APLawrence.com -  Resources for Unix and Linux Systems, Bloggers and the self-employed

Setting hosts connection limits in Kerio control

Got questions? Go ahead: Ask me anything!

Anonymous asks:

I'm running Kerio Control and am getting alerts about Connection Limits. How can I stop these?

Notice from Control

Actually, you don't want to stop these. They are an important part of protecting your network. It's possible that you may want to adjust some settings, but you certainly don't want to go overboard and disable this entirely!

The concept here is that most machines inside your network shouldn't have a lot of open connections to the outside world. The question is how many is reasonable and how many might indicate infection.

For example, a desktop machine might have a few dozen or maybe even a few hundred connections to internet websites. It probably shouldn't have thousands and if it does, it is very likely that machine has been compromised and is being used for something you wouldn't approve of.

On the other hand, a web or ftp server might very well have thousands of connections. You don't want Control interfering with that.

To that end, Control offers these settings:

Setting connection limits

"For a single peer" means the number of connections from one computer in your local network to one other site. For example, you have a browser open to aol.com. That's at least one connection, though it may be more because modern browsers prefetch links from pages you go to.

"For all peers" is the total number of connections from one computer to all other sites.

"New connections per minute" means what it says: if any computer exceeds that, it triggers this.

Triggers what?


Kerio Control blocks connections from infected hosts or peers. All connections to infected hosts and peers are allowed.

After reaching the connection limit, Kerio Control breaks other connections to/from the host and creates an entry in the warning log.


Setting hosts connection limits



Got something to add? Send me email.





(OLDER)    <- More Stuff -> (NEWER)    (NEWEST)   

Printer Friendly Version

-> -> Setting hosts connection limits in Kerio control




Increase ad revenue 50-250% with Ezoic


More Articles by

Find me on Google+

© Anthony Lawrence



Kerio Connect Mailserver

Kerio Samepage

Kerio Control Firewall

Have you tried Searching this site?

Unix/Linux/Mac OS X support by phone, email or on-site: Support Rates

This is a Unix/Linux resource website. It contains technical articles about Unix, Linux and general computing related subjects, opinion, news, help files, how-to's, tutorials and more.

Contact us





In fact, my main conclusion after spending ten years of my life working on the TEX project is that software is hard. It’s harder than anything else I’ve ever had to do. (Donald Knuth)

The danger of computers becoming like humans is not as great as the danger of humans becoming like computers. (Konrad Zuse)







This post tagged: