looking for XP firewall

kerio 2.15

Yeah, because running outdated, unpatched software as a security measure is a Really Good Idea(tm). Not.

cu

59cobalt

all the updated new stuff has the nsa backdoors wide open, same with win7.

[ Kerio 2.1.5 ]

You may want to provide evidence for that claim.

cu

59-Tinfoil hat, anyone?-cobalt

Kerio Personal Firewall -> Sunbelt Personal Firewall -> VIPRE Premium.

Try AVG Internet Security, still supports XP/XP Mode under Win7.

IMHO.

MJR

+1 Vulnerabilities listed are not targeted by hackers anymore. Too few people use it, and the ones that do are not the best victims. IMHO []'s

-1

Obscurity is an utterly braindead security policy.

cu

59cobalt

I'd rather keep the vulnerabilities I know than have them updated daily by adobe, oracle, microsoft, google or whatever. :) []'s

[ idiocy of using kerio 2.15 in this day and age ]

I take it you'd rather be 0wned, too.

Hint: Theres this word "security" in the newsgroup's name. It's there for a reason.

cu

59cobalt

Ansgar -59cobalt- Wiechers wrote in news: snipped-for-privacy@mid.individual.net:

I have questions. I admit to not knowing a lot about this stuff. I am asking so I can learn.

Say an attacker is trying to get through a firewall, is there anything that tells them what make/model/brand/version of firewall they are facing? I would expect not, but recognize I could be wrong.

If not, then how do they know which vulnerabilities they should attempt in order to get through the firewall? Surely there are so many possibilities that they can't just run through them all? At least not in a reasonable amount of time?

Brian

Have you tried WIPFW?

A lot of trojans specifically target certain services and programs. Some I recently downloaded disabled AVG and Avast engines,maybe a grudge the programmer had, but you can make a trojan disable any service then download the main payload. Very, very few trojans are designed to take down Kerio 2.1.5. I know Kerio is old, but it still detects outbound network activity, and points you to the program that is doing that. (saved me from an USB-born autorun trojan from downloading a fake antivirus some years ago, a month before the main antiviruses detected it). It's simple, fast, very kind on resources, etc. Of course, it's not my main protection. []'s

-- Don't be evil - Google 2004 We have a new policy - Google 2012

Nope. I've used iptables under linux in the past. I'm old and tired. What's the learning curve ?

[]'s

-- Don't be evil - Google 2004 We have a new policy - Google 2012

Shadow wrote in news:m4h8j7t9ukrj3l3imm40afhbu62j0q7mql@

4ax.com:

That's kind of the crux of my question. If the 'bad' program has to target specific vulnerabilities, and although Kerio 2.1.5 is quite old and has known vulnerabilities, if the attacking program has no way to know that it's Kerio 2.1.5 doing the defending, then how is it to know to attack it specifically?

I've had a similar experience re outbound attempts. In my case it was some malicious Java script. If I hadn't had the outbound alert....

Of course. No one solution is a catch-all.

Thanks for taking the time to reply. I was beginning to wonder if what I asked was too difficult a question to answer, being it's over a week since I asked.

Brian

There's a chance you might get Firewall Builder to work with it if you'd prefer some sort of GUI -- just so long as you don't try to redirect packets since modifying packets in any manner is not yet supported in the Windows port of ipfw.

-Gary

I forgot about this but it hasn't been updated since 2006. Also, I've never used it so I've no idea if it's even usable or not as it's still in beta.

There's no helping people who don't actually care about security. However, this is not the right newsgroup for you in the first place.

cu

59cobalt

P.S.: The correct and reliable way to defeat *any* autorun malware is to disallow autoplay entirely. Works since the dawn of time.