 Number 267 - August 2005 |
|
| Installing Kerio Personal Firewall | |
| by Carl Tenning. Tacoma Open Group for Microcomputers | |
|
After seeing the Kerio Personal Firewall demonstration at the July meeting, I uninstalled my ZoneAlarm firewall and installed the Kerio firewall. The first thing I noticed was that the Windows XP firewall had re-activated itself and was opposing the Kerio firewall. So I had to manually deactivate the Windows XP firewall. As I recall, this was done automatically when I first installed ZoneAlarm. Next I went to the Steve Gibson "Shields Up" site to run a check on my new firewall. Previously when I had ZoneAlarm the check came up with "Passed", but with Kerio I got two failures. The first failure was the NetBIOS binding for file and print sharing. I think this may have occurred because of a misunderstanding I had during the Kerio installation. I went back into the Kerio configuration under Network Security, Applications and highlighted "Microsoft File and Printer..." and changed it to "Deny" under the Trusted zone and marked all others as "ask". |
The second failure was on Port 135 (RPC). Gibson says that this port can only be blocked within a firewall application. I searched the web for "Kerio RPC" and found the following answer: "How do I block the blaster worm? Add the following rule in administration Wider Network Security -> Applications. Select the 'Packet Filter' button in the bottom right comer: Add a new rule. Provide a description for the rule (e.g. block inbound RPC). Add TCP as the Protocol. Add port 135 as the local endpoint and change the name to RPC. No remote endpoint should be defmed. The direction will be incoming and the action is deny." When I went into the Kerio Configuration I found this was a little obscure, but fmally managed to set Kerio to block Port 135 (RPC). Re-running Steve Gibsons "Shields Up" I now get a full "Pass". |
|
Number 267 - August 2005
|
|