Print

Welcome to Smokey's Security Forums.

Guests have only limited access to the board and it's features, please consider registering to gain full access!

Registration is free and it only takes a few moments to complete.

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[zerozorro]

Important

• Disk Access filter
  Why: to limit access to non-system (media, backup, etc) disks to trusted apps, protect system paths.
• Purge applications
  Why: it is relatively easy to implement, and is torturous to work without at times

Medium

• Hide table from the popup templates (for logical, non-functional roots)
• Drag support for both Groups and their entries
• «Delete» in Group entry context menu
• Remember settings on exit (as it already does on manual GUI restart)
• Do not group if single entry in Applications network monitor
• «Expand All» in Applications network monitor
• Protocol column in Applications network monitor
• Ports Group

Minor

• App Name column (patheless)
• Gray out icon and text for inactive rules
• Option to use own icons (default are too 3.11)
• Add Default action: ask

& more frequent updates and news from the devs

[repete]

Some Suggestions:

- I like the idea of a clean-up option to be able to remove all rules with non-existing application paths. (it takes a long time to clean-up old rules manually)

- Save user changes made to the GUI column width and order in real-time. (changes aren't being saved after a system reboot)  The only way to save the order right now is to go to Jetico system tray icon and right click on it and select "exit" and then restart the interface again.

- Application Checksum table. All application checksums should just be added to the table silently (no popup). Only when there is a change in the applications checksum should there be a popup notifiying you of the change and if you would like to update the existing application checksum rule or not.

- Groups tab: A section for Ports and Mac Addresses.

- In the Logs, when you right click on a log and select "create rule" it should already know based on the packets log parameters what the most logical table under Optimal Protection that the rule should be placed into. By default this table should be highlighted, so that the majority of the time users can just click "ok" and not have to try to figure out which table to pick.

- Also in the Logs, when you right click on a log and select "create rule" it would be great if some additional information from the "misc" column was added to the rule also. For example for a ICMP packet log if the created rule also included the ICMP type and code that was listed under misc. ARP packet log if it also included the ARP opcode to the rule. TCP packet log if it added the TCP flags, ect. That way the created rule is much more complete.


Thank you for listening! 

[goaty]

Hi, I'd like the following feature:

- manually triggered action (button in main window)  that removes rules with non-existing application paths. My Ruleset is filling up with temporary or already uninstalled apps.
- Button to quickly select rule persistence (once or permanent) while adding rule in popup dialog.
- Auto detect fullscreen and appropriate rule to avoid hangs while playing games

goaty

[IneedH3lp]

Also an option to lock rules in place and the ability to create port groups (just like IP address and Applications work).

Great piece of software this is, but there's room for a whole lot of minor improvements that would make using it a lot more pleasurable!

I bow to you.

[IneedH3lp]

Is JPF ever going to have support for remote access?

Like once connected to a host you get its configuration (security policies) and you receive all popus that would normally appear show on the host system.

Just like NetLimiter does, but this would be way cooler.

[just a guy]

idea/want:
being able to change column-option of all selected rules, in one shot.
...like all from accept to reject...

[just a guy]

oops, forgot about subnet 254. ( we shall assume we all 'get' the workings of 255 )

[just a guy]

nice one! they might even do it soon, THAT way.

major help would be in organization,
- I like to network-block my rules together.
-- oooo maybe i can put my block-pic here, checking...
mini

large

stretch

-------------------you have to download last 2 for full detail.

like, a bunch of IE rules.(I do not just 'any' port 80)
- sort the rules together and move them one step,
-- changing their 'true' order, so they're all together, after.
--- maybe a self resetting check box to allow a 'true' re-ordering in 'sort' mode.
added:
(or, just let the selected ones stay selected from 'sort' to 'sort'.)

[pseudo triangle]

Fact: being able to sort columns would destroy the important rule-order;
- want: give option to open a window(or program like open office calc)with the selected rules, where we can 'sort' them, and work with them,,, like setting a certain group of items to 'reject',,, and upon a 'save' or 'confirm', it alters those rules in the firewall, while leaving them in the same order.
- and maybe have an option to save the new 'sort order' too,
- as well as deleted items and/or new rules.

or maybe just one new column "order" with numbers representing the actual order of rules. and then enabling sorting will be safe.

[just a guy]

Hey,
I may seem intense with firewall rules, but this is another bonus:
- Avira anti-virus wasting peoples time.
- Reason: it tries(does) to connect to ipv6 updates, and tries and tries and tries...
with a close eye on the 'ask' rules(which i always log), seeing this alerted me to an oddity: [2a01:138:a001:201::21]...
- so i blocked it, unknowingly forcing Avira to choose ipv4 protocol that my computer understands.

Another want?
- here's one that no-one has:
Fact: being able to sort columns would destroy the important rule-order;
- want: give option to open a window(or program like open office calc)with the selected rules, where we can 'sort' them, and work with them,,, like setting a certain group of items to 'reject',,, and upon a 'save' or 'confirm', it alters those rules in the firewall, while leaving them in the same order.
- and maybe have an option to save the new 'sort order' too,
- as well as deleted items and/or new rules.
---- ahhhh object linking at its best.

