next firewall test - Jetico 1 [last 98 version]

MEB · Jan 25, 2008

Thought the next firewall I would try would be Jetico. Seems to have been
fairly highly rated, and apparently provides some additional 'features'
which may be of use in the 9X environment [much more configurable rules
than, say, Kerio, and supposedly rates higher than ZA].

A pre-test/installation was done for a basic 'feel' of the application, and
the installation failed to allow Internet access. Haven't finished the
background documentation/threads/web sites yet but:

Prior to the actual test, I thought I might query for installation/setup
pointers.

--

MEB
http://peoplescounsel.orgfree.com
_________

PCR · Jan 26, 2008

MEB wrote:
| Thought the next firewall I would try would be Jetico. Seems to have
| been fairly highly rated, and apparently provides some additional
| 'features' which may be of use in the 9X environment [much more
| configurable rules than, say, Kerio, and supposedly rates higher than
| ZA].
|
| A pre-test/installation was done for a basic 'feel' of the
| application, and the installation failed to allow Internet access.
| Haven't finished the background documentation/threads/web sites yet
| but:
|
| Prior to the actual test, I thought I might query for
| installation/setup pointers.

I'm still pleased with Kerio & have sworn some day to get its rules
perfectly right! But here is a forum that the Jetico site links to...

http://www.smokey-services.eu/forum/index.php?c=13
Looks like a ton of Jetico info is here.

|
| --
|
| MEB
| http://peoplescounsel.orgfree.com
| _________

--
Thanks or Good Luck,
There may be humor in this post, and,
Naturally, you will not sue,
Should things get worse after this,
PCR
pcrrcp@netzero.net

MEB · Jan 26, 2008

"PCR" <pcrrcp@netzero.net> wrote in message
news:eoe7AvIYIHA.5208@TK2MSFTNGP04.phx.gbl...
| MEB wrote:
| | Thought the next firewall I would try would be Jetico. Seems to have
| | been fairly highly rated, and apparently provides some additional
| | 'features' which may be of use in the 9X environment [much more
| | configurable rules than, say, Kerio, and supposedly rates higher than
| | ZA].
| |
| | A pre-test/installation was done for a basic 'feel' of the
| | application, and the installation failed to allow Internet access.
| | Haven't finished the background documentation/threads/web sites yet
| | but:
| |
| | Prior to the actual test, I thought I might query for
| | installation/setup pointers.
|
| I'm still pleased with Kerio & have sworn some day to get its rules
| perfectly right! But here is a forum that the Jetico site links to...
|
| http://www.smokey-services.eu/forum/index.php?c=13
| Looks like a ton of Jetico info is here.
|
| |
| | --
| |
| | MEB
| | http://peoplescounsel.orgfree.com
| | _________
|
| --
| Thanks or Good Luck,
| There may be humor in this post, and,
| Naturally, you will not sue,
| Should things get worse after this,
| PCR
| pcrrcp@netzero.net
|
|

Thanks PCR, been there, saved what little relevant material I could locate
[and from several other sites]. I just thought someone out here might have
some personal insight on the setup routine such as:
lock downs
table setups
general Windows exes that needed locked and how to achieve this PRIOR to
waiting for the prog to catch some attempted usage, etc...

--

MEB
http://peoplescounsel.orgfree.com
_________

PCR · Jan 27, 2008

MEB wrote:
| "PCR" <pcrrcp@netzero.net> wrote in message
| news:eoe7AvIYIHA.5208@TK2MSFTNGP04.phx.gbl...
|| MEB wrote:
|| | Thought the next firewall I would try would be Jetico. Seems to
|| | have been fairly highly rated, and apparently provides some
|| | additional 'features' which may be of use in the 9X environment
|| | [much more configurable rules than, say, Kerio, and supposedly
|| | rates higher than ZA].
|| |
|| | A pre-test/installation was done for a basic 'feel' of the
|| | application, and the installation failed to allow Internet access.
|| | Haven't finished the background documentation/threads/web sites yet
|| | but:
|| |
|| | Prior to the actual test, I thought I might query for
|| | installation/setup pointers.
||
|| I'm still pleased with Kerio & have sworn some day to get its rules
|| perfectly right! But here is a forum that the Jetico site links to...
||
|| http://www.smokey-services.eu/forum/index.php?c=13
|| Looks like a ton of Jetico info is here.
||
|| |
|| | --
|| |
|| | MEB
|| | http://peoplescounsel.orgfree.com
|| | _________
||
|| --
|| Thanks or Good Luck,
|| There may be humor in this post, and,
|| Naturally, you will not sue,
|| Should things get worse after this,
|| PCR
|| pcrrcp@netzero.net
||
||
|
| Thanks PCR, been there, saved what little relevant material I could
| locate [and from several other sites]. I just thought someone out
| here might have some personal insight on the setup routine such as:
| lock downs
| table setups
| general Windows exes that needed locked and how to achieve this PRIOR
| to waiting for the prog to catch some attempted usage, etc...

Can't you import some expert's rules like Kerio allows? That could be a
starting point.

| --
|
| MEB
| http://peoplescounsel.orgfree.com
| _________

--
Thanks or Good Luck,
There may be humor in this post, and,
Naturally, you will not sue,
Should things get worse after this,
PCR
pcrrcp@netzero.net

