[Kerio 2.x] What is "no owner"?

Forums » The Site » Old Forums » Kerio - Tiny Support » [Kerio 2.x] What is "no owner"?


Uniqs: 432	Share Topic:	RSS topic:	toggle: flat / full normal / watch	Posting:

Links: ·Forum Guidelines ·Kerio/Tiny pre-3.x FAQ ·BBR Security Forum ·Security FAQ

shearer
Northern Lights
Premium
join:2002-06-18
Toronto, ON
clubs:

1 edit

[Kerio 2.x] What is "no owner"?

This thread is merely here to satisfy my curiosity.

Some entries in KPF 2.1.5 logs show the application as "No owner", per sample below.

Well I roughly guess that "no owner" means no application owns the packet. But I was wondering if some knowlegable guru here can provide a deeper explanation as to the causes behind it. Such as why does a packet has "no owner"? thanks

permalink · 2007-09-01 14:37:47 · Print ·

BlitzenZeus Burnt Out Cynic Premium,MVM join:2000-01-13 Beaverton, OR	Re: [Kerio 2.x] What is "no owner"? Well your log is incomplete to start as Kerio doesn't log anything without a rule, unless its from that 'suspicous' setting which just logs garbage/fragmented packets anyway.
	permalink · 2007-09-06 04:56:14 ·

shearer Northern Lights Premium join:2002-06-18 Toronto, ON clubs:	Re: [Kerio 2.x] What is "no owner"? No, I always had the "Log suspicious packets" option disabled. The entry was from a 'catch all remaining outbound' rule I placed at the bottom of ruleset (i.e. block all outgoing from any application)
	permalink · 2007-09-06 06:10:20 ·

Bill_MI Bill In Michigan Premium,MVM join:2001-01-03 Royal Oak, MI ·Comcast	Re: [Kerio 2.x] What is "no owner"? I think it means it cannot determine the owner and most likely the application closed before Kerio could get the info. That's the OUTBOUND case you have. An INBOUND case happens a lot on things like late DNS replies or connection attempts after closing the program (like bittorrent).
	permalink · 2007-09-06 06:32:24 ·

shearer Northern Lights Premium join:2002-06-18 Toronto, ON clubs:	Re: [Kerio 2.x] What is "no owner"? Thanks Bill. Your explanation makes sense. Among many proggies I've been testing recently, one now comes to mind, a TCP-based traceroute app which runs the trace using TCP SYN packets - which I believe Kerio picks up as "No Owner". Sort of like how the Windows built-in ping which leaves "Owner:TCPIP Kernel Driver" instead of "Owner: PING.EXE".
	permalink · 2007-09-06 14:53:52 ·

Bill_MI Bill In Michigan Premium,MVM join:2001-01-03 Royal Oak, MI ·Comcast	Re: [Kerio 2.x] What is "no owner"? Yep, you already have the right insight how things really work. There's also a likelihood, Kerio 2.x older technology will get worse and worse at getting things right as the network stack evolves further. Not much you can do about that except... be wise.
	permalink · 2007-09-06 19:19:44 ·

your comment..

Forums » The Site » Old Forums » Kerio - Tiny Support


Sunday, 29-Nov 02:25:32	Terms of Use \| Privacy Policy \| Hosting by www.nac.net - DSL,Hosting & Co-lo \| feedback \| contact over 10 years online! © 1999-2009 dslreports.com.republican-creole page compression OFF

[Kerio 2.x] What is "no owner"?

Re: [Kerio 2.x] What is "no owner"?

Re: [Kerio 2.x] What is "no owner"?

Re: [Kerio 2.x] What is "no owner"?

Re: [Kerio 2.x] What is "no owner"?

Re: [Kerio 2.x] What is "no owner"?