I am curious... I'm still newbies. If I have already a Firewall installed in my pc... then what settings should I choose when using SafeXP and Secure-IT hardening systems w/out affecting my dial-up speed? or what settings should I avoid in SafeXP and Secure-IT to maintain dial-up speed and still updates Windows etc? ??? :( Are there any possible danger using this two.. coz it disable many things and I didn't even know its details and I only try the recommended settings. ::)

Many tnx ;)

SafeXP has a good reputation on this forum, but if you Google it you'll find a lot of reports of it causing problems. Certainly on my PC it made a number of unwanted changes that couldn't be reversed. This was over a year ago, and I'm afraid I can't remember the details.

A couple of months ago I ran Secure It and Harden It. Afterwards I had problems with displaying a website I often visit, the K-Meleon forum. Running those two programmes again to undo the changes had no effect, and I had to use system restore.

Judging from the recommendations for system hardening tools on Wilders, my experiences must be atypical, but I won't touch them again. I suspect they require substantially more knowledge than I have to use them safely.

-{ Quote: "
Judging from the recommendations for system hardening tools on Wilders, my experiences must be atypical, but I won't touch them again. I suspect they require substantially more knowledge than I have to use them safely." }-

I tried one of the hardening tools mentioned here, I think harden it, and it messed up my system. Forturately I do daily registry backups and was able to recover. So now I stay away from them. Since I do not visit any unsavoury sites it is probably not that necessary for me.

I think Harden-It & Secure-It are for more advanced users who have a deeper knowledge of how computers operate. I was part of the way into the setup procedure for one of them when I decided to abort. Didn't have a clue on how the hardened settings would affect the overall performance of my computer, so I quit.

Good thing I did, too. ;D

Same here. Harden-It and Secure-It messed my system BIGTIME! I had to format to get back my OS. You have to have a LOT of knowledge to know how to use these tools in a productive manner! So if you dont consider yourself an expert, i suggest you stay away!

Harden-it worked well for me however Secure-It made many unwanted changes by default, so I prefer not to use that one. Never had any problems with Harden-It alone though..

I've never had a problem using SecureIt or HardenIt with it's default settings, not on my machine or the dozens of others I've installed it on. Any software has the potential to mess things up, however, so it's a very good idea to use something like Erunt, Total Uninstall, or a registry tracer to take a snapshot of your system before making changes (in the case of Total Uninstall or a registry tracer, also making a snapshot afterwards that can make an 'undo' for just the changes made). At the very very least you should make a system restore point, if you use XP.

-{ Quote: "Same here. Harden-It and Secure-It messed my system BIGTIME! I had to format to get back my OS. You have to have a LOT of knowledge to know how to use these tools in a productive manner! So if you dont consider yourself an expert, i suggest you stay away!" }-

I have to say I agree with Notok on this. I was skeptical at first when I read about these products. However they both do an excellent job imho. Software conflicts happen all the time, and it varies on system to system as to the how and why.

It would be nice to know what your setup was like when you installed Secure-It and Harden-It. I to have not run into any problems at all yet with installing these products.

-{ Quote: "Harden-it worked well for me however Secure-It made many unwanted changes by default, so I prefer not to use that one. Never had any problems with Harden-It alone though.." }-
Same here... ;)

:o My gosh!!! I got nervous for what I've heared from several users... I didn't expect it to be that "dangerous" at all coz they look nice and easy to use and their website didn't have any big warnings. ??? >:(

System hardening was I think the first thing I have to do or install before installing other protective programs( I just installed it) but knowing for what I know then, maybe I have to remove it on my system and be confident and trust the other "reliable safer" softwares like ProcessGuard and WinPatrol to protect my pc. :'( :P

Pls if anyone of you there knows more or have some good or bad experiences w Secure-IT and SafeXP pls post it here so others especially the beginners will be warned. I even felt that my dial-up internet speed slowed down a bit and I cannot update my MS AntiSpyware it can't connect to the server after I set the Secure-IT w its recommended settings and I was confused what should changed w it.*puppy*

-{ Quote: "Harden-it worked well for me however Secure-It made many unwanted changes by default, so I prefer not to use that one. Never had any problems with Harden-It alone though.." }-


But Harden-IT says it was designed for Advanced users not for Novice so I choose Secure-IT. Do you mean even beginners can then trust the recommended settings on Harden-IT w/out any problems? Do you recommend more on Harden-IT than Secure-IT? Tnx ;)

Safexp screwed up all my services by turning off more than I bargined for. Godd thing I have regrun and blocked the changes. Still somethings got messed up and I just did a system restore to fix the rest of unwanted changes.

dja2k

-{ Quote: "But Harden-IT says it was designed for Advanced users not for Novice so I choose Secure-IT. Do you mean even beginners can then trust the recommended settings on Harden-IT w/out any problems? Do you recommend more on Harden-IT than Secure-IT? Tnx ;)" }-
harden-it is for changing network security settigns and secure-it is for changing IE security settings.

So does secure-it only benefit when you use Internet Explorer and not an alternative browser? Does secure-it interfier with browsing the web when it disables all that active-x stuff, maybe making some safe webistes not load correctly? Also does harden-it interfier in any way from lets say using shareaza or bitorrent clients?

secure-it changes settings in IE and the activex settings are maybe IE settings too. i think secure-it should also work for any IE-based browser (avant, maxthon, aol etc.) but browsers like netscape, firefox, and opera dont support activex anyways so im not worried. i have not noticed any problems with p2p and harden-it but every system is different. u can always undo the changes if u dont like a setting or it breaks something.

Does Secure-It only change MSIE settings ?
Why do you need Secure-It, when you can change MSIE settings manually ?
Sounds like a superfluous software to me, unless it does something more than that.

Secure-It does more than that I think. At least here it was making things very annoying for me. Every time explorer wanted to do something, I'd get a popup. I've used Harden-It with no problems at all, but I would hesitate to use Secure-It again. It changes to many things and makes using my system too annoying. Could be that I just didn't understand it enough though..

-{ Quote: "Why do you need Secure-It, when you can change MSIE settings manually ?" }-
its easier to use a program then have to look in IE option or the registry various other programs also have tweaking programs too.
-{ Quote: "Secure-It does more than that I think. At least here it was making things very annoying for me. Every time explorer wanted to do something, I'd get a popup. I've used Harden-It with no problems at all, but I would hesitate to use Secure-It again. It changes to many things and makes using my system too annoying. Could be that I just didn't understand it enough though.." }-
i hardly use IE so Ive never rele experience any problems from using it. by teh same logic, I should be able to do without Secure-It as Firefox is my browser of choice.

