GFI Forums: Kerio Control » User and Source

Home » GFI User Forums » Kerio Control » User and Source

Show: Today's Messages :: Show Polls :: Message Navigator
E-mail to friend

User and Source [message #147001]

Thu, 07 November 2019 12:48

jalal.attar
Messages: 2
Registered: November 2019

Dear Sir,
first sorry for my BAD english. ok?
i was used working with Cyberoam/Sophos appliance for some years and I'm testing to migrate to KERIO. so i decided to test it.

I'm working with 9.3.1 version:

The Most important missing in the software are User-Level. in the Firewall Rule, Sources concept are (user;ip-address;group; and ....) but it was so useful if user was separated from source. so, We can create a rule that indicate to specific User with Specific IP.HOST separately. (same as Cyberoam)

Report message to a moderator

Re: User and Source [message #147007 is a reply to message #147001]

Fri, 08 November 2019 10:55

ian.bugeja
Messages: 666
Registered: March 2017
Location: Malta

Hi

Yes in Kerio Control the source you can only specify User OR IP Address Group, however, please note that all rules are processed by priority with the one at the top the highest.

So for example, if you have User A that has a machine with IP address 192.168.1.6 and then User A can also have a mobile device with different IP Address

If you want to block Social on machine 192.168.1.6, but then allow Social for user's mobile device

create a rule priority at the top 1 that blocks Social for IP Address 192.168.1.6 then create a rule that will allow Social for User A.

The first rule will match the IP address and block Social. It will also stop processing other traffic rules.
The second rule will allow user to access social and will only match what the user is using apart from the 192.168.1.6 machine.

Hope this helps.

Ian Bugeja
GFI Software

Report message to a moderator

Re: User and Source [message #147009 is a reply to message #147007]

Fri, 08 November 2019 14:16

robinbateman
Messages: 225
Registered: April 2012
Location: Oxford(ish) UK

Hi Jayjal

We were resellers for Cyberoam before they got taken over by Sonos

I think once you have got used to the differences between the Cyberoam and Control you will find the Control unit much easier to use/administer

Robin Bateman
One Red Mouse
Blog: http://bit.ly/OWjcGL

Report message to a moderator

Re: User and Source [message #147016 is a reply to message #147009]

Sat, 09 November 2019 23:02

billybob
Messages: 35
Registered: October 2018

I have used astaro (sophos) for years, first at work and then at home. When astaro was acquired by sophos, I tried Kerio control. Its one of the easiest firewall I have ever used and has ALL the features that you are going to need. Too bad they don't offer a home license even for a small fee as I would not use anything else if there was such an option.

Report message to a moderator

Re: User and Source [message #147026 is a reply to message #147016]

Tue, 12 November 2019 04:57

ehsan-nikavar
Messages: 3
Registered: October 2019

Dear guys,

I want to share my experience with you.

As you know when a user intends to use the Internet, he/she must be authenticated. Authentication URL is as below:

kerioserver:4080/login/?orig=baaaaaaaaa%3D%3D&dest=aaaaa aaaaaaaaaaa&host=Maaaaaaaaaaaaaaaa%3D%3D

I have found a vulnerability in Kerio Control that could be misused by attacker to obtain a valid user account.

By using this vulnerability, attacker could send the link to the victim and ask him to logging to his account.

When user logged in, attacker could referesh the browser and has access to victim account.

In other hand, attacker who has not yet authenticated will log in with the victim account and can use the Internet.

It should be noted that testing has been performed when the authentication settings are set to "NTLM".

I already reported this vulnerability to Mr. Ian Bugeja, so thanks to him for his attention.

Ehsan Nikavar

Report message to a moderator

Re: User and Source [message #147032 is a reply to message #147026]

Tue, 12 November 2019 12:16

ian.bugeja
Messages: 666
Registered: March 2017
Location: Malta

Thanks Ehsan for reporting this.

This has been fixed in Kerio Control 9.3.1

Ian Bugeja
GFI Software

Report message to a moderator

Re: User and Source [message #148266 is a reply to message #147001]

Fri, 12 June 2020 19:52

juankax
Messages: 7
Registered: June 2020

Hello,
Sophos is the best by far..

Report message to a moderator

Re: User and Source [message #148274 is a reply to message #148266]

Sun, 14 June 2020 18:47

billybob
Messages: 35
Registered: October 2018

No doubt sophos is great for home users as it is FREE. However recent hack that caused remote code execution from user and admin portals from WAN (default configuration) was a deal breaker for me. I can overlook a lot of things but if I can't trust the integrity of my firewall, what the point of having one.
Regards

Report message to a moderator

Previous Topic:	Kerio Contro VMs High Availability - different interface names
Next Topic:	winroute.cfg Checksum incorrect

Goto Forum:

-=] Back to Top [=-

[ Syndicate this forum (XML) ] [

] [

]

Current Time: Fri Mar 24 16:44:28 CET 2023

Total time taken to generate the page: 0.01812 seconds