Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Control » Extra Service
  •  
jignesh

Messages: 4
Karma: 0
Send a private message to this user
Hi All,

Kindly find the attached file for the service information and let me know can i delet any service which is not require. We only use internet for browsing and downloading excel files.

Also let me know from last many days in my security section i found below logs,

[14/Jul/2009 10:14:16] Anti-spoofing: Packet from LAN, proto:UDP, len:96, ip/port:192.168.190.1:123 -> XX.XX.XX.XX:123, udplen:68
[14/Jul/2009 10:14:16] Anti-spoofing: Packet from LAN, proto:UDP, len:96, ip/port:192.168.71.1:123 -> XX.XX.XX.XX:123, udplen:68
[14/Jul/2009 10:22:12] Anti-spoofing: Packet from LAN, proto:UDP, len:78, ip/port:192.168.190.1:137 -> XX.XX.XX.XX:137, udplen:50
[14/Jul/2009 10:22:12] Anti-spoofing: Packet from LAN, proto:UDP, len:78, ip/port:192.168.71.1:137 -> XX.XX.XX.XX:137, udplen:50
[14/Jul/2009 10:22:14] Anti-spoofing: Packet from LAN, proto:UDP, len:78, ip/port:192.168.190.1:137 -> XX.XX.XX.XX:137, udplen:50
[14/Jul/2009 10:22:14] Anti-spoofing: Packet from LAN, proto:UDP, len:78, ip/port:192.168.71.1:137 -> XX.XX.XX.XX:137, udplen:50


Is this any serious indication for us ? if yes then what are the steps to prevent the same.

Your help would be highly appreciated.

Thanx and regards,
jignesh

  • Attachment: 1.JPG
    (Size: 99.06KB, Downloaded 916 times)
  •  
Ernesto (Kerio)

Messages: 90
Karma: 7
Send a private message to this user
Hello,

You don't need to remove service definitions to prevent internal users from using those services. You need to use the traffic rules for that purpose.

See the admin page in Configuration->Traffic Policy->Traffic Rules. There is, by default, a traffic rule named "Internet Traffic (NAT)" that is configured to allow all services for outbound connections, initiated from the local/trusted interface group, to the Internet interfaces. Double-click the Services column in this rule and change it from "Any" to HTTP/HTTPS and any other services you may want/need to allow.

In regards to the Anti-spoofing messages listed below, Kerio Control is just warning you that it is seeing UDP traffic from 192.168.190.1 and 192.168.71.1 which are hosts in subnets that are not directly attached to Control. If you don't recognize those IP addresses, yes, this could be a potential security risk that will need investigation. However, if you know those IP addresses and it just happens that they are assigned to hosts in subnets further down in your local network, connected through some other router, then you may just need to make Kerio Control aware of these subnets by adding traffic rules to allow this type of traffic.

Sales Engineer | Kerio
Stay Connected Anytime, Anywhere. Discover Kerio Cloud!
Previous Topic: Accessing KGuard CCTV Camera By Kerio
Next Topic: ask - IP/Port forwarding
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Mon Sep 25 02:55:46 CEST 2017

Total time taken to generate the page: 0.00413 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.