[just a guy]

HI ! (lets get at it...

1) About Dynamic Disks, and software RAID:
Q: v2 instable? (agreed, v1 works great, though)
A: I found Jetico because getting a firewall to work with dynamic disks on xp(pro) is no treat, I have learnt.
- xp is not installed in/on a Raid volume, but it is on a dynamic volume and there is 'RAID' all around, not a single 'standard' partition to be seen.
- the only difference I can quickly see between v1 and v2, is the fact that v2 is installed as a privileged service, as were the other firewalls I tried that did not work for me.
-- and so, take note, if your lan card is enabled, and v1 is installed, and the only thing between computer and internet, while computer waits for you to ctrl+alt+del (or whatever your setup) before a user logs on, you may be at risk... (I disable net card every time before shutdown... when windows doesn't crash

2) This is a double, as part of what I do with a firewall is help stop unnecessary traffic:

2a) If we could make a rule for a specific IP or MAC address, that when initialized it logs the "IP/MAC + port(specific or any or...) + ..." just once, then counts how many times it is 'true', then after playing game online(for example) deactivate the rule which then causes the count to be logged, as well as one more "IP/MAC + port(specific or any or...) + ..." line.
- the less that's written, the faster the computer.
 - Added: ___ I don't mean to write the last time the rule was 'true' at deactivation, as that would slow things down, keeping track of 'true's; I mean, if it comes true within 10seconds??? of deactivation.
-- don't want to wait for a rule that was only true once.

2b) If there was a setting to have automatic creation of '2a' type rules for each different 'attack'.

3) may have been done, but color is important to fast log scanning. (v1 has same blue for debug and info, for example)

I too am a hair's width from putting money on a firewall, even though I do all the the leg work.

[CaptainFlint]

Hm… That's an interesting idea, thanks for pointing to it. At first glance it looks quite possible to do, the XML config structure is clear enough.

Of course, even if it is doable, it does not cancel my request since changing the 4 radio-buttons is not so convenient and efficient as selecting a tray-icon-menu item.

PS: Привет.


Added:
It's totally amazing! I checked it, and with direct XML editing I can create on the Policy Configuration page almost anything I need, and it does work!
I already created the basic (not covering all the tables) set of quick switches for imitating the exact Outpost policies (the only problem is intersecting with default filters defined in JPF, so I'll probably have to remove them at all, but I don't use them anyway), and it seems to work as expected.

[pseudo triangle]

Controls on summary page are not hardcoded, they are defined in config. You probably have noticed that these controls actually enable and disable some of existing rules. You may try to add Outpost-style switch by tweaking the config. Unfortunately there is no documented way of how to do it (or I don't know of such document).

ps: превед

[CaptainFlint]

I moved to Jetico Firewall from Outpost, and I miss very much one of the features of that Firewall: quick switching to "Allow most" and "Block most" policies. They work like follows: all the currently customized rules are checked, and if none of them was applied the packet is accepted (in "Allow most") or rejected (in "Block most").
Actually, there is a way to use similar policy in Jetico: open its main window, select the Configuration tab, select the "Optimal Protection" configuration (or whatever is used currently), then select "stop learning" for each of the 4 filters, then make sure that the default action for each of the main filter tables is either "accept" or "reject" — and not forget to return it all back as it was before! Not a very efficient way, isn't it? Or there is another way: create a copy of the currently used configuration, customize its default actions, remove "ask" rules and when needed switch to on of the configurations. This could be faster, but what if I need to change the main configuration? I have to change 3 configurations instead of one! Again, far from being efficient.

I really loved the way Outpost allowed to control its behaviour: right-click on the tray icon, then select one of the 5 policies, and that's it. Why not implement something similar in Jetico? Such function is very useful when you, say, install a new aplication, when the installer wants Internet, the application wants Internet, and there are additional auxillary EXE files which all want Internet too — it's too boring to create rules for them all, especially since after that you will have to go to Jetico and remove all these rules. Or, to the contrary, the application is trusted, but is needed to start only once, but the computer contains some applications that should not go to the Internet (not necessarily they are untrustworthy — they e.g. can be very anxious to get their huge updates and not thinking that the Internet traffic is very slow and/or expensive), therefore it's impossible to set "Allow all" even temporarily. The "Allow most"/"Block most"-like modes would be incredibly helpful in such situations.

[xaoc]

For example i have a folder with 100 trusted network utilities. It will be very difficult to create 'Allow All' rule for each of them.
Alternately we'll create ONE rule, that allows access for the applications from this folder (or specific access).

This will be also useful for 'Jump actions'
For example we have a VMWare installation. We create jump rule (it contains specified path to the VMWare root folder) and it redirects us to the table created expecially for VMWare. After that we can create rules in that table where we specify the application executable we need to process.