site Search:


 
    All Forums Hot Topics Gallery






how-to block ads


 
Search Topic:
Share Topic
Posting?
Links: ·Forum Guidelines ·Kerio/Tiny pre-3.x FAQ ·BBR Security Forum ·Security FAQ
AuthorAll Replies


BlitzenZeus
Burnt Out Cynic
Premium
join:2000-01-13
kudos:1

reply to shearer

Re: [Kerio 2.x] What is "no owner"?

Well your log is incomplete to start as Kerio doesn't log anything without a rule, unless its from that 'suspicous' setting which just logs garbage/fragmented packets anyway.


shearer
Northern Lights
Premium
join:2002-06-18
Asia

No, I always had the "Log suspicious packets" option disabled. The entry was from a 'catch all remaining outbound' rule I placed at the bottom of ruleset (i.e. block all outgoing from any application)



Bill_MI
Bill In Michigan
Premium,MVM
join:2001-01-03
Royal Oak, MI
kudos:1
Reviews:
·Comcast
·WOW Internet and..

I think it means it cannot determine the owner and most likely the application closed before Kerio could get the info.

That's the OUTBOUND case you have. An INBOUND case happens a lot on things like late DNS replies or connection attempts after closing the program (like bittorrent).



shearer
Northern Lights
Premium
join:2002-06-18
Asia

Thanks Bill. Your explanation makes sense.

Among many proggies I've been testing recently, one now comes to mind, a TCP-based traceroute app which runs the trace using TCP SYN packets - which I believe Kerio picks up as "No Owner". Sort of like how the Windows built-in ping which leaves "Owner:TCPIP Kernel Driver" instead of "Owner: PING.EXE".



Bill_MI
Bill In Michigan
Premium,MVM
join:2001-01-03
Royal Oak, MI
kudos:1
Reviews:
·Comcast
·WOW Internet and..

Yep, you already have the right insight how things really work. There's also a likelihood, Kerio 2.x older technology will get worse and worse at getting things right as the network stack evolves further. Not much you can do about that except... be wise.


Monday, 13-Feb 06:13:40 Terms of Use & Privacy | feedback | contact | Hosting by nac.net - DSL,Hosting & Co-lo
over 12.5 years online! © 1999-2012 dslreports.com.
Most commented news this week
Hot Topics