Hello.
During work with Exchange-server MS Outlook demands ports 1024-5000 on both sides. If make rule - all is good. But if Outlook to set a range 1024-5000 in Applications filter, the port 1177 is thrown out and connection with a server is impossible. This port (UDF Archive server) is registered in possible trojan, but why it is thrown out? If to enter 1177;1024-5000, the port is authorized and connection will be. What can be a problem?
Thanks.

PS: Sorry for bad English...

Has overlooked - in the log-file about port 1177 is written:
APP: TCP port not allowed

Hi,

Are you configuring Look 'n' Stop on the server side or on the client side ?

On the client side, normally you just need to specify the destination ports, like 110 & 25, but not the local source ports like 1024-5000.

Regards,

Frederic

Have you added Outlook (application) to the rule that you created? The "Application" button is at the bottom left; when creating a rule click this button to add the applications that start this rule.

Hello, Frederic

Look 'n' Stop is configured on the client side.
Outlook works with MS Exchange through RPC port (135) and RPC Communication ports (1024-5000):

Ethernet type - IP
Protocol - TCP
Application - MS Outlook
Directions - both
Other parameters - default
Adrresses/ports - My_computer:1024-5000 <-> Exchange_server:135;1024-5000

If to make for Outlook two rules, Email works without problems:

My_computer:1024-5000 <-> Exchange_server:135
My_computer:1024-5000 <-> Exchange_server:1024-5000
Applications - MS Outlook (ports are not set)


If to set Outlook ports 135;1024-5000 in the Applications Filtering Page, port 1177 is blocked:

Internet Filtering Page rule for Outlook:
My_computer:1024-5000 <-> Exchange_server:All_ports
Applications Filtering Page:
MS Outlook with TCP ports 135;1024-5000

If enter 135;1177;1024-5000 port 1177 is not blocked.


I don't understand...


dhf959543
Yes, of course.

Hi ArtLonger,

There is a problem for some port range selection, in the application filtering.

Could you try the following update:
http://looknstop.soft4ever.com/Beta/lnsfw1/LNSFW1-d2.zip

- rename c:\winnt\system32\drivers\lnsfw1.sys in lnsfw1.old
- unzip the new driver in c:\winnt\system32\drivers
- reboot the computer.

Thanks,

Frederic

Thanks Frederic!
I have replaced the driver lnsfw1.sys - now APP filtration works correctly, 1177 is not blocked.

It is last beta? Now I read http://www.wilderssecurity.com/showthread.php?t=54543&page=1&pp=25
:)

-{ Quote: "Thanks Frederic!
I have replaced the driver lnsfw1.sys - now APP filtration works correctly, 1177 is not blocked.

It is last beta? Now I read http://www.wilderssecurity.com/showthread.php?t=54543&page=1&pp=25
:)" }-
Yes, this driver (3.04 d2) is the last beta. This means it includes the leaktest detection enhancements.

Frederic