word without any proof is a waste of everybody's time. By the way, your attribution marks are non-standard (see the quoted material above.) -- John Corliss BS206. Using News Proxy, I block all Google Groups posts due to Googlespam, and as many posts from anonymous remailers (like x-privat.org for eg.) as possible due to forgeries posted through them. No ad, cd, commercial, cripple, demo, nag, share, spy, time-limited, trial or web wares OR warez for me, please. |