PC Flank: Make sure you're protected on all sides.


		Make sure you're protected on all sides

	Test Your System
	About PC Flank's tests
	PC Flank Leaktest NEW!
	Quick Test
	Stealth Test
	Browser Test
	Trojans Test
	Advanced Port Scanner
	Exploits Test

	Ask the experts
	Leak Tests Catalog NEW!
	FAQ
	Glossary

	Community
	Forum

	Security Center
	Software Store
	Books Store
	Articles Library
	Software Reviews
	Interviews

Do not run Internet cracks (programs to bypass shareware limitations), they often contain viruses or Trojans.

Kerio Personal Firewall 4 - part II

by Andrew Cooper

System Security is a feature used to monitor every application on your computer. When a program first starts Kerio notifies you and asks if you want to permit or block this app.

You can set general rules for three situations: when the application starts, when the application has been modified and when the application is starts to run another application. These settings are to help prevent malicious viruses and Trojans from infiltrating your system and to alert you if one got by your defenses and is trying to "call home".

The Applications tab is where you can set individual or general rules for the actions of any application and where you can see the list of each application and its rule settings.

At first I was a little annoyed by all the alerts telling me each time an app started, but after all the programs I normally use were given rules Kerio calmed down.

I didn't find out firsthand what Kerio does when it detects a computer virus, but the documentation says it alerts you if a virus starts as a program. The software has one big security flaw, however. Let's suppose a Trojan or spyware agent is acting as a component (DLL) of a trusted application (i.e. Internet Explorer). As far as I can see Kerio has no DLL-controlling features, so the malicious agent can bypass Kerio's protection.

The third security tool is Intrusion Detection System, named "Intrusions" on the left menu of the program. This is pretty useless really. You can only turn on or off the defensive mechanism of three types of attacks. Since nobody is likely to allow attacks in, you should just use the default settings that block High and Medium priority intrusions and maybe allow low priority intrusions described by the developers as "equivocal network activities, errors in protocols, invalid data format, etc".

The main goal of Intrusions Detection System is to block remote denial-of-service attacks and it does this successfully. I tested Kerio against PC Flank's Exploit test and it passed with flying colors. This is no big deal though because every personal firewall today should pass that test.

The fourth tool is Web Privacy (it's the Web tab in the left menu). For privacy purposes this tool has settings to block active content of web pages (ActiveX, Visual Basic and Java applets), to filter cookies and block the release of your private information.

The final security tool was the most interesting to me. It claims it can block the sending out of your private info that normally can leave via HTTP. I decided to test if my e-mail address got blocked by Kerio.

I went to Google, typed in my e-mail address and pressed the search button. Kerio didn't block my e-mail address from being transmitted via HTTP protocol. This was a letdown. I can't help but wonder what else doesn't work right.

Continue to Part III
Back to Part I

Make "PC Flank" your
Start Page!

» One man's job

» Outpost Firewall Pro Review

Outpost Firewall PRO 3.0 - complete protection on the Internet!

Secure Internet surfing with Oupost personal firewall with antispyware and free firewall available for download at www.agnitum.com.

Site Map
Contact Us