I’ve been using Kerio Personal Firewall 4 for a few days now, so I’m more qualified to give my opinion on it now. As with the older versions, I recommend it. It’s basically an updated version of the program (duh) with more “security stuff” added. Personally, I want a firewall, so I disabled all that other stuff, which is why I don’t have much to say other than “it’s an updated version”.

During the install, it detected and uninstalled the old version. It created a backup of my config file as well. I didn’t pay attention to where it saved the file, expecting it to be in the program’s directory (my own fault), but I later found it in My Documents. During the install, something went wrong. I’m not sure exactly what happened, but the installer froze. Trying to run it again resulted in an error message. However, everything seemed to work after a reboot. Once I imported the backup config file, everything seemed to be great. The interface has the “XP style” of many new programs, with a flat look rather than standard buttons. Personally, I’m not a fan of this, but it’s only aesthetic so I’m not too concerned. I’d rather use an ugly piece of good software than a pretty piece of junk. The new interface also includes a bandwidth meter, and the tray icon also has small dots to represent this meter as well. This is better than the old arrow over the icon that simply told you whether or not there was traffic in a specific direction.

The one new feature that I do use is the intrusion detection system. The IDS module watches for signs of attacks. It divides them into high, medium, and low priority, and you can configure how to handle each one. The reports tell the name of the attempted intrusion, what type of attack it is, and often provide a website you can check for more info.

For me, there’s not a whole lot new here. However, it now includes a popup block and web filter, among other things. You may very well find this update to be quite an improvement. It really is a “security suite” now, as opposed to just a firewall (which it still does well). Besides being a great firewall, and covering some other functions, it’s free. Can’t beat that! Check it out if you haven’t already.

Kerio Personal Firewall 4 was just released. I’m still downloading it, but a friend who was a beta tester said it’s pretty good. I’ve been using KPF since it split off from Tiny. It’s still completely free for personal use, and on top of that it’s one of the best firewall programs available (even compared to the expensive ones). It now has some extra features like an intrusion detection system, web filtering, popup blocking, and dialup guarding (to prevent dialer programs from calling pay numbers).

I was going to include a link to the OutBound page at Hackbusters.net here. If I remember correctly, Tiny/KPF was one of the first firewall programs to be updated to handle this problem (programs using a protocol driver other than the default Microsoft stack were unaffected by any of the firewall’s settings). However, his LaBrea program (a “tarpit” designed to cause internet worms to waste a bunch of time trying to find new hosts) technically falls under the definition of “an unlawful communication device” (because it disrupts the “communication service” without the permission of the “communication service provider”) according to the “Super DMCA” law in Illinois. The final DMCA included a clause that there must be intent to defraud, but the earlier Illinois version has no such clause. Rather than risk action under a very ambiguous law, he has taken down most of the site, to also “Shine a bright light on a badly written and potentially damaging piece of legislation.” He has many links available if you’re interested in this and similar laws (which you should be, if you value your freedom at all). This section describes how it’s now a crime for him to report a serious security issue that he happened upon one day. Note that on the same page above all this, you can see where LaBrea was voted “Most Useful Application of 2001” by eWeek and the author was named as a finalist in the “Innovation in Infrastructure Awards” by eWeek and PC Magazine. While there may (and I stress may) be good intent behind some of these laws, they’re doing a lot of collateral damage which ends up making things less secure.

Back to my main topic, I’ll have more info on KPF4 as I use it some.

I just got an email from DynDNS.org saying that my hostname was about to expire, due to lack of updates. I have my D-Link DI-704 router set to update that automatically, but apparently it only updates it when your IP actually changes. This is fine until you have the same IP for 35 days, which is how often your DynDNS record has to be updated or else it will be deleted. I went to the DynDNS.org client page and set out to find a good updater program.

I’ve tried most of the top-ranked programs before. Most of them cost at least a little bit, which is more than I wanted to pay for something that I didn’t really need anyway. Many of them have a bunch of extra features I don’t need or want. I would prefer a simple service that simply updates my DynDNS record, and doesn’t have a multi-colored blinking icon and a built-in coffee maker.

The first freeware client I came to was DNSer. This is a very simple program, which seems to be perfect for what I want. It installs as an NT service, so I never even have to see it once it’s setup. It can detect your IP address from basically any webpage, specifically your broadband router’s status page. Some of these routers use non-standard HTML which screws up DNSer’s parsing, so it can even save a temporary copy of the status page with the problem code fixed. Configuring DNSer is definitely not idiot-proof, but it’s not too complicated either. You have to edit a .INI file by hand with the proper parameters. There are templates for many routers and dynamic DNS services, so in many cases this amounts to substituting in your router’s IP address and your username and password for whichever service you use. Using the .INI file also means that DNSer doesn’t stick itself all over your system. The parameter /INSTALL installs it as a service and /UNINSTALL removes the service. After that, just delete the directory where you unzipped the program, and it’s completely gone. No registry mucking or random files scattered about.

My router wasn’t listed, and uses a funny form of authentication. You don’t automatically get a login prompt if you just go to the status page first, and the login page is actually a set of frames with three other pages inside it. Once I figured out exactly how to get DNSer to logon, it was smooth sailing. Here’s the config section from my .INI file for the DI-704:

;----------------------------------------------------------------------------;
;This is a template for D-LINK DI-704 Router, Firmware 2.60 build 2
;Contributed by Bill Talcott
;If your router's LAN IP isn't 192.168.0.1 you should change it accordingly:

[Source]
Interval=55
URL=http://192.168.0.1/menu.htm?RC=@
URL1=http://192.168.0.1/status.htm
User=admin
Pass=secret
Prefix=IP Address</font></td><td ALIGN=CENTER WIDTH=40%>
Count=1
Log=1
;File=di704temp.html
;----------------------------------------------------------------------------;

The URL parameter is the actual login form frame’s URL. URL1 is the status page that shows your IP address. Pass should be set to whatever your password is to access your router. Prefix is the text that DNSer looks for on the status page right before your IP address. As you can see, you need to include any tags from the source HTML of the page too. Count is which occurance of the Prefix to use. Some routers use the same label on the internet IP address and the LAN IP address, and have them arranged in tables. If it shows the LAN IP first, you could set Count to 2 to have it use the second IP address listed. These parameters, and everything else in the .INI file, are explained in the documentation that comes with the program. Like I said, it’s not idiot-proof, but not really too hard either.

The default DynDNS.org service template has a maximum refresh time of 25 days. This means that if your record hasn’t been updated in 25 days, it will force an update, to keep your record from expiring. This is exactly what I was looking for. DNSer seems to be the perfect program for my needs. It gives up a bit of user-friendliness for nearly-infinite customizability, and doesn’t have a bunch of extra junk I don’t want. If you’re looking for something lke this, I recommend you check out DNSer yourself.