I only used Harden-It once, when I wasn't running any firewall for a month or two. Needed it to harden the TCP/IP stack. Just closed all my ports and ran naked for about 2 months. Was interesting.. :)

Do you benefit at least something using harden-it with firewalls like LnS? And what do you guys mean, install with defaults and you should be okay - There are no defualts unless you mean the recommended settings, because I would assume the default setting it states is what windows has set right?

dja2k

I think the benefit of using Harden-It would be in the event that something went wrong with LnS for example, and it was down for some reason. Then Harden-It would offer you some basic protections. Maybe even some that the firewall alone couldn't handle or offer you when it was running also.

The "default" settings I am sure are those which you see in the program install as "recommended"..

harden-it automatically selects the "recommended" settings but theyre not the windows "default" settings, tho it does mention which is the windows settings.

So then should I install it iwth the recommended settings or with the defualt?

dja2k

just continually click next and you should be fine (will select recommended). also u dont need the program if u just select windows defaults ::) neways if problems occur u can uninstall it and it will let u undo the changes/revert to default.

Thanks for all the replies, harden-it is installed with the recommended options and is working fine. I don't know if this program is whats causing a problem that I didn't have before , but for some reason, word documents now say an error that the file can't be registered and that no links to other documents are possible. Also Frontpage doesn't open anymore, it shuts off automatically after it starts. I can't open any .html in IE either Any ideas what could have cause this?

dja2k

Well confirmed, those errors mentioned were caused by harden-it. So I use Firefox and still wanted to secure IE 6.0 using secure-it, but anyways, not going to mess with IE settings anymore.

dja2k

Good thread! I'm glad I found this subject because I was curious myself. I have used Safe XP and was okay, as far as Secure It and Harden It I stayed away.

Has anyone used Samurai 2.6? It has some real nice features, but I haven't used it yet. It has four different levels of configuration. Here is the link if anyone is interested http://turbotramp.fre3.com/ . There is something for a Rootkit in this one. If anyone has any luck with this one, let us know. ;D

I am using Samurai 2.6 with Harden IT, works nice, won't let anything install any system driver unless allowed, best thing is all the protections in Samurai can also be done if you follow the manual posted there.

Things to keep in mind:


Windows ships with the most compatible settings for every situation, this is what creates the need for hardening. By changing those settings you are reducing the liklihood that everything will be compatible. For the most part the average user that only has one computer and just does normal stuff on his/her computer, recommended settings in hardening tools will be just fine, but sometimes you might have a piece of software that uses one of those components in the background, and so something will 'break'.

You're changing the way your system works, so it's inevitable that something won't work exactly the same as it did before.

You run the risk of incompatibilities, corruption, etc., when you install any software. It's always possible that the installer, program, and/or uninstaller won't work the way they're designed to. That's just the reality of software.. any kind of software.

Freeware is usually made in the developer's spare time, making freeware doesn't pay the bills. Commercial software gives you the advantage of a developer (or team of developers) that dedicate themselves full-time to making sure it works for you as well as possible. You're always running a bit more of a risk using freeware over shareware.
It's best to use hardening tools one at a time, so that if there's any problems it's obvious which one is causing the problems. It's possible that it could take some trial and error to get everything working smoothly, especially with the free tools. It is much easier to narrow down the posibilities when you've only used one tool since a problem began.
Internet Explorer is tied in with the system, so it's a good idea to harden it even if you don't use it, but also realize that this can affect the way your system works as well.


All that said, I've never had any problems with the dozen, or so, systems I've installed SecureIt or HardenIt on, but your mileage may vary. I don't use IE so all the changes are made to things in the background that I normally don't see. All-in-all, however, I've seen more sucess stories with hardening tools than problems.. they're bound to happen, though. If you can give it a little patience, you should be fine, and the security is worth it IMO.

The easiest and cheapest way of hardening a system is by hardening the user.
Using a regular user account, so not using an account with all permissions (like admin, root or sa), is very effective.

@Arup

How are you notified if a driver tries to install?

@Notok

I fully agree with everything you said. I have to reformat, so I was going to pick just one to try (backing up registry first with ERUNT) and see how it reacts, and go from there. I do a lot of reading at Wilders and I learn so much from all you guys. Wilders is an awesome place to be! ;)

Rilla927,

Samurai warns you in form of a pop up window, it blocks the installation till you approve it.

Oh, okay, I had no idea.

Is this program easily uninstallable at any given time you choose? Do you install the whole program or parts of your choice?

No interference with any other of your programs?

All the settings can be easily undone from the Samurai interface, as is, this program runs from its folder and does not install anything.

Thanks Arup.

If you have any more tips or tricks about Samurai or Harden-It, please do tell. :)

No tricks, but I would suggest that you start with setting Samurai to the medium security and for Harden IT, use their recommended settings.

Thanks Arup, I will follow your recommended settings for both and let you know the out come. The worst that can happen is I restore the registry with ERUNT if it don't work.

i use Secureit and Harden-it with just about defaults with no problems and safeXP and XPantispy. in my admin account i use drop.exe as part of the shortcut to launch my browsers. a dos box flashes up and the rights of the browser must be reduced, i don't notice anything though- i can download things etc. i have it with IE, Firefox, Opera and K-Meleon.

drop.exe's default location is C:\Program Files\Secure-It\drop.exe
so my short cut for Opera is -
"C:\Program Files\Secure-It\drop.exe" "C:\Program Files\Opera\Opera.exe"

Just thought I should add that harden-IT breaks itunes; it stops it from detecting the ipod. Well, that was my experience annyway.

S.

from what i remember, they tell you exactly what each step does - Harden-It and Secure-It that is. and they have an undo feature as well.

yes but they undo to what exactly? To generic windows settings? Or to the settings you had before installation? If its the former, it may mess up some of the changes made by other hardening tools etc.

S.

It reverts back to basic MS settings which comes out of the box when you install the OS.

Hi fellas,

great question SimonCC! Arup to the rescue!

@Arup

Since you said these programs run from their folders, when ever you want to make a change/undo; you will do it from folder? ;)

Thanks

Yep, just dont delete those folders, thats all. Also check out Samurai, another very good HIPS at http://turbotramp.fre3.com/

@Arup

are you familiar with Look'nStop?

@Arup

I am going to follow your advice on using Samurai and Harden-It. Won't delete folders.

When I do my reformat, I will be installing a new AV & FW as well. I hope Samurai and Harden-It get a long with KAV Pro and LNS.

Since LNS has a standard, enhanced, Phantom's ruleset; if Samurai & Harden-It work, I wonder if I would even need the heavier ruleset?

Just use the standard rule, when you apply Harden IT and Samurai, your TCP and OS layer is already hardened against attacks.

Arup you did mention I should use medium settings for Samurai and recommended settings for Harden-It which I will do.

But since Look'nStop has different sets of predefined rules like standard, enhanced, and Phamtom's Rules the strictess.

If Samurai & Harden-It work for me, would I then still need such strict ruleset for Look'nStop?

Thanks

you should use the enhanced ruleset, it wouldnt cause any harm. A layered security always helps.

Thanks WSFuser!:)

I was just thinking, Arup mentioned that Samurai will pop up and ask if you want to allow/deny any drivers to be installed. Will samurai give an actual description of the driver, such as "Nastiedogs.exe" is trying to start?

Since permissions are taken over by Samurai, when running ProcessGuard, wouldn't you have to take permissions away from ProcessGuard to install any type of drivers? Therefor, the two progies would clash in that respect? If so, how would you go about that?

Thanks as always!

I think Arup meant that Antihook would popup and ask about any driver installations. Samurai isn't something that is resident and running. Samurai is similar to Harden-It in that it is a friendly interface for making changes to your system and registry. Neither Samurai or Harden-It will be running on your PC though.

Hi Kerodo,

What is Antihook? I may be misunderstanding, but he specified Samurai as popping up with permissions for drivers.

I don't know Kerodo, I guess we'll see.

Here is a link to AntiHook, it's very good:

http://www.infoprocess.com.au/

Perhaps I am wrong, but I don't think Samurai is a resident program so it wouldn't be able to popup with anything.

But I am sure Arup will clarify later tonight... :)

actually u have the option to let samurai run at startup and it does prompt for driver installation.

Ok, I thought that option was only for if you wanted to make sure the settings were reapplied after each bootup. Don't know what it would do in the way of driver prompts, and what if a piece of malware wanted to install a driver later? Or does it check for new drivers at every boot? I must be missing something.. ;)

Kerodo you are right, Arup did say they weren't resident programs (Samurai and Harden-It) that run on your computer. But, the impression I got, Samurai ends up allow/denying permissions for drivers some how.

Thanks for the link for Antihook. Looks like a great little progie.

Call me paranoid, I don't know whether I'm going overboard or what, but I've had so many hardware issues (thanks to the manufacturer) and malware issues. I will give you a list of security apps I have, and believe it or not, all these progies have never made it on the system all at one given time together. I have had a lot of software issues as well, you know how it is when your first learning a new program, you make some mistakes as you go a long, well may be you guys haven't, but I have.

Nod32 (will be purchased in next few days)
Look'nStop (will be purchased in next few days)
BOClean
Online Armor
Attack Shield Worm Suppression
Worm Guard
RegDefend
ProcessGuard
Port Explorer
TDS-3
Microsoft Anti Spy
Spyware Doctor
Spysweeper
Pest Patrol
Spycatcher
Adaware SE Pro
Benign
Mailwasher Pro

I was hoping by learning some different/better techniques to harden system, so I could eliminate some of these programs.

If you ask me, you could eliminate all of those, except:

Nod32
LookNStop

and then add AntiHook as well. That would cover you. AntiHook will catch almost everything else.

Could also apply Harden-It and Samurai for good measure.

If you do use AntiHook, you really ought to start with a clean system, which means it'd be best to reformat and reinstall to make sure you've got no known malware/spyware on it from the start.

Kerodo take a look at post # 32 in this thread.

Yes, I know.. Did see that already. We will have to wait for Arup's comments on it I guess.. :)

Five of those progies I don't use anymore. I'm definitely going to apply Samurai and Harden-It before I even put any software on.

I just hope I don't have a hard time setting up my router to work with Look'nStop. I understand everything up to a certain point and then I get lost.

Do you have full versions of all of those, or are you trialing some to see which you want to buy? If you have the full version of PG, for example, there's no point is getting Anti-Hook with the other stuff you have. Also Online Armor 1.2 will cover a LOT more when it comes out, and will even let you trim down on some of the stuff you already have. It's not too far away, either, so I would wait before getting much else. Other than that it looks like a good setup :) You could probably keep your paid spyware scanners and cut out the free ones, if you wanted to.

-{ Quote: "I just hope I don't have a hard time setting up my router to work with Look'nStop. I understand everything up to a certain point and then I get lost." }-You may not have to do anything, I didn't.

Hey, how could both of us have the same time zone when you're in LA and I'm in Ohio?

I'm sorry this was mean't for Kerodo, but Notok beat me to punch.

Yes Notok those are all full versions, no trials.

Mike is adding some more real nice features for Online Armor I hear.

And your right, I said no more.

Notok I just spotted what you said about the router and LNS. I'm sorry forgive me, I'm blind as a bat sometimes.

You didn't have to do any configuration from Patrice's Sticky for your Router?

Hi Rilla .
Online Armor is very good as it is now . And Samurai works as is . No need to reconfigure . Set it up and it goes . As for the popups , I never get any . I am confused as to why others would get pop ups from Samurai . I would certainly keep Online Armour , along with Nod and the firewall you chose . As Notok mentioned , PG is not worth disissing if it is the pay version .
Hope that helps

-{ Quote: "Notok I just spotted what you said about the router and LNS. I'm sorry forgive me, I'm blind as a bat sometimes.

You didn't have to do any configuration from Patrice's Sticky for your Router?" }-Lol, np.. happens to everyone from time to time, I think :) Nope, I didn't have to configure anything for the router at all. I use Phant0m's ruleset, so I did put in my DNS server addresses, and imported the rule for FTP clients becuase some download sites use FTP, but that was about it. Your router may work differently, however, so I can't guarantee that you won't need it, but there is a chance you won't.

-{ Quote: "Online Armor is very good as it is now . And Samurai works as is . No need to reconfigure . Set it up and it goes . As for the popups , I never get any . I am confused as to why others would get pop ups from Samurai . I would certainly keep Online Armour , along with Nod and the firewall you chose . As Notok mentioned , PG is not worth disissing if it is the pay version .
Hope that helps" }-Yup, and if you've got PG full there's no reason to use Samurai's driver blocker anyway.

Thanks to both of you fellas for your replies.

Notok, the problem is I haven't had PG installed for a while, so I need to re-learn the program. I also discovered I was giving a lot of permissions that were wrong in PG.

So as an extra layer of defense that's why I wanted to use Samurai and Harden-It.

@Hollywood

Online Armor is an excellent progie, but I had to uninstall it because it kept looking for an internet connection everytime I would restart, so that was interfering with my installs of progies and also, I couldn't finish that last snapshot for my uninstaller program that I used for all my installs of programs. Mike said this would be resolved in v1.2 in about six weeks.

-{ Quote: "Notok, the problem is I haven't had PG installed for a while, so I need to re-learn the program. I also discovered I was giving a lot of permissions that were wrong in PG.

So as an extra layer of defense that's why I wanted to use Samurai and Harden-It." }-I would use Harden-It anyway, nothing else is going to cover that stuff. But for PG, just turn execution protection off and set it in learning mode for a while and you should be good. There's nothing wrong with Samurai, PG is a lot more fine tuned at this point. I mainly recommend Samurai for experienced users, moreso than PG, until it becomes a more 'mature' program.

-{ Quote: "Online Armor is an excellent progie, but I had to uninstall it because it kept looking for an internet connection everytime I would restart, so that was interfering with my installs of progies and also, I couldn't finish that last snapshot for my uninstaller program that I used for all my installs of programs. Mike said this would be resolved in v1.2 in about six weeks." }-This can also be resolved by changing the auto-update to manual only. Just remember to check for updates once in a while.

Ya know what's really funny, I was going through some posts to PG and discovered that your browser should not have global hooks, access physical memory, and there were some other stuff but I don't remember off hand what they were. After reading all this, this was the same set up I had.

The person that posted said PG was in learning mode and these were the permissions that were set by being in learning mode, not the user. Then you have the moderators stepping in saying these settings/permissions were wrong. According to them these permissions that were given would allow anything to by pass AV,FW and any other security apps you have. My mouth hit the floor because that the same permissions I had for PG.

I have a copy of the post because I subscribed to it. That's why I'm a bit confused about PG now.

So you think Samurai may be a bit to much? I know I'm not as experienced as you guys, no where close, but I'm the type of person that's game for anything the first time around, and if I find it isn't for me I will 86 it. For all I know it could be so complex I would never understand it.

And thanks for the tip for OA. Thanks for the chat Notok! :)

Rilla,

I am behind a router so my inbound is protected and also being an eternal leach, always look for quality freebies and believe it or not, good quality ones do exist,just have to look for them, so all I use is Antihook and Samurai with Tea Timer from Spybot and for anti-virus, I use free Avast. When I was on dial up, I used the wonderful CHX for inbound protection. Both my PCs are dual CPU, one is a dual P-III with 1GB memory, other a dual Athlon 64 with 2GB memory and even then, I try to keep the application load as light as possible so that I can have the full potential for these PCs for their intended work.

-{ Quote: "Rilla,

always look for quality freebies and believe it or not, good quality ones do exist,just have to look for them " }-

I fully agree with you, it's just I was never brave enough before to do that. Since coming to Wilders I have found a lot of really nice free progies with no junkware, thanks to all the members suggestions. Hey, I'm a late bloomer!

Arup can you comment on post # 51? ;)

Thanks so much!

Samurai checks for particular Rootkit behaviour so if you are installing any kind of drivers, it will pop up and ask.

That's exactly what I thought. Kerodo was unsure.

Thanks Arup

Hi guys, This thread has been really interesting to read through. I have used Safe XP and Harden IT and they both seem to be working well on my system, but I tend to set to the default setting and adjust to suite my needs. One thing i wanted to ask is does Samuri detect any setting that have already taken place while using SafeXP and harden It? Also are there any users who would give a few screen shots of Samuri if possible.

Thanks Tom

-{ Quote: " One thing i wanted to ask is does Samuri detect any setting that have already taken place while using SafeXP and harden It?

Thanks Tom" }-
Good question Tom! I'm sure when one of the others come a long they will answer.

-{ Quote: "Also are there any users who would give a few screen shots of Samuri if possible. " }-

That would be interesting to see.

screenshot of main (and only) window:

WSFuser yer awesome! Thanks.

Do you get a lot of promps to answer?

I know Samurai has four configuration files to choose from, which one are you using?

The TCP/IP settings set up by Samurai, Harden IT and Safe XP are all implemented registry level so even if they are applied after each other, they only overlap, however I suggest that one reads the explanations carefully in detail when applying Samurai which does give good and clear explanation of the patches being applied, also Samurai has the option of applying the reg settings temporarily or permanent, I suggest the former for the first time to see compatibility issues then applying the later when there are no problems.

For myself personally, I have already applied Harden IT and then Samurai with max security settings without any problems, my machine is the router Gateway serving two others in my house on LAN.

-{ Quote: "I know Samurai has four configuration files to choose from, which one are you using?" }-
i think i selected medium and customized from there.

-{ Quote: "i think i selected medium and customized from there." }-

Thank you! :)

Hi, Guys

(By the Thanks for the screenshot WSFuser.) I Have recently downloaded Samuri with the 32 steps file and it looks really good. I think i will give it a try over the weekend. What i think interests me the most about this program is the rootkit and driver insatllation protection. One more question i do have is it easy to reverse any of the system changes if i have any problems or disable the protection when i have to install any new software or drivers?

Regards Tom :)

i believe the file menu lets u uninstall samurai and just to make sure, first unselect or unhighlight all options and apply it.

Rilla...Honestly if u set up those harden It & Samurai in rite way it shoudnt effect. I was bit scared as well in the very first time but with some elite members around in the forum....i finally made it. A former ZA user & even that i have uninstalled that as well. Currently running naked along with Harden It + Samurai (max Security) + Opera & ofcourse behind the router ;) I remember a quote of Stefan where he mentioned once > The more security u would apply could expect more conflicts..so perhaps u should bare that in mind as per your neccesity concern :)

Cheers
8)

Hi MushfiQ,

I like the idea that you can change the configuration anytime you want with Samurai. I'm pleased to find these products. I think that will be the perfect time (on a fresh OS install) to install Samurai and Harden-It.

Yes, everyone at this forum has been a BIG help. The sky is the limit on what you want to learn at this forum.

Wow, you running naked, ha! No security apps at all?

I have learned it does take time to find the right set up that is right for each individuals machine, thats the point I'm at right now.

I heard of a few minor things not working after people install some those system hardening apps, like something not working properly in Office; but the way I look at it, that minute whatever that isn't working, isn't worth me compromising the heavy security I can have for my machine, so I would just live with it.

-{ Quote: "Hi, Guys

One more question i do have is it easy to reverse any of the system changes if i have any problems or disable the protection when i have to install any new software or drivers?

Regards Tom :)" }-

Tom just a suggestion, I would back up my registry just as a precaution. Here is a tool and it's free http://www.larshederer.homepage.t-online.de/erunt/

I do remember it being said if you want to make any changes, go to the folder where you have progie and make your changes. Just don't delete the folders.

I don't know if your supposed to disable the progies to install new software. If you did that you wouldn't get the notification about a blablabla driver would like to install from Samurai. But I'm not the expert on this stuff. Some of the other fellas will answer.

Sorry post is after the fact:)

-{ Quote: "Hi, Guys

(By the Thanks for the screenshot WSFuser.) I Have recently downloaded Samuri with the 32 steps file and it looks really good. I think i will give it a try over the weekend. What i think interests me the most about this program is the rootkit and driver insatllation protection. One more question i do have is it easy to reverse any of the system changes if i have any problems or disable the protection when i have to install any new software or drivers?

Regards Tom :)" }-
just to add for harden-it. find it in ur program files and rerun it to undo/uninstall or just change a few options.

Hi guys, I have installed Samuri and I am still going through the setting making sure i dont disable any thing that i need, so i dont damage any of my security apps already on my PC. I found a older thread about Samuri that i think is worth reading before deciding to try this program-->

http://turbotramp.fre3.com/

http://www.wilderssecurity.com/showthread.php?t=84372&highlight=harden

T

I recently learned that the rootkit blocking function in Samurai was prototype software code that was rejected because it could never get past quality assurance testing at PivX. The hardening tool is apparently stolen code by a former employee, and lawsuits are pending. You can take that as you will, but I can not, in any good conscince, recommend anyone use Samurai. At least not until the legal stuff is settled and the code is a lot more polished. (The program has always had a very 'rough' feeling to me, this was one of the primary reasons I only previously recommended it for advanced users.)

-{ Quote: "Hi guys, I have installed Samuri and I am still going through the setting making sure i dont disable any thing that i need, so i dont damage any of my security apps already on my PC. I found a older thread about Samuri that i think is worth reading before deciding to try this program-->

http://turbotramp.fre3.com/

http://www.wilderssecurity.com/showthread.php?t=84372&highlight=harden

T" }-
Good read, Tom!

Let us know how everything goes.:)

-{ Quote: "I recently learned that the rootkit blocking function in Samurai was prototype software code that was rejected " }-

Not good!

-{ Quote: "The hardening tool is apparently stolen code by a former employee, and lawsuits are pending" }-

I have sat and read for the last few hours on the links Tom gave and in the one old thread from Wilders a member commented " Samarai looks a lot like Qwik Fix" and Turbotramp was active in the thread and never made one comment. So everything is gel-lin, this all makes sense now.

-{ Quote: "You can take that as you will, but I can not, in any good conscince, recommend anyone use Samurai. At least not until the legal stuff is settled and the code is a lot more polished." }-

I absolutely agree Notok, you are right! If I was in PivX place, I'd be pis*ed!
You know karma, it will come back to bite him.

If copying, patent infringement and other related issues were the norm, MS should be out by now, it started its NT as a OS/2 rip off and also stepped on many toes like Java and JPEG to name a few on its way to current glory. The guy who makes Samurai is not asking for a single cent, all he is doing is applying protection in an easy way, whats more, he even gives out an easy to use step by step document for implementing Samurai policies on your own, I see no harm there.

There's no harm in using the same techniques that PivX uses, there's nothing they can do about that, but using their code (taking the actual source code and repackaging it) is another thing. The main point that I want to make is about the rootkit protection, though.. it was never finished, and there was a reason for that. Namely that it could never pass QA standards, which is not good. That component always made me feel a little uneasy, and frankly now I know why.. it just always seemed a little too rough. If you want to stop driver installs, PG is really your best way to go (atm), even if that's the only feature that you use. There will be other products including this feature soon as well. As for the hardening settings, personally I feel it's better to use something like Secure-It or use the real PreEmpt itself. Computer Security Tool is also growing rapdily, and may soon be able to replace PreEmpt for those that wish.

-{ Quote: "I recently learned that the rootkit blocking function in Samurai was prototype software code that was rejected because it could never get past quality assurance testing at PivX. The hardening tool is apparently stolen code by a former employee, and lawsuits are pending. You can take that as you will, but I can not, in any good conscince, recommend anyone use Samurai. At least not until the legal stuff is settled and the code is a lot more polished. (The program has always had a very 'rough' feeling to me, this was one of the primary reasons I only previously recommended it for advanced users.)" }-

I do kinda do agree with Notok on this issue but I can also see the other argument, as the guy who made this program isnt making any money even though it is with or with out his own code. I was interested mainly in this program due to the rootkit/driver installation protection, but this is dangerous as it can have negative effects on other software.

Tom

Enabling root kit protection is optional, if one doesn't feel comfortable with it, there is option to de-select it.

Root Kit Protection caused some problems in my computer by not letting some programs run normally, so I am running Samurai High Security without the rootkit protection on and all seems fine. Has anyone seen any side-effects having everything enabled in Samiurai (specifically with what setting) and just leaving out Rootkit Protection?

I read up on PreEmp software, but don't really know if its worth it if most of it is done manually by the advanced windows user in a way. It looks like it could conflict or replace some existing security and hardening products one traditionaly uses. Anyways, is anyone using it right now? What do you people think about its price tag? PreEmp looks more like a combination of SafeXP , Harden-It, Secure-It, and Samurai.

dja2k

I use the Root Kit protection only after I have installed all my programs, it is quite powerful and won't even let me install CHX for that matter.

with the rootkit protection, cant u just select to allow the driver?

I am a satisfied user of Samurai with all options selected except for the denial of service and rootkit feature and would like to take this opportunity to share my experience with the rootkit function enabled.

With it enabled I found that I was unable to access sysedit, command.com and my cd-rom/dvd. Secondly, I found that I could not install 16-bit software apps.. Lastly, while running this feature simultaneously with Attack Shield WS, I hypothesize and speculate that this combo temporarily disabled the application filter of my Look'n'Stop firewall.

Because of the above problems with the rk function, I recently decided to install UnHackMe to take its place and am considering the purchase of WormGuard at this time.

Peace & Love,

CogitoErgoSum

-{ Quote: "with the rootkit protection, cant u just select to allow the driver?" }-
Apparently it is not quite that simple as you would think. I believe that Arup had some trouble installing something once even when he allowed it in Samurai. I also had trouble with using the rootkit protection as it prevented Active Ports from running properly and also there seemed to be some issues with Avast AV as well, causing errors. So I just disabled that option and all was well then.

As I said, its quite effective so do all your installations before you turn Rootkit protection on, alternatively, you can always turn off that protection in Samurai control panel, install your software and turn it on again.

Or use legal programs that pass QA :)

Illegal works fine here, no guilt whatsoever:) but it is entirely up to one's conscience and we should leave it at that.

Many pseudo legal stuff out there in use daily and some have stolen with contention but they manage to get away, day in, day out.

With SafeXP (custom), Harden-It (best), Samurai (high), BugOff (all disabled), and Enough is Enough, would someone benefit any by adding Secure-It to the list or is it an overlap? Still haven't given up on Secure-It since some people use it without problems.

dja2k

well secure-it only hardens IE but it works differently than enough is enough so u should use it. if u use enough is enough, then i assume u use IE as well?

I already installed Secure-It and everything seems to work fine. Didn't encounter the previous complications like before, maybe because I read the options and ommited one or two things and left them in defualt. Yeah I guess those dealing with URL stuff caused my MS Word and MS Frontpage to not work correctly, so I didn't add them. No I don't really use IE but it doesn't hurt to have it secure. I mainly use Firefox, but do sometimes use Opera and Maxthon as well.

dja2k

Hi all!

I'm finally back on line.

I installed LNS and then Harden It with all recommended settings on one machine and I noticed Spyware Doctor was the only program that would update. Nod, Spyware Blaster, Microsoft AntiSpy, would no longer update at all.

I don't know if it takes a few hours or so for the programs to acclomate to the changes once Harden It is installed (just a guess). I did revert the changes and noticed that the particular programs still wouldn't update. I waited a while then they were as normal.

I'm using the standard ruleset in LNS. Perhaps LNS needs further configuration.

I have a second machine (both laptops are identical) I installed Harden It and using windows FW and it works beautifully. I'm going to wait to install LNS on this machine til I can figure out what's going on with the first one with LNS & Harden It.

If anyone could shed some light on this I would appreciate it.

Thanks

Sounds more like a temporary internet access problem than anything else. Harden-It should have no ill effects on your connection. And assuming your LnS rules are in order, there should be no problems. You might check and make sure your LnS DNS rules are good. Did the problem presist for more than just a few minutes?

Harden IT will never block sites, check your LnS logs for IP's being blocked.

-{ Quote: " Sounds more like a temporary internet access problem than anything else. Harden-It should have no ill effects on your connection. And assuming your LnS rules are in order, there should be no problems. You might check and make sure your LnS DNS rules are good." }-
That's just what I thought. I put a post in the LNS forum with a screenshot of my log, and about how to make the rules.

@Arup

Since you also use Harden It, I have a question; When you clean your registry, how do you get around not deleting any entries that Harden It set.

I installed a registry cleaner and a lot of these entries look like they belong to Secure It & Harden It and I didn't want to delete them being afraid it would destroy the programs. Any tips or suggestions.:)

Thanks fellas as always!

Rilla,

Good point, so far, with four of the reg cleaners I use, none of them touched the TCP stack because its generally considered off limits by any respectable reg cleaner, they are after all only looking for software entries and service and drivers added or removed, ideally, they have no business in the TCP stack which Harden IT mods, if that was the case, your net would stop working and you would have to re-install TCP stack.

Arup,

-{ Quote: "respectable reg cleaner" }-

What are the four respectable reg cleaners? I'm using Registry Mechanic latest version.

Hey Fellas,

Notice it says custom controls on left side of screenshot. It looks like all eight of those entries have key words that relate to Secure It & Harden It, but I cannot positively confirm. See what you guys come up with;D

This program also picked up both file paths for Secure It & Harden It and refers to them as missing program short cuts, the exact path where their folders are (Not in screenshot).

That unfortunately is the problem with many reg cleaners, that they aren't too awfully smart sometimes. You have to be careful about what you let them delete. I personally do not use any for this reason, and prefer to keep a good HD image and restore from that as often as necessary.

As for your connections problems though, I still don't see how this could be effected at all by anything related to Harden-It. So whether the reg cleaner deletes your Harden-It entries or not shouldn't make any difference there. I would suspect something amiss in your LnS rules. I would probably first try uninstalling LnS and deleting the rules left behind if any, and then reinstalling LnS and starting with a clean default advanced rule set again. Then take it from there.

I saw your post in the LnS forum yesterday about some weird clicking sounds and such, and admit that I have no idea what that's all about! :)

Rilla,

I use Reg Seeker, WinASO Reg Optimizer, Crap Cleaner and Reg Vac, none of them have so far wiped out my Harden IT settings.

-{ Quote: "As for your connections problems though, I still don't see how this could be effected at all by anything related to Harden-It. " }-
I don't suspect Harden It

-{ Quote: " I would suspect something amiss in your LnS rules. I would probably first try uninstalling LnS and deleting the rules left behind if any, and then reinstalling LnS and starting with a clean default advanced rule set again. Then take it from there." }-
The machine that LNS is on is with the standard ruleset with all defaults, I never changed anything after the install. But, according to the log, I'm sure it has something to do with my router and or something else in the log, because there are tons of entries for the 2WIRE Portal. I'm wondering if that constant sound is related to something being blocked in the log.

I'm waiting on a reply to my posts to see what I should do about the rules.

Will keep ya posted;)

-{ Quote: "Rilla,

I use Reg Seeker, WinASO Reg Optimizer, Crap Cleaner and Reg Vac, none of them have so far wiped out my Harden IT settings." }-

Thanks Arup for the info.:)

-{ Quote: "

I'm waiting on a reply to my posts to see what I should do about the rules.

Will keep ya posted;)" }-

Well, I would think that Frederic should/would reply soon with some help. Are you by any chance using the 2.05p3 beta? If so, that might possibly be causing some problems if it's not fully debugged yet..

-{ Quote: "Well, I would think that Frederic should/would reply soon with some help. Are you by any chance using the 2.05p3 beta? If so, that might possibly be causing some problems if it's not fully debugged yet.." }-
No. I'm using 2.05 straight from the Soft4ever site.

I'm going to throw something at you and Arup. Doesn't (if I remember correctly) Harden It disable UPnP and Multicast Pass Through? Take a look at my post about the LNS FW log and look at the reply, you'll know what I mean when you see it, I'm starting to get nervous.

Well, to be honest, I don't know the answer to that one. There is however, one sure way to see if Harden-It is your problem. Simply deselect all the options in the Harden-It window and apply the changes, then reboot. If the problem is still there, then it wasn't Harden-It. Same for Secure-It also, although I'm not familiar with Secure-It's interface and have not used it, but I assume you can reverse it's settings and return things to normal there too.

Yep, as a safety feature Harden IT does disable multicast and UPnP, but they have nothing to do with blocking the net, they are disabled on my system as well which is also a Gateway ICS PC, I also have muticast and UPnP disabled on my router as well.

-{ Quote: "Well, to be honest, I don't know the answer to that one. There is however, one sure way to see if Harden-It is your problem. Simply deselect all the options in the Harden-It window and apply the changes, then reboot. If the problem is still there, then it wasn't Harden-It. Same for Secure-It also, although I'm not familiar with Secure-It's interface and have not used it, but I assume you can reverse it's settings and return things to normal there too." }-

Kerodo,

I know it's not Harden It, it's something as simple as some type of rule. Harden It & Secure It are awesome little programs. Secure It has a nice white list of activex feature I like. Try it out, you'll only be safer.

-{ Quote: "Yep, as a safety feature Harden IT does disable multicast and UPnP, but they have nothing to do with blocking the net " }-
I knew it, I knew it, cuz I remembered those settings.

That was my exact thought, but I didn't want to say that. That would have started trouble. Harden It wouldn't have something that could disable your router, people wouldn't use the program.

My other machine I reformatted that doesn't have LNS on it, it has Windows FW and Harden It and it runs beautifully. I was waiting for the answer to LNS before I add it to this machine.

I checked the FW log for the router and there were four High Severity Syn Flood Attacks, tons of port scans, and a lot of Null Attack Detection (I think it was). At least they are not able to get in. I saved a copy of the log.

I checked out those registry cleaners you suggested and I tested allof them first and I ended up buying RegVac and using CCleaner. RegVac found a ton of stuff, a lot more than all the others. After running RegVac four times it came up with zip. Then I ran CCleaner and it found 40 more entries. I guess that'll happen, ha.

Thanks as always

Rilla,

If you are behind a router, SYN Flood attack are virtually impossible as the router does the SPI for you. There truly has to be something wrong there to show those attacks in the logs. Harden It in itself will do no such thing as blocking your connnection, as a matter of fact, Harden It will block DDoS, SYN attacks and many more in case your router fails to do that.

-{ Quote: "Rilla,

If you are behind a router, SYN Flood attack are virtually impossible as the router does the SPI for you. There truly has to be something wrong there to show those attacks in the logs. " }-

I just thought I would check the log to see activity since Harden It was installed and that's what the log picked up. I used all recommended settings. I wonder what could be wrong?

-{ Quote: " Harden It in itself will do no such thing as blocking your connnection" }-
I understand that.
-{ Quote: "Harden It will block DDoS, SYN attacks and many more in case your router fails to do that." }-
Yes, that's why I wanted to install it. Now, that makes me wonder why. If you have any thoughts let me know. You can see exactly what I have enabled when you looked at the post in LNS forum about the FW log.;)

Rilla,

Since you are behind a NAT router presumably, try un-installing LnS and see how it goes, if it works out fine, you have isolated the problem to LnS, it would then be up to you if you wish to re-install LnS and give it a second try or try out other outbound solutions.

if LnS is the problem, is it possible that Rilla may need to configure LnS to work with a router (http://www.wilderssecurity.com/showthread.php?t=9474)?

-{ Quote: "Rilla,

Since you are behind a NAT router presumably" }-
Yes, a 2WIRE Home Portal from SBC. The log I told you about with the SYN Flood Attacks etc came from the computer with Harden-It and Windows FW installed only. LNS is not installed on this computer, it's on the other one I'm waiting to hear an answer for (were I posted the log about the FW in LNS forum) the one with LNS on it, before I put it on the other.

One computer has Harden-It & Windows FW & Secure IT

One computer has LNS & Secure-IT

Did you have to configure your router with any FW'S?

-{ Quote: "if LnS is the problem, is it possible that Rilla may need to configure LnS to work with a router (http://www.wilderssecurity.com/showthread.php?t=9474)?" }-
Hi WSFuser,

it needs some type of rule made whether it be router rules or something else. If you see my post on "Can anyone tell me what my log means" in LNS Forum you are able to see tons of entries for the router, it needs some type of adjustment. Maybe it's something as simple as me right clicking on the Router entrie in the log and allowing, but since I don't know this FW I didn't want to do that. Hopefully, Frederic will answer soon.;)

-{ Quote: "Yes, a 2WIRE Home Portal from SBC. The log I told you about with the SYN Flood Attacks etc came from the computer with Harden-It and Windows FW installed only. LNS is not installed on this computer, it's on the other one I'm waiting to hear an answer for (were I posted the log about the FW in LNS forum) the one with LNS on it, before I put it on the other.

One computer has Harden-It & Windows FW & Secure IT

One computer has LNS & Secure-IT

Did you have to configure your router with any FW'S?" }-
i have the same gateway. however since im just lazy, i set it up as a DMZ so i wouldnt have to worry about my p2p apps and games working. so far LnS and my internet connection have been working fine, but since u have the firewall enabled i guess that may need rules in LnS tho i dont know much.

-{ Quote: "
Did you have to configure your router with any FW'S?" }-
Never had to make any special rules or accomodations for my router here with any other firewalls. Don't know why LnS needs any either, although I must admit that I have not tried LnS with the router here.

Frederic should have responded to your posts long ago..

Hi everybody,

yes Frederic answered we are still resolving.

I tested Harden It on two different machines with two different configurations. Where it asks you to choose about SYN Flood Attacks I left (2). On the next machine I chose (1) Under Heavy Attack.

Now the one where I chose (1) Under Heavy Attack the SYN Floods stopped showing up in the log, where as the other one they were showing up.

Please note that these comparisons were done with windows FW and Harden-IT only. No LNS on these. Sorry I should have posted that information before.

Just though I would throw that out there;)

-{ Quote: "yes Frederic answered we are still resolving." }-
Try disabling your Secure-It settings on the LnS system and see if that impacts what you are seeing in the logs.

Regards,

CrazyM

Rilla,

Can you tell me if you are behind a NAT router? Also do you have the router's firewall turned on and also would like to know the brand of your router including the model number of possible?

-{ Quote: "Try disabling your Secure-It settings on the LnS system and see if that impacts what you are seeing in the logs.

Regards,

CrazyM" }-
I will give it a try and get back to you.

Thanks

-{ Quote: "Rilla,

Can you tell me if you are behind a NAT router?" }-
It's a 2WIRE Home Portal from SBC Yahoo. I guess that's considered a Nat router.
-{ Quote: "Also do you have the router's firewall turned on and also would like to know the brand of your router including the model number of possible?" }-
Yes, I always have the router's FW turned on. The brand is 2WIRE Home Portal from SBC Yahoo. I looked on the bottom of the router and it says HomePortal 1000SW. This Home Portal is also to communicate with wireless cards.

If you go to "Can you tell me what my log means" in LNS forum you will see everything that is enabled on my router FW.

My desktop connection is local area network with an eithernet cable going to the back of my box. The two laptops have built in wireless cards and they are set up with wireless connection.

So this means, all you need is outbound protection, the 2Wire is in itself quite a competent all in one solution and if you do a GRC scan without LnS, you will see you are fully stealth so my suggestion to you would be, in case you wish to keep LnS, just use its outbound app filter and turn down SPI for inbound traffic, see what happens then.

-{ Quote: "So this means, all you need is outbound protection, the 2Wire is in itself quite a competent all in one solution and if you do a GRC scan without LnS, " }-
This router has Inbound and Outbound capabilities.

The computer with LNS has been shut down (I'm on my desktop now) until this can be resolved. It's not really a big thing, I'm just trying to understand this FW. I would like the router FW and LNS to be able to play nice, the extra layer of defence thing, that way if something does get in LNS would catch it.

SBC has been taken down by worms etc also, then that would leave me vulnerable, just seems to risky.

I don't know, maybe I'm wrong in my thinking, ha, ha, ha.....wouldn't be the first time.

And yes the puter with LNS was tested GRC and it came back completely stealthed. There is another site I wanted to test it at and I can't remember the name of it, the only thing I remember was at the end of the test it would say it recommended you to try the test again with Sygate, regardless of results.

Is there any other testing sites for the FW? Just a side note check post 133, it has been edited.

-{ Quote: "Is there any other testing sites for the FW? Just a side note check post 133, it has been edited." }-Hi Rilla,

you could try these sites;

http://www.auditmypc.com/

http://www.hackerwatch.org/probe/

http://www.dslreports.com/scan/

http://www.pcflank.com/scanner1.htm

http://scan.sygatetech.com/

regards T

Also www.speedguide.net has a good security scan as well, I would not eanble any outbound firewall on the router, would rather leave that to LnS outbound app filter but will definitely run LnS with inbound SPI disabled.

-{ Quote: "Also www.speedguide.net has a good security scan as well, I would not eanble any outbound firewall on the router, would rather leave that to LnS outbound app filter but will definitely run LnS with inbound SPI disabled." }-


That makes sense about the set up you suggested. I didn't stop to think, it then would be going through two steps on the Outbound when it don't have too. It's funny, sometime's things appear to be different after ya think on it a bit.

Here's the thing, if I disable Outbound Router FW which is 95% of the options in the FW (which I don't have a problem doing) that leaves only two options left for the Inbound which is: Remote Magaement & NetBIOS and those are not enabled anyway. So I guess I'm on my own with the Inbound & Outbound, this router isn't all that, I see now.

So, that leaves three options left in the Security Module I could use which are: Stealth Mode, Block Pings, Strict UDP Session Control.

In order to set it up the way you said, I guess that's where the rules come in to play. In fact, I went to LNS site to find info about making rules and found some d/l's for rules that don't apply to what I was looking for.

Regards,

-{ Quote: "Hi Rilla,

you could try these sites;

http://www.auditmypc.com/

http://www.hackerwatch.org/probe/

http://www.dslreports.com/scan/

http://www.pcflank.com/scanner1.htm

http://scan.sygatetech.com/

regards T" }-
Hey thanks for the link T;)

-{ Quote: "... I would not eanble any outbound firewall on the router, would rather leave that to LnS outbound app filter but will definitely run LnS with inbound SPI disabled." }-
While that is an option, keep in mind they are filtering at different levels.

If the router has outbound control, you can define a policy for what is permitted for all systems on the LAN. This is certainly preferable to a permit any out.

If you want additional filtering on the PC's you can use a software firewall for that.

Regards,

CrazyM

A software firewall allows you to control LAN pretty well with easy setting of protocols etc, a policy making firewall like NetVeda will allow further control based on content, rating etc. so consider that as well.

-{ Quote: "That makes sense about the set up you suggested. I didn't stop to think, it then would be going through two steps on the Outbound when it don't have too. It's funny, sometime's things appear to be different after ya think on it a bit.

Here's the thing, if I disable Outbound Router FW which is 95% of the options in the FW (which I don't have a problem doing) that leaves only two options left for the Inbound which is: Remote Magaement & NetBIOS and those are not enabled anyway. So I guess I'm on my own with the Inbound & Outbound, this router isn't all that, I see now.

So, that leaves three options left in the Security Module I could use which are: Stealth Mode, Block Pings, Strict UDP Session Control.

In order to set it up the way you said, I guess that's where the rules come in to play. In fact, I went to LNS site to find info about making rules and found some d/l's for rules that don't apply to what I was looking for.

Regards," }-
i recommend u leave the stealth and ping options checked. so that it can stealth ur ports and pass the shields up test as grc.com

-{ Quote: "While that is an option, keep in mind they are filtering at different levels.

If the router has outbound control, you can define a policy for what is permitted for all systems on the LAN. This is certainly preferable to a permit any out.

If you want additional filtering on the PC's you can use a software firewall for that.

Regards,

CrazyM" }-
Hi crazyM,

I know I probably confuse some people with these posts because I have three systems I'm dealing with. But, LNS is only on one (the laptop). Until I figure out how to properly configure it and it works okay, I then will purchase two more License for the others.

In regards to: If the router has outbound control, you can define a policy for what is permitted for all systems on the LAN. This is certainly preferable to a permit any out.

Thats exactly what I wanted to do, but I gathered not possible. Okay, well I know now. I will post some screen shots, so you can see what's on my end.

I did uninstall Secure It and it made no difference to LNS. Harden It is not on this specific system. Will get back to you soon.

Thanks

-{ Quote: "i recommend u leave the stealth and ping options checked. so that it can stealth ur ports and pass the shields up test as grc.com" }-
Hi WSFuser,

I agree!

I just went back to the post with the problem you're talking about and realized something.. I'm not sure about the others, but NOD32 uses the QoS Packet Scheduler to update (so that dial-up users don't get DoS'ed when first getting online when there's a big update, lol).. Go into the Control Panel > Network Connections, right click on your net connection and click Properties, and make sure there's a check in the box for "QoS Packet Scheduler"..

-{ Quote: "I just went back to the post with the problem you're talking about and realized something.. I'm not sure about the others, but NOD32 uses the QoS Packet Scheduler to update (so that dial-up users don't get DoS'ed when first getting online when there's a big update, lol).. Go into the Control Panel > Network Connections, right click on your net connection and click Properties, and make sure there's a check in the box for "QoS Packet Scheduler".." }-
Yes there is Notok.