MEB · Jan 28, 2008

"PCR" <pcrrcp@netzero.net> wrote in message
news:uWs9I1UYIHA.3940@TK2MSFTNGP05.phx.gbl...
| MEB wrote:
| | "PCR" <pcrrcp@netzero.net> wrote in message
| | news:eoe7AvIYIHA.5208@TK2MSFTNGP04.phx.gbl...
| || MEB wrote:
| || | Thought the next firewall I would try would be Jetico. Seems to
| || | have been fairly highly rated, and apparently provides some
| || | additional 'features' which may be of use in the 9X environment
| || | [much more configurable rules than, say, Kerio, and supposedly
| || | rates higher than ZA].
| || |
| || | A pre-test/installation was done for a basic 'feel' of the
| || | application, and the installation failed to allow Internet access.
| || | Haven't finished the background documentation/threads/web sites yet
| || | but:
| || |
| || | Prior to the actual test, I thought I might query for
| || | installation/setup pointers.
| ||
| || I'm still pleased with Kerio & have sworn some day to get its rules
| || perfectly right! But here is a forum that the Jetico site links to...
| ||
| || http://www.smokey-services.eu/forum/index.php?c=13
| || Looks like a ton of Jetico info is here.
| ||
| || |
| || | --
| || |
| || | MEB
| || | http://peoplescounsel.orgfree.com
| || | _________
| ||
| || --
| || Thanks or Good Luck,
| || There may be humor in this post, and,
| || Naturally, you will not sue,
| || Should things get worse after this,
| || PCR
| || pcrrcp@netzero.net
| ||
| ||
| |
| | Thanks PCR, been there, saved what little relevant material I could
| | locate [and from several other sites]. I just thought someone out
| | here might have some personal insight on the setup routine such as:
| | lock downs
| | table setups
| | general Windows exes that needed locked and how to achieve this PRIOR
| | to waiting for the prog to catch some attempted usage, etc...
|
| Can't you import some expert's rules like Kerio allows? That could be a
| starting point.

Like I said, it was a preliminary install, and uninstall, just to see what
it looked like. Don't think it had an import function, though it might have.
Heck, I just finally got Kerio setup for this new configuration, front end,
and such (took a month of monitoring)... as a fall back [saved the config
for potential future re-use] and it really isn't finalized.

|
| | --
| |
| | MEB
| | _________
|
| --
| PCR
|
|

--

MEB
http://peoplescounsel.orgfree.com
_________

PCR · Jan 28, 2008

MEB wrote:
| "PCR" <pcrrcp@netzero.net> wrote in message
| news:uWs9I1UYIHA.3940@TK2MSFTNGP05.phx.gbl...
|| MEB wrote:
|| | "PCR" <pcrrcp@netzero.net> wrote in message
|| | news:eoe7AvIYIHA.5208@TK2MSFTNGP04.phx.gbl...
|| || MEB wrote:
|| || | Thought the next firewall I would try would be Jetico. Seems to
|| || | have been fairly highly rated, and apparently provides some
|| || | additional 'features' which may be of use in the 9X environment
|| || | [much more configurable rules than, say, Kerio, and supposedly
|| || | rates higher than ZA].
|| || |
|| || | A pre-test/installation was done for a basic 'feel' of the
|| || | application, and the installation failed to allow Internet
|| || | access. Haven't finished the background
|| || | documentation/threads/web sites yet but:
|| || |
|| || | Prior to the actual test, I thought I might query for
|| || | installation/setup pointers.
|| ||
|| || I'm still pleased with Kerio & have sworn some day to get its
|| || rules perfectly right! But here is a forum that the Jetico site
|| || links to...
|| ||
|| || http://www.smokey-services.eu/forum/index.php?c=13
|| || Looks like a ton of Jetico info is here.
|| ||
|| || |
|| || | --
|| || |
|| || | MEB
|| || | http://peoplescounsel.orgfree.com
|| || | _________

....snip
|| | Thanks PCR, been there, saved what little relevant material I
|| | could locate [and from several other sites]. I just thought
|| | someone out here might have some personal insight on the setup
|| | routine such as: lock downs
|| | table setups
|| | general Windows exes that needed locked and how to achieve this
|| | PRIOR to waiting for the prog to catch some attempted usage, etc...
||
|| Can't you import some expert's rules like Kerio allows? That could
|| be a starting point.
|
| Like I said, it was a preliminary install, and uninstall, just to
| see what it looked like. Don't think it had an import function,
| though it might have. Heck, I just finally got Kerio setup for this
| new configuration, front end, and such (took a month of
| monitoring)... as a fall back [saved the config for potential future
| re-use] and it really isn't finalized.

My Kerio rules aren't finalized, either. But it is so comprehensive in
rule formation that I am loath to become an expert in Jetico just to see
whether it could possibly be any better. Also, Kerio has all those
extras, such as creating a rule on the fly which can then be tweaked if
desired & signature checking.

Just now while getting online Kerio informed me NetZero's Exec.exe had
changed & wanted to know whether I should let it connect! This is
another one of NetZero's stealth updates I hope...!...

Directory of C:\Program Files\NetZero
EXEC EXE 1,636,864 10-15-07 7:29p exec.exe

Directory of D:\Program Files\NetZero
EXEC EXE 1,629,184 03-06-07 7:00p exec.exe

Indeed it is larger now than my backup on D: & has a newer date! But I
had zero knowledge it was happening & there is no evidence in
Wininit.bak! SOON, I SWEAR, I will investigate whether these stealth
updates should really be happening with my ISP! But could Jetico have
done that?

||
|| | --
|| |
|| | MEB
|| | _________
||
|| --
|| PCR
||
||
|
| --
|
| MEB
| http://peoplescounsel.orgfree.com
| _________

--
Thanks or Good Luck,
There may be humor in this post, and,
Naturally, you will not sue,
Should things get worse after this,
PCR
pcrrcp@netzero.net

MEB · Jan 28, 2008

"PCR" <pcrrcp@netzero.net> wrote in message
news:OrKITpfYIHA.1184@TK2MSFTNGP04.phx.gbl...
| MEB wrote:
| | "PCR" <pcrrcp@netzero.net> wrote in message
| | news:uWs9I1UYIHA.3940@TK2MSFTNGP05.phx.gbl...
| || MEB wrote:
| || | "PCR" <pcrrcp@netzero.net> wrote in message
| || | news:eoe7AvIYIHA.5208@TK2MSFTNGP04.phx.gbl...
| || || MEB wrote:
| || || | Thought the next firewall I would try would be Jetico. Seems to
| || || | have been fairly highly rated, and apparently provides some
| || || | additional 'features' which may be of use in the 9X environment
| || || | [much more configurable rules than, say, Kerio, and supposedly
| || || | rates higher than ZA].
| || || |
| || || | A pre-test/installation was done for a basic 'feel' of the
| || || | application, and the installation failed to allow Internet
| || || | access. Haven't finished the background
| || || | documentation/threads/web sites yet but:
| || || |
| || || | Prior to the actual test, I thought I might query for
| || || | installation/setup pointers.
| || ||
| || || I'm still pleased with Kerio & have sworn some day to get its
| || || rules perfectly right! But here is a forum that the Jetico site
| || || links to...
| || ||
| || || http://www.smokey-services.eu/forum/index.php?c=13
| || || Looks like a ton of Jetico info is here.
| || ||
| || || |
| || || | --
| || || |
| || || | MEB
| || || | http://peoplescounsel.orgfree.com
| || || | _________
|
| ...snip
| || | Thanks PCR, been there, saved what little relevant material I
| || | could locate [and from several other sites]. I just thought
| || | someone out here might have some personal insight on the setup
| || | routine such as: lock downs
| || | table setups
| || | general Windows exes that needed locked and how to achieve this
| || | PRIOR to waiting for the prog to catch some attempted usage, etc...
| ||
| || Can't you import some expert's rules like Kerio allows? That could
| || be a starting point.
| |
| | Like I said, it was a preliminary install, and uninstall, just to
| | see what it looked like. Don't think it had an import function,
| | though it might have. Heck, I just finally got Kerio setup for this
| | new configuration, front end, and such (took a month of
| | monitoring)... as a fall back [saved the config for potential future
| | re-use] and it really isn't finalized.
|
| My Kerio rules aren't finalized, either. But it is so comprehensive in
| rule formation that I am loath to become an expert in Jetico just to see
| whether it could possibly be any better. Also, Kerio has all those
| extras, such as creating a rule on the fly which can then be tweaked if
| desired & signature checking.
|
| Just now while getting online Kerio informed me NetZero's Exec.exe had
| changed & wanted to know whether I should let it connect! This is
| another one of NetZero's stealth updates I hope...!...
|
| Directory of C:\Program Files\NetZero
| EXEC EXE 1,636,864 10-15-07 7:29p exec.exe
|
| Directory of D:\Program Files\NetZero
| EXEC EXE 1,629,184 03-06-07 7:00p exec.exe
|
| Indeed it is larger now than my backup on D: & has a newer date! But I
| had zero knowledge it was happening & there is no evidence in
| Wininit.bak! SOON, I SWEAR, I will investigate whether these stealth
| updates should really be happening with my ISP! But could Jetico have
| done that?

AH yeah, from what I have read so far. One of the greater 'features' of
Jetico is that it supposedly catches the stealth attacks/highjacks = when an
allowed program is being used by some other program (like IE or browser
hidden usage) and piggy-backed usages, among other. Such as the leak test
files I had directed you to during our last firewall discussions. It has one
of the highest supposed rankings [for that era and free], however, its also
apparently one of the more difficult to configure. Reminds me of the old
Linux firewalls...

And this test config will also get one of the supposed highest ranking free
Anti-V programs, Bitdefender Free v10. However, there is an installer
problem and another related to one of their files [livesrv] before I can put
it to a full test. Sent a a meg+ of info for them to review. Waiting for a
response from support.

As for those updates from NetZero, yeah, they are PUSHED everytime they
change something, try and refuse and you eventually can't connect (requiring
you to re-download the newest version and install, or at least that's what I
had to do twice when using NetZero). That was one of the most difficult
frontend/ISP to lock down I have used (it wants access to all of your
system), AOL {remarkably} was second.

|
| ||
| || | --
| || |
| || | MEB
| || | _________
| ||
| || --
| || PCR
| | --
| |
| | MEB
| | _________
|
| --
| PCR
|
|

--

MEB
http://peoplescounsel.orgfree.com
_________

PCR · Jan 29, 2008

MEB wrote:
| "PCR" <pcrrcp@netzero.net> wrote in message
| news:OrKITpfYIHA.1184@TK2MSFTNGP04.phx.gbl...
|| MEB wrote:
|| | "PCR" <pcrrcp@netzero.net> wrote in message
|| | news:uWs9I1UYIHA.3940@TK2MSFTNGP05.phx.gbl...
|| || MEB wrote:
|| || | "PCR" <pcrrcp@netzero.net> wrote in message
|| || | news:eoe7AvIYIHA.5208@TK2MSFTNGP04.phx.gbl...
|| || || MEB wrote:
|| || || | Thought the next firewall I would try would be Jetico.
|| || || | Seems to have been fairly highly rated, and apparently
|| || || | provides some additional 'features' which may be of use in
|| || || | the 9X environment [much more configurable rules than, say,
|| || || | Kerio, and supposedly rates higher than ZA].
|| || || |
|| || || | A pre-test/installation was done for a basic 'feel' of the
|| || || | application, and the installation failed to allow Internet
|| || || | access. Haven't finished the background
|| || || | documentation/threads/web sites yet but:
|| || || |
|| || || | Prior to the actual test, I thought I might query for
|| || || | installation/setup pointers.
|| || ||
|| || || I'm still pleased with Kerio & have sworn some day to get its
|| || || rules perfectly right! But here is a forum that the Jetico site
|| || || links to...
|| || ||
|| || || http://www.smokey-services.eu/forum/index.php?c=13
|| || || Looks like a ton of Jetico info is here.
|| || ||
|| || || |
|| || || | --
|| || || |
|| || || | MEB
|| || || | http://peoplescounsel.orgfree.com
|| || || | _________
||
|| ...snip
|| || | Thanks PCR, been there, saved what little relevant material I
|| || | could locate [and from several other sites]. I just thought
|| || | someone out here might have some personal insight on the setup
|| || | routine such as: lock downs
|| || | table setups
|| || | general Windows exes that needed locked and how to achieve this
|| || | PRIOR to waiting for the prog to catch some attempted usage,
|| || | etc...
|| ||
|| || Can't you import some expert's rules like Kerio allows? That could

