Well, here is one.

(okay, i admit, i didn't search the forum very thoroughly, but that thread should be not too far down the line anyway...)


In the following wishlist, I've attached priorities that range from
10=max (means: prevents me from using LnS until this feature is present) to
0=min (means: I don't care, but maybe it'd look nicer),
so that other people can range their wishes accordingly or can argue about whether specific items should be ranked up or down:



ftp connection tracking (Pri: 7)
let me specify if i want LnS to rotate logfiles by itself or at least do a proper log rotating (so that i can point my LogWatch tools to a single, permanent filename and only the backups will be named yyyy-mm-dd-etc.) (Pri: 6)
restrict ports in application filtering level (Pri: 6)
have the font in listviews configurable (so i can choose a fixed-width font that lines up better) (Pri: 4)
let me use groups of hosts or ports, that's better than having only ranges or just two per rule (I have at least five different http ports in my bookmarks (where servers don't use 80), several mail servers/different mail providers etc. (Pri: 3)
store settings encrypted (Pri: 3)
use a stronger hash/crc for application tracking like: MD5, SHA-1, RIPEMD-160, HAVAL (Pri: 2)
use a different naming scheme for logfiles (yyyymmdd-* sorts better than the current scheme) (Pri: 2)
irc connection tracking (Pri: 2)
start earlier in the bootup sequence (Pri: 1)
add a "disable" in the icon's context menu. Maybe this is better than Exiting/Relaunching LnS completely (Pri: 1)
offer mail notification as another alert method and on log flooding (Pri: 1)


That's it for now, i've tried to also cover suggestions by other people and i'm looking forward to what you all say...
(and i'm assuming that Frederic already takes care of the harddisk-access/are-we-connected-problem that's been mentioned in the other thread...)

Cheers,
Andreas

Hi everyone,

all neutral well known security experts share, for good reasons, the
following opinion:

ALL TRUSTWORTHY SECURITY-SOFTWARE SHOULD BE OPEN SOURCE!

No well informed user would use any encryption implementation, if the
sources would not be around for some time and well inspected.

This is also true for all meanwhile much respected other security
software.

As far as firewalls are concerned there are a few implementations
available in the GNU/Unix environment.

In the Windows world the search for such software will produce rather
thin results. HOPEFULLY NOT FOR LONG! :-)

The nice "look and feel" of Look 'n' Stop deserves certainly something
better...make it open source and freely available to the public.

There are, I am sure, a lot of firewall/security experts out there who
would love to participate on an open source Look 'n' Stop project.

cheers

LOL...
Thats funny.... ;D

I got a better idea Lurker1 why don't you PAY Frederic $50 million for his firewall an give me a free copy? ;)

Actually, $10 millions would be sufficient :-)

LOL

Thanks Andreas for your Wish list.

PCAudit/Firehole blocking is one of our priority (Pri: 9).

Frederic.

Off the top of my head, I'd like to see a "rule popup" dialog more similar to what Kerio has. With Kerio, if a popup comes up, then others follow while the popup is still displayed, you can click an arrow button and view them one by one. With LNS, you get one popup, and if others "want to" display in the meantime, they don't, and you simply don't get to see them.

I'd also LOVE to see a more direct and effective way to link applications and allowed ports. In fact, I give that feature a much higher "priority" than the OP did.

Hey nameless

Forgive my lack of Informatics on the Kerio style, the arrow Feature on Application Filtering Alerts, does it allow you to move about forward and backwards to respond to the previous Dialogs?

Yea with Look ‘n’ Stop Application Filtering Alerts they appear one by one, that is after you respond to the current Dialog. With Kerio are you capable of not answering to the Alert and start a Connection from any Trusted Applications? With Look ‘n’ Stop it Appears you must respond to the Dialogs before you can start any Connections with Trusted Applications.

{QUOTE-> I'd also LOVE to see a more direct and effective way to link applications and allowed ports. In fact, I give that feature a much higher "priority" than the OP did. <-QUOTE}

Are you in reference to “Rule-Base Application Filtering”?

With KPF, when an alert pops up (i.e. if you've configured a rule to do so), it sits there, waiting for you. If another alert occurs, the arrow becomes activated, and you can "scroll" through each alert, one by one, backwards and forwards. With LNS, you get one alert, and one alert only. As long as that alert sits there, no other alert will appear, and you'll never see it. Only once you dismiss that alert will other alerts pop up.

When I said "link applications and allowed ports", I was referring to a way to create rules that let me open ports and protocols only for specified applications (as is done with KPF). As it is, I either have to create many, many rules, or open huge holes in the firewall. And either way, there is no good way to tie rules with applications.

Actually, the only reason I am currently using LNS, rather than KPF, is that LNS handles applications much better (i.e. it's much more "leakproof"), and KPF began causing stability problems for me.

{QUOTE-> quoting: nameless link=board=13;threadid=7740;start=0#51686 date=1047236308]
when an alert pops up (i.e. if you've configured a rule to do so), it sits there, waiting for you. If another alert occurs, the arrow becomes activated, and you can "scroll" through each alert, one by one, backwards and forwards. <-QUOTE}

That'd be such a nice feature, wouldn't it?
Say...priority 7!
(I myself give priority 9 to the so talked about way of specifying the ports we like for any single app trying to get out on the web)

OK, my new "wish" is for the ability to store more than 80 applications in the "Application Filtering" list. I have 80 applications listed there now, and I have to shift them around whenever I need to use a new one.