Greetings,
I posted something about this awhile back but can't locate it so as to continue in that thread....sorry.......My firewall is blocking LSA shell ( export ) whenever i request a TDS-3 update. I receive the download but why is this happening? This LSA blocking ONLY happens with TDS update. Anyone with thoughts on this. ???

Hellooooooooooooooooo :D

It's so quiet in here you can here a pin drop... :D

The LSA shell (export) is used for network authentication. It is not terribly surprising that when you access a network resource (i.e. using your username and password to access the TDS-3 update defs) that you might trigger the LSA service. If you don't generally use it, (it's used for things like remote network authentication, VPN authentication, and other network accesses), you could try disabling the service altogether.

However, regardless of what you do with the service, the key rule in security (and firewalls), if blocking something still allows it to work, then keep blocking it. Always go with the least privileges needed. The less you allow and still get full functionality, the better.

Thanks LWM....... what was strange to me was that I have been using TDS-3 for some time now and this only started 2 months ago.
It's times like these I am glad there are no dumb questions. Thanks again...... needed the reminder.

Hi Rainwalker

TDS requiring lsass is not something I have experienced.

Do you have the IPSec Policy Agent service running? If so, and not required, try stopping it and set it to manual and see if that stops the prompts.

Regards,

CrazyM

On my install this runs 3 services so I can't really just shutdown the service from their discriptions.

LSASS.EXE: PolicyAgent, ProtectedStorage, SamSs

Either way just block outside access from it with your firewall.

If you run XP Pro(not home), or a newer NT OS the command 'tasklist /svc' in the command prompt will bring up which windows programs are running windows services.

Crazym.....thanks for comment....i do not have IPSec Policy Agent

BlitzenZeus....thank you also....i can not really shut it down for same reason so i blocked outside access ( local Port 500 UDP ). Have not tried updating TDS since and again this activity happens only with TDS.....nothing else. Running XP Home.

hey i also hav LSASS running... local ports 500 and 4500 anyway i also want to block outside access.....i hav tiny firewall as blitz knoz by nou....

Hello Subratam
I used Port Explorer to block.....if you have not yet used it check it out.

hey i used Kerio firewall to block incoming windows services 135,445 and 500 thx :D