|| || be a starting point.
|| |
|| | Like I said, it was a preliminary install, and uninstall, just to
|| | see what it looked like. Don't think it had an import function,
|| | though it might have. Heck, I just finally got Kerio setup for
|| | this new configuration, front end, and such (took a month of
|| | monitoring)... as a fall back [saved the config for potential
|| | future re-use] and it really isn't finalized.
||
|| My Kerio rules aren't finalized, either. But it is so comprehensive
|| in rule formation that I am loath to become an expert in Jetico just
|| to see whether it could possibly be any better. Also, Kerio has all
|| those extras, such as creating a rule on the fly which can then be
|| tweaked if desired & signature checking.
||
|| Just now while getting online Kerio informed me NetZero's Exec.exe
|| had changed & wanted to know whether I should let it connect! This is
|| another one of NetZero's stealth updates I hope...!...
||
|| Directory of C:\Program Files\NetZero
|| EXEC EXE 1,636,864 10-15-07 7:29p exec.exe
||
|| Directory of D:\Program Files\NetZero
|| EXEC EXE 1,629,184 03-06-07 7:00p exec.exe
||
|| Indeed it is larger now than my backup on D: & has a newer date! But
|| I had zero knowledge it was happening & there is no evidence in
|| Wininit.bak! SOON, I SWEAR, I will investigate whether these stealth
|| updates should really be happening with my ISP! But could Jetico have
|| done that?
|
| AH yeah, from what I have read so far. One of the greater 'features'
| of Jetico is that it supposedly catches the stealth attacks/highjacks
| = when an allowed program is being used by some other program (like
| IE or browser hidden usage) and piggy-backed usages, among other.

No, I meant does Jetico do signature checking on an app before the app
can use the internet? That's what Kerio did in this case.

Hmm, but what you say, that Jetico knows that some other app has taken
control of an allowed app-- I haven't read that Kerio can know that. I
suppose something like that would get past Kerio's signature check. Hmm.

| Such as the leak test files I had directed you to during our last
| firewall discussions.

I've had a setback in refining my Kerio rules, which was a full system
restore wiped most of my refinements out. I'm not sure I'm prepared to
start again yet. But I'd been to a test site before & my rules always
passed muster. My rules still are mainly a mishmash of other expert's
good work. Too bad Jetico may not be able to do that!

| It has one of the highest supposed rankings
| [for that era and free], however, its also apparently one of the more
| difficult to configure. Reminds me of the old Linux firewalls...

As far as rule formation, what can it possibly do that Kerio cannot?
Kerio seems to be the ultimate in that regard as far as I can see. It
will generate rules on the fly & allow fine tuning of them later. Every
field of every protocol is accessible-- & some of the rules can even be
set to apply on a per application basis!

| And this test config will also get one of the supposed highest
| ranking free Anti-V programs, Bitdefender Free v10. However, there is
| an installer problem and another related to one of their files
| [livesrv] before I can put it to a full test. Sent a a meg+ of info
| for them to review. Waiting for a response from support.

Can it be Bitdefender is refusing to support Win98, as McAfee & others
ultimately did? Avast! is still working fine for me.

| As for those updates from NetZero, yeah, they are PUSHED everytime
| they change something, try and refuse and you eventually can't
| connect (requiring you to re-download the newest version and install,
| or at least that's what I had to do twice when using NetZero). That
| was one of the most difficult frontend/ISP to lock down I have used
| (it wants access to all of your system), AOL {remarkably} was second.

Hmm. Thanks for confirming that. Yea, a quick Google search did indicate
it is normal for NetZero to do that, as I had been hoping for quite a
while now.

||
|| ||
|| || | --
|| || |
|| || | MEB
|| || | _________
|| ||
|| || --
|| || PCR
|| | --
|| |
|| | MEB
|| | _________
||
|| --
|| PCR
||
||
|
| --
|
| MEB
| http://peoplescounsel.orgfree.com
| _________

--
Thanks or Good Luck,
There may be humor in this post, and,
Naturally, you will not sue,
Should things get worse after this,
PCR
pcrrcp@netzero.net

MEB · Jan 29, 2008

"PCR" <pcrrcp@netzero.net> wrote in message
news:%23fZfHYsYIHA.6068@TK2MSFTNGP05.phx.gbl...
| MEB wrote:
| | "PCR" <pcrrcp@netzero.net> wrote in message
| | news:OrKITpfYIHA.1184@TK2MSFTNGP04.phx.gbl...
| || MEB wrote:
| || | "PCR" <pcrrcp@netzero.net> wrote in message
| || | news:uWs9I1UYIHA.3940@TK2MSFTNGP05.phx.gbl...
| || || MEB wrote:
| || || | "PCR" <pcrrcp@netzero.net> wrote in message
| || || | news:eoe7AvIYIHA.5208@TK2MSFTNGP04.phx.gbl...
| || || || MEB wrote:
| || || || | Thought the next firewall I would try would be Jetico.
| || || || | Seems to have been fairly highly rated, and apparently
| || || || | provides some additional 'features' which may be of use in
| || || || | the 9X environment [much more configurable rules than, say,
| || || || | Kerio, and supposedly rates higher than ZA].
| || || || |
| || || || | A pre-test/installation was done for a basic 'feel' of the
| || || || | application, and the installation failed to allow Internet
| || || || | access. Haven't finished the background
| || || || | documentation/threads/web sites yet but:
| || || || |
| || || || | Prior to the actual test, I thought I might query for
| || || || | installation/setup pointers.
| || || ||
| || || || I'm still pleased with Kerio & have sworn some day to get its
| || || || rules perfectly right! But here is a forum that the Jetico site
| || || || links to...
| || || ||
| || || || http://www.smokey-services.eu/forum/index.php?c=13
| || || || Looks like a ton of Jetico info is here.
| || || ||
| || || || |
| || || || | --
| || || || |
| || || || | MEB
| || || || | http://peoplescounsel.orgfree.com
| || || || | _________
| ||
| || ...snip
| || || | Thanks PCR, been there, saved what little relevant material I
| || || | could locate [and from several other sites]. I just thought
| || || | someone out here might have some personal insight on the setup
| || || | routine such as: lock downs
| || || | table setups
| || || | general Windows exes that needed locked and how to achieve this
| || || | PRIOR to waiting for the prog to catch some attempted usage,
| || || | etc...
| || ||
| || || Can't you import some expert's rules like Kerio allows? That could
|
| || || be a starting point.
| || |
| || | Like I said, it was a preliminary install, and uninstall, just to
| || | see what it looked like. Don't think it had an import function,
| || | though it might have. Heck, I just finally got Kerio setup for
| || | this new configuration, front end, and such (took a month of
| || | monitoring)... as a fall back [saved the config for potential
| || | future re-use] and it really isn't finalized.
| ||
| || My Kerio rules aren't finalized, either. But it is so comprehensive
| || in rule formation that I am loath to become an expert in Jetico just
| || to see whether it could possibly be any better. Also, Kerio has all
| || those extras, such as creating a rule on the fly which can then be
| || tweaked if desired & signature checking.
| ||
| || Just now while getting online Kerio informed me NetZero's Exec.exe
| || had changed & wanted to know whether I should let it connect! This is
| || another one of NetZero's stealth updates I hope...!...
| ||
| || Directory of C:\Program Files\NetZero
| || EXEC EXE 1,636,864 10-15-07 7:29p exec.exe
| ||
| || Directory of D:\Program Files\NetZero
| || EXEC EXE 1,629,184 03-06-07 7:00p exec.exe
| ||
| || Indeed it is larger now than my backup on D: & has a newer date! But
| || I had zero knowledge it was happening & there is no evidence in
| || Wininit.bak! SOON, I SWEAR, I will investigate whether these stealth
| || updates should really be happening with my ISP! But could Jetico have
| || done that?
| |
| | AH yeah, from what I have read so far. One of the greater 'features'
| | of Jetico is that it supposedly catches the stealth attacks/highjacks
| | = when an allowed program is being used by some other program (like
| | IE or browser hidden usage) and piggy-backed usages, among other.
|
| No, I meant does Jetico do signature checking on an app before the app
| can use the internet? That's what Kerio did in this case.

