Configuring the fire wall to allow SocksChain

Discussion in 'LnS English Forum' started by sisi, Jun 19, 2004.

Thread Status:
Not open for further replies.
  1. sisi

    sisi Guest

    In principle SocksChain works as a local proxy server to the applications which access it. It opens a connection on the (local) IP address and uses a user defined port (default is 1081). An attacker who accesses 127:0.0.1:1081 from the outside (internet, intranet,...) is now able to enter the system. Ufasoft is aware of the problem and recommends to block the inbound access by a personal firewall. The firewall must be configured to disallow server rights for SocksChain...........

    is this possible with L&S? Fred?

  2. Frederic

    Frederic LnS Developer

    Jan 9, 2003

    I don't understand how it is possible to connect from the outside to I thought it was normally not possible.

    But anyway, if you create a rule to block incoming packets with a dest address set to yes, it should work.
    Or, you can also block specifically all incoming connections on port 1081. If you are using the BlockIncomingConnection rule, this should already block these packets, except if you placed a dedicated rule before that rule to allow some specfic connections.

  3. sisi

    sisi Guest

    Thanks for the quick response

    There was a thread a while Matrix2002

    "Hey I remember there was some registry tweak to make looknstop to have spi
    only for incoming connections.
    Can someone please remind me how to do that?
    (I want to use it in order to socksify my browsing using sockschain)
    When I try to use it I get a lot of spi entries in the log and most of the times am not able to browser using sockschain.........."

    Matrix 2002 did you manage to sockify your browsing, i am still having trouble.....

Thread Status:
Not open for further replies.