Search:  

 
theme to white backgroundlet page decide theme
HomeFind ServiceReviewsISP NewsFAQsForumsToolsDatabaseAbout 
 
   All ForumsHot TopicsGallery






how-to block ads


 
Forums » The Site » Old Forums » Kerio - Tiny Support » [Kerio 2.x] Kerio 2.1.5 "for Dummies"
Search Topic:
 Share Topic:
RSS topic:
toggle:
flat / full
normal / watch
Posting:
Links: ·Forum Guidelines ·Kerio/Tiny pre-3.x FAQ ·BBR Security Forum ·Security FAQ
AuthorAll Replies

DavidGGG

join:2007-07-06
Chesterfield, VA

2 edits		reply to ghost16825
Re: [Kerio 2.x] Kerio 2.1.5 "for Dummies"

Seems like the only process that ever contacts the DNS server on my XP machine is svchost, so it's easy to allow only svchost. I'll do that, and log if any program fails to connect to the DNS server (but so far it hasn't happened). Still, what I know about svchost is that DLLs run through it. So why can't a virus use svchost as well? Anyway, it's a bit safer now I guess.

Regarding specifying port numbers for the web browser: Wouldn't that be a pain in the butt? Just by reading the port numbering standard, it seems I should allow 80, 81, 443, 591, 8008 and 8080, and then also 20, 21, 989 and 990 for ftp, and probably more stuff when connecting to secure sites or other protocols which I don't know much about, and even if I got all that right, it happens from time to time I want to follow a link to a site with a specified, non-standard port number. Seems like a never ending story trying to set up all possible ports. Or maybe you or someone else with lots of experience actually have a proper list of ports that you recommend?!

I also read something about Dan Kaminsky's tricks with DNS (suppose you mean »www.doxpara.com/bo2004.ppt). Seems DNS servers are a way to send at least small amounts of data. There are security holes everywhere in my damned computer, arent there! Good thing I just limited my DNS rule to two IPs and one application...!

A couple of updates to my original post:
a) I've moved a couple of my P2P programs up above the rule that blocks port 53, since some seem to make use of it to bypass some local firewall (!). So my advice would be to check the log while running P2P and if attempts are made on port 53 by P2P programs, you might want to move the rules up, to increase connectivity.
b) I read some more about container files, and it seems sound files are probably also always safe (.WAV, .MP3 etc), since apparently they can hold only sound (what a brilliant idea - just sound in sound files!) and some tags.
to forum · permalink · 2007-07-08 15:18:22 · (locked)
Forums » The Site » Old Forums » Kerio - Tiny Support

Friday, 04-Dec 02:12:40 Terms of Use | Privacy Policy | Hosting by www.nac.net - DSL,Hosting & Co-lo | feedback | contact
over 10 years online! © 1999-2009 dslreports.com.
page compression OFF
Most commented news this week
· [162] Comcast Releasing Promised Usage Meter
· [140] Avast Antivirus Has Gone Mad
· [104] Graduate Student Unveils Sprint's GPS Sharing With Feds
· [99] Comcast Makes NBC Universal Acquisition Official
· [85] Google Invades ISP, OpenDNS Turf With Google Public DNS
· [81] Latest Consumer Reports Survey Not Kind To AT&T
· [70] Baltimore To Ban Lazy Cable Installs
· [65] Sprint Defuses GPS Privacy Media Bomb
· [64] Broadband Killed The Game Console
· [58] FCC Ponders Moving From PSTN To IP Voice
Most people now reading
· False positive in Avast! or is it real? [Security]
· Maximizing Rogue DPS for ToC/ToGC (3.x) [World of Warcraft]
· [Business] how to bridge a smc 8014 business class modem [Comcast HSI]
· [video] Electrical Wire Tears Apart Tree [56k Lookout (Broadband Heavy)]
· Heating - my dad gave me this advice... [Home Repair & Improvement]
· [TWC] Audio/Video outage in Brooklyn [Time Warner Cable TV/Voice]
· What the heck is going on in SoCal - Part 3 [Road Runner]
· Opening a file download dialog from a JavaScript function. [Webmasters and Developers]
· [ Classes] Warlock Thread [World of Warcraft]
· Usenet Services- Clarification [TekSavvy]