Yes, and more.

|
| Hmm, but what you say, that Jetico knows that some other app has taken
| control of an allowed app-- I haven't read that Kerio can know that. I
| suppose something like that would get past Kerio's signature check. Hmm.

That was what I had indicated via our other discussion when I referenced
those network test tools [hacker tools].
Kerio, our old version, does not know about these types of hacks.

There are several sites available, here's one:
http://www.firewallleaktester.com/index.html

These types of sites are also useful to help determine the types of hacks
you might be subjected to while casually browsing the Internet.
PONDERING POINTS:
Is that little java code really safe, has that script file done something
you don't want? How would you know?
Does your anti-v/anti-spyware/anti-spam/whatever prog REALLY catch those
activities or would some additional protection be wise?

http://www.av-comparatives.org/

|
| | Such as the leak test files I had directed you to during our last
| | firewall discussions.
|
| I've had a setback in refining my Kerio rules, which was a full system
| restore wiped most of my refinements out. I'm not sure I'm prepared to
| start again yet. But I'd been to a test site before & my rules always
| passed muster. My rules still are mainly a mishmash of other expert's
| good work. Too bad Jetico may not be able to do that!
|
| | It has one of the highest supposed rankings
| | [for that era and free], however, its also apparently one of the more
| | difficult to configure. Reminds me of the old Linux firewalls...
|
| As far as rule formation, what can it possibly do that Kerio cannot?
| Kerio seems to be the ultimate in that regard as far as I can see. It
| will generate rules on the fly & allow fine tuning of them later. Every
| field of every protocol is accessible-- & some of the rules can even be
| set to apply on a per application basis!

Check those sites above and you may change your tune.
Nothing worse than playing around and NOT measuring and weighing the
potentials.

|
| | And this test config will also get one of the supposed highest
| | ranking free Anti-V programs, Bitdefender Free v10. However, there is
| | an installer problem and another related to one of their files
| | [livesrv] before I can put it to a full test. Sent a a meg+ of info
| | for them to review. Waiting for a response from support.
|
| Can it be Bitdefender is refusing to support Win98, as McAfee & others
| ultimately did? Avast! is still working fine for me.

Right, the problems are not that great, just some code adjustment which
doesn't appear to be specific to NT only programs [but then its not my code
so...]....

AVAST is apparrently a mid-level Anti-v prog, AVG Free is also. IF
Bitdefender support indicates [or fails to indicate fixes] issues specific
to 9X, the next test A-V will likely be Avira Anti-Vir.

|
| | As for those updates from NetZero, yeah, they are PUSHED everytime
| | they change something, try and refuse and you eventually can't
| | connect (requiring you to re-download the newest version and install,
| | or at least that's what I had to do twice when using NetZero). That
| | was one of the most difficult frontend/ISP to lock down I have used
| | (it wants access to all of your system), AOL {remarkably} was second.
|
| Hmm. Thanks for confirming that. Yea, a quick Google search did indicate
| it is normal for NetZero to do that, as I had been hoping for quite a
| while now.

Yep, one of the reasons I give NetZero a POOR ranking.

|
| ||
| || ||
| || || | --
| || || |
| || || | MEB
| || || | _________
| || ||
| || || --
| || || PCR
| || | --
| || |
| || | MEB
| || | _________
| ||
| || --
| || PCR
| | --
| |
| | MEB
| | _________
|
| --
| PCR

--

MEB
http://peoplescounsel.orgfree.com
_________

PCR · Jan 30, 2008

"MEB" <meb@not here@hotmail.com> wrote in message
news:uF%23OrjtYIHA.5900@TK2MSFTNGP02.phx.gbl...
|
|
| "PCR" <pcrrcp@netzero.net> wrote in message
| news:%23fZfHYsYIHA.6068@TK2MSFTNGP05.phx.gbl...

....snip
| | No, I meant does Jetico do signature checking on an app before the
app
| | can use the internet? That's what Kerio did in this case.
|
| Yes, and more.

OK. Very good.

| |
| | Hmm, but what you say, that Jetico knows that some other app has
taken
| | control of an allowed app-- I haven't read that Kerio can know that.
I
| | suppose something like that would get past Kerio's signature check.
Hmm.
|
| That was what I had indicated via our other discussion when I
referenced
| those network test tools [hacker tools].
| Kerio, our old version, does not know about these types of hacks.
|
| There are several sites available, here's one:
| http://www.firewallleaktester.com/index.html

Yow! There are 26 leak tests at that site! What did you get up to? Well,
the first one that the site claims Kerio to fail is WB
(WallBreaker.exe). Indeed, Kerio fails the 1st two parts of WB. (The
other 2 parts are not applicable to Win98.)

