www.Usenet.com
www.Usenet.com
| <-- __Chronological__ --> | <-- __Thread__ --> |
On 18 Sep 2003 16:56:18 GMT, donut spoketh > >Interestingly, Lars, a discussion came up in another newsgroup regarding >Kerio, Zone Alarm and Sygate. > >A newbie user wondered why it took 30 seconds to connect to his POP3 server >when using Kerio, but connected immeditaely when using the other 2. > >It was explained to him that Sygate and ZA automatically allow the port 113 >IDENT response from the server, while Kerio does not. A rule has to be >written. > >To a newbie user, this would look like a nice automatic feature. > >To an experienced firewall user who wants complete control, this would look >like a dumbing down of the firewall to accomodate newbie users who do not >know how to write rules. > >So, there you go - apples and oranges. > I suspect that is because ZA and Sygate closes the port, while Kerio "stealths" the port. Since ident is used with so many pop servers, having it "closed" rather than "stealth" is probably the preferred solution... Lars M. Hansen www.hansenonline.net
| <-- __Chronological__ --> | <-- __Thread__ --> |