HOWEVER, what is it really failing? WB started Internet Explorer, is
all, & opened it to a site. That's much the same as clicking any stray
URL. Hopefully, my Kerio rules that govern the protocols & directions &
ports, etc. will prevent any malicious activity once the site is
reached. For instance, my NetBios Block rule (copied from some expert)
will prevent TCP & UDP in both directions at local endpoint ports
137-139. So, the site still won't be able to do that! Also, one hopes
my avast! will kick in too! I've seen it work!

| These types of sites are also useful to help determine the types of
hacks
| you might be subjected to while casually browsing the Internet.

I can see one might learn quite a bit from one of those sites. But I
still believe Kerio can prevent any unwanted actual transfer of data--
IF the rules are set correctly. The only Kerio rule I have now that
explicitly mentions Internet Explorer is allowing TCP out from any port
to any address, port 80. Anything incoming to IE causes a Kerio alert,
except... I do have a copied rule that allows certain ICMP in to any
port of any app, & I do know IE can use my Primary DNS Server rule.

| PONDERING POINTS:
| Is that little java code really safe, has that script file done
something
| you don't want? How would you know?
| Does your anti-v/anti-spyware/anti-spam/whatever prog REALLY catch
those
| activities or would some additional protection be wise?
|
| http://www.av-comparatives.org/
|

Those are good questions. One hopes one's virus checker will know the
answers.

....snip
| | As far as rule formation, what can it possibly do that Kerio cannot?
| | Kerio seems to be the ultimate in that regard as far as I can see.
It
| | will generate rules on the fly & allow fine tuning of them later.
Every
| | field of every protocol is accessible-- & some of the rules can even
be
| | set to apply on a per application basis!
|
| Check those sites above and you may change your tune.
| Nothing worse than playing around and NOT measuring and weighing the
| potentials.

I guess I do need to spend a little more time at those sites, yea.

| |
| | | And this test config will also get one of the supposed highest
| | | ranking free Anti-V programs, Bitdefender Free v10. However, there
is
| | | an installer problem and another related to one of their files
| | | [livesrv] before I can put it to a full test. Sent a a meg+ of
info
| | | for them to review. Waiting for a response from support.

Let me know what they say.

| | Can it be Bitdefender is refusing to support Win98, as McAfee &
others
| | ultimately did? Avast! is still working fine for me.
|
| Right, the problems are not that great, just some code adjustment
which
| doesn't appear to be specific to NT only programs [but then its not my
code
| so...]....

It's a pity that they are abandoning us lowly Win98 users! But I remain
pleased with avast!.

| AVAST is apparrently a mid-level Anti-v prog, AVG Free is also. IF
| Bitdefender support indicates [or fails to indicate fixes] issues
specific
| to 9X, the next test A-V will likely be Avira Anti-Vir.

Hmm. Avast! passes the tests at...!...
http://www.eicar.org/anti_virus_test_file.htm

However, it seems to be true that a double-packed virus has to be
unpacked before avast! will catch it. (McAfee seemed to catch them w/o
unpacking.)

| | | As for those updates from NetZero, yeah, they are PUSHED
everytime
| | | they change something, try and refuse and you eventually can't
| | | connect (requiring you to re-download the newest version and
install,
| | | or at least that's what I had to do twice when using NetZero).
That
| | | was one of the most difficult frontend/ISP to lock down I have
used
| | | (it wants access to all of your system), AOL {remarkably} was
second.
| |
| | Hmm. Thanks for confirming that. Yea, a quick Google search did
indicate
| | it is normal for NetZero to do that, as I had been hoping for quite
a
| | while now.
|
| Yep, one of the reasons I give NetZero a POOR ranking.

Well, it is only $9.95 per mo., & I'm not a big user of the NET.

....snip

MEB · Jan 31, 2008

AAAAHHHH, I should know better than to make comments before finishing file
analysis. Still not completely finished, but it appears Bitdefender v10 has
a number of function calls and requirements found only in NT [files and
services], so another possibility apparently bites the dust, unless I hear
something different from support.

Support HAS contacted me, however the suggestion is an uninstall, then
using their separate uninstall cleanup tool, and a re-install and manual
update. WHY does everyone do that... oh well, I'll give it a try.

That's really discouraging as the program found ALL of my local test files
for email hacks, network hack tools, and other spyware and virus test files
unlike the other programs I had been using/testing recently {AVG, AVAST]
which completely missed the email hacks [actual dbx and eml files containing
Trojans or other] and stealth spyware, some of the virus files real and
stub, and ALL the network hack/testing tools. Granted these aren't the
newest variants, but still impressive.

Sent them some more info to digest.

--

MEB
http://peoplescounsel.orgfree.com
_________

PCR · Jan 31, 2008

MEB wrote:
| AAAAHHHH, I should know better than to make comments before finishing
| file analysis. Still not completely finished, but it appears
| Bitdefender v10 has a number of function calls and requirements found
| only in NT [files and services], so another possibility apparently
| bites the dust, unless I hear something different from support.
|
| Support HAS contacted me, however the suggestion is an uninstall,
| then using their separate uninstall cleanup tool, and a re-install
| and manual update. WHY does everyone do that... oh well, I'll give it
| a try.

I confess I can't recall all I've read at this NG regarding NT vrs.
Win98 & whether there is enough compatibility. I think it will depend as
you say on whether Bitdefender v10 uses function calls available only on
NT systems like Win2K. Maybe try putting the NT .dll's in the folder
that contains the Bitdefender executables. Then, those .dll's will get
loaded & used only by Bitdefender, & it will not try to use Win98 .dll's
of the same name located in system folders.

STILL, it will fail, if a function tries to do something impossible on
Win98. Your own testing will be definitive despite what the Bitdefender
people may say.

| That's really discouraging as the program found ALL of my local test
| files for email hacks, network hack tools, and other spyware and
| virus test files unlike the other programs I had been using/testing
| recently {AVG, AVAST] which completely missed the email hacks [actual
| dbx and eml files containing Trojans or other] and stealth spyware,
| some of the virus files real and stub, and ALL the network
| hack/testing tools. Granted these aren't the newest variants, but
| still impressive.

Was E-Mail scanning enabled in avast!? If so, each post in this NG & in
your InBox should say (at R-Clk it, Properties, Details tab)...

X-Antivirus: avast! (VPS 080130-1, 01/30/2008), Inbound message
X-Antivirus-Status: Clean

And I've seen it work with a test file of my own! (Actually, it was that
false alarm in SetupMDM.exe that triggered an avast! alert when I tried
to E-Mail it to myself or a virus testing site.)

| Sent them some more info to digest.

Keep us informed.

| --
|
| MEB
| http://peoplescounsel.orgfree.com
| _________

--
Thanks or Good Luck,
There may be humor in this post, and,
Naturally, you will not sue,
Should things get worse after this,
PCR
pcrrcp@netzero.net

MEB · Jan 31, 2008

"PCR" <pcrrcp@netzero.net> wrote in message
news:%23DKKBhGZIHA.1208@TK2MSFTNGP05.phx.gbl...
| MEB wrote:
| | AAAAHHHH, I should know better than to make comments before finishing
| | file analysis. Still not completely finished, but it appears
| | Bitdefender v10 has a number of function calls and requirements found
| | only in NT [files and services], so another possibility apparently
| | bites the dust, unless I hear something different from support.
| |
| | Support HAS contacted me, however the suggestion is an uninstall,
| | then using their separate uninstall cleanup tool, and a re-install
| | and manual update. WHY does everyone do that... oh well, I'll give it
| | a try.

And that worked as expected, NOT. Gees as if I hadn't already tried
removing ALL aspects with RegSeeker. And the non-surprise, the uninstaller
actually did NOT remove all the registry entries. SO MSI left traces and so
did the uninstaller...

|
| I confess I can't recall all I've read at this NG regarding NT vrs.
| Win98 & whether there is enough compatibility. I think it will depend as
| you say on whether Bitdefender v10 uses function calls available only on
| NT systems like Win2K. Maybe try putting the NT .dll's in the folder
| that contains the Bitdefender executables. Then, those .dll's will get
| loaded & used only by Bitdefender, & it will not try to use Win98 .dll's
| of the same name located in system folders.

Yeah, we've been through that before. Perhaps you don't remember a thread
in which I discussed actually attempting to place a goodly portion of XP's
files into 98SE while attempting to find a point at which the errors and
unresolved calls stopped. There is no end, ntdll.dll and dozens of other XP
files are massively different [though similar to NT 4/2000]. Strangely I see
9X to XP mods out there, obviously the creators must NOT have done much file
monitoring beyond "hey its still working and booting, must be Okay", then
again, maybe they modded some of the files to stop the issues, don't think
I'll every test THOSE mods though...
I may, try placing some of those dlls into the folder if Support doesn't
get this figured out just to see how that works [hey it worked before].
I suggested in the last contact that it may be due to whatever their
present compiler is. Most [programming environments] have drop support for
9X/NT, so using a newer compiler will not work for cross-platform use
anymore. Actually rather stupid of the suppliers, as 9X/NT code is STABLE,
unlike the presently supported OSs which receive constant changes which MUST
be allowed for.. but again, its not my code .... and how are they going to
make money if no update subscriptions are involved...

|
| STILL, it will fail, if a function tries to do something impossible on
| Win98. Your own testing will be definitive despite what the Bitdefender
| people may say.

And that's the issue which should concern SoftWin as they still sell
Bitdefender and other for the 9X/NT environment.

|
| | That's really discouraging as the program found ALL of my local test
| | files for email hacks, network hack tools, and other spyware and
| | virus test files unlike the other programs I had been using/testing
| | recently {AVG, AVAST] which completely missed the email hacks [actual
| | dbx and eml files containing Trojans or other] and stealth spyware,
| | some of the virus files real and stub, and ALL the network
| | hack/testing tools. Granted these aren't the newest variants, but
| | still impressive.
|
| Was E-Mail scanning enabled in avast!? If so, each post in this NG & in
| your InBox should say (at R-Clk it, Properties, Details tab)...

Yes, but these files have been localized (saved) to check the various A-V
programs. One I created myself because I couldn't find it [receive it] in
the wild. Three came in using AVG, two using AVAST.
You missed that point, that these are local, not functioning/used DBX/EML
files which the scanners in the other progs missed. Bitdefender's A-V
scanner and configuration, does a double check, not just as it comes in or
goes out [which it also does, or rather would].

|
| X-Antivirus: avast! (VPS 080130-1, 01/30/2008), Inbound message
| X-Antivirus-Status: Clean
|
| And I've seen it work with a test file of my own! (Actually, it was that
| false alarm in SetupMDM.exe that triggered an avast! alert when I tried
| to E-Mail it to myself or a virus testing site.)

That was a VIRUS [actually a stub] not SpyWare or other... big difference
and not an accurate test... we're discussing two different issues.
Bitdefender has anti-spyware/phising/Trojan/whatever pluggins which it uses
in its various functions. You did look at that A-V testing results site,
right?

|
| | Sent them some more info to digest.
|
| Keep us informed.

Yeah, that's the purpose ..... of course this is anti-virus we're
discussing NOT Jetico Firewall X-{

|
| | --
| |
| | MEB
| | _________
|
| --
| PCR
|
|

--

MEB
http://peoplescounsel.orgfree.com
_________

PCR · Feb 1, 2008

MEB wrote:
| "PCR" <pcrrcp@netzero.net> wrote in message
| news:%23DKKBhGZIHA.1208@TK2MSFTNGP05.phx.gbl...
|| MEB wrote:
|| | AAAAHHHH, I should know better than to make comments before
|| | finishing file analysis. Still not completely finished, but it
|| | appears Bitdefender v10 has a number of function calls and
|| | requirements found only in NT [files and services], so another
|| | possibility apparently bites the dust, unless I hear something
|| | different from support.
|| |
|| | Support HAS contacted me, however the suggestion is an uninstall,
|| | then using their separate uninstall cleanup tool, and a re-install
|| | and manual update. WHY does everyone do that... oh well, I'll give
|| | it a try.
|
| And that worked as expected, NOT.

Uhuh. I guess they wanted to be perfectly sure of a pristine
installation, though. And too bad that wasn't the problem.

| Gees as if I hadn't already tried
| removing ALL aspects with RegSeeker. And the non-surprise, the
| uninstaller actually did NOT remove all the registry entries. SO MSI
| left traces and so did the uninstaller...

That's sloppy, but I believe most are. Glad you caught it all.

||
|| I confess I can't recall all I've read at this NG regarding NT vrs.
|| Win98 & whether there is enough compatibility. I think it will
|| depend as you say on whether Bitdefender v10 uses function calls
|| available only on NT systems like Win2K. Maybe try putting the NT
|| .dll's in the folder that contains the Bitdefender executables.
|| Then, those .dll's will get loaded & used only by Bitdefender, & it
|| will not try to use Win98 .dll's of the same name located in system
|| folders.
|
| Yeah, we've been through that before.

I did eventually remember saying all that before-- but I was beyond the
point of no return!

| Perhaps you don't remember a
| thread in which I discussed actually attempting to place a goodly
| portion of XP's files into 98SE while attempting to find a point at
| which the errors and unresolved calls stopped.

That was a brave & valiant thing to do, & I remember you wore a
double-thick tinfoil hat!

| There is no end,
| ntdll.dll and dozens of other XP files are massively different
| [though similar to NT 4/2000].

NTDLL.dll is the "Win32 NTDLL core component". In my Win98 machine, its
version is 4.10.1998. I can only guess what it does. But, if/when it
must deal with newer capabilities of processor chips, one would have to
replace those chips with XP-irradiated chips for an XP NTDLL.dll to
work-- not just the .dll, but the chips too would need to be replaced.

| Strangely I see 9X to XP mods out
| there, obviously the creators must NOT have done much file monitoring
| beyond "hey its still working and booting, must be Okay", then again,
| maybe they modded some of the files to stop the issues, don't think
| I'll every test THOSE mods though...

They must be trying to write .dll's for Win98 that will do the things
the XP .dll's can do-- but using functions the Win98 chips can
understand.

| I may, try placing some of
| those dlls into the folder if Support doesn't get this figured out
| just to see how that works [hey it worked before].

I think it will depend on precisely which functions BitDefender calls in
the .dll's it uses. If it calls one that is impossible for Win98 chips
to do, then it must fail.

| I suggested in
| the last contact that it may be due to whatever their present
| compiler is.

Yep-- absolutely, they have to get the compiler right! That would take
care of all chip & .dll compatibility concerns.

| Most [programming environments] have drop support for
| 9X/NT, so using a newer compiler will not work for cross-platform use
| anymore. Actually rather stupid of the suppliers, as 9X/NT code is
| STABLE, unlike the presently supported OSs which receive constant
| changes which MUST be allowed for.. but again, its not my code ....
| and how are they going to make money if no update subscriptions are
| involved...

Yep, I more than agree-- no one should ever write anything for an OS
other than Win98!

||
|| STILL, it will fail, if a function tries to do something impossible
|| on Win98. Your own testing will be definitive despite what the
|| Bitdefender people may say.
|
| And that's the issue which should concern SoftWin as they still sell
| Bitdefender and other for the 9X/NT environment.

It is a pity, if they can't get it right.

|| | That's really discouraging as the program found ALL of my local
|| | test files for email hacks, network hack tools, and other spyware
|| | and virus test files unlike the other programs I had been
|| | using/testing recently {AVG, AVAST] which completely missed the
|| | email hacks [actual dbx and eml files containing Trojans or other]
|| | and stealth spyware, some of the virus files real and stub, and
|| | ALL the network hack/testing tools. Granted these aren't the
|| | newest variants, but still impressive.
||
|| Was E-Mail scanning enabled in avast!? If so, each post in this NG &
|| in your InBox should say (at R-Clk it, Properties, Details tab)...
|
| Yes, but these files have been localized (saved) to check the
| various A-V programs. One I created myself because I couldn't find it
| [receive it] in the wild. Three came in using AVG, two using AVAST.
| You missed that point, that these are local, not functioning/used
| DBX/EML files which the scanners in the other progs missed.
| Bitdefender's A-V scanner and configuration, does a double check, not
| just as it comes in or goes out [which it also does, or rather would].

Besides scanning at post & when first read in, I do know I can also
R-Clk a .dbx, & choose to scan it. Then, avast! will scan each post
inside. Other than that, I'm not sure, but I do suppose its On-Access
scanner would catch something trying to do damage when opening a
transported .dbx for reading in OE.

||
|| X-Antivirus: avast! (VPS 080130-1, 01/30/2008), Inbound message
|| X-Antivirus-Status: Clean
||
|| And I've seen it work with a test file of my own! (Actually, it was
|| that false alarm in SetupMDM.exe that triggered an avast! alert when
|| I tried to E-Mail it to myself or a virus testing site.)
|
| That was a VIRUS [actually a stub] not SpyWare or other... big
| difference and not an accurate test... we're discussing two different
| issues. Bitdefender has anti-spyware/phising/Trojan/whatever pluggins
| which it uses in its various functions. You did look at that A-V
| testing results site, right?

I'll have to go look, but I am well satisfied & much impressed with
avast! despite the sundry minor peccadilloes I have discovered & posted
elsewhere.

||
|| | Sent them some more info to digest.
||
|| Keep us informed.
|
| Yeah, that's the purpose ..... of course this is anti-virus we're
| discussing NOT Jetico Firewall X-{

I'll take a look at that BitDefender site to see whether there is a FAQ
that may apply to your case. But your communication with the BitDefender
people & your own experience & testing is what really will decide the
issue.

|| | --
|| |
|| | MEB
|| | _________
||
|| --
|| PCR
||
||
|
| --
|
| MEB
| http://peoplescounsel.orgfree.com
| _________

--
Thanks or Good Luck,
There may be humor in this post, and,
Naturally, you will not sue,
Should things get worse after this,
PCR
pcrrcp@netzero.net

next firewall test - Jetico 1 [last 98 version]

MEB

PCR

MEB

PCR

MEB

PCR

MEB

PCR

MEB

PCR

MEB

PCR

MEB

PCR

Similar threads