Firewall and Hardening Systems

Apparently it is not quite that simple as you would think. I believe that Arup had some trouble installing something once even when he allowed it in Samurai. I also had trouble with using the rootkit protection as it prevented Active Ports from running properly and also there seemed to be some issues with Avast AV as well, causing errors. So I just disabled that option and all was well then.

 

As I said, its quite effective so do all your installations before you turn Rootkit protection on, alternatively, you can always turn off that protection in Samurai control panel, install your software and turn it on again.

 

Or use legal programs that pass QA

 

Illegal works fine here, no guilt whatsoever but it is entirely up to one's conscience and we should leave it at that.

Many pseudo legal stuff out there in use daily and some have stolen with contention but they manage to get away, day in, day out.

 

With SafeXP (custom), Harden-It (best), Samurai (high), BugOff (all disabled), and Enough is Enough, would someone benefit any by adding Secure-It to the list or is it an overlap? Still haven't given up on Secure-It since some people use it without problems.

dja2k

 

well secure-it only hardens IE but it works differently than enough is enough so u should use it. if u use enough is enough, then i assume u use IE as well?

 

I already installed Secure-It and everything seems to work fine. Didn't encounter the previous complications like before, maybe because I read the options and ommited one or two things and left them in defualt. Yeah I guess those dealing with URL stuff caused my MS Word and MS Frontpage to not work correctly, so I didn't add them. No I don't really use IE but it doesn't hurt to have it secure. I mainly use Firefox, but do sometimes use Opera and Maxthon as well.

dja2k

 

Hi all!

I'm finally back on line.

I installed LNS and then Harden It with all recommended settings on one machine and I noticed Spyware Doctor was the only program that would update. Nod, Spyware Blaster, Microsoft AntiSpy, would no longer update at all.

I don't know if it takes a few hours or so for the programs to acclomate to the changes once Harden It is installed (just a guess). I did revert the changes and noticed that the particular programs still wouldn't update. I waited a while then they were as normal.

I'm using the standard ruleset in LNS. Perhaps LNS needs further configuration.

I have a second machine (both laptops are identical) I installed Harden It and using windows FW and it works beautifully. I'm going to wait to install LNS on this machine til I can figure out what's going on with the first one with LNS & Harden It.

If anyone could shed some light on this I would appreciate it.

Thanks

 

Sounds more like a temporary internet access problem than anything else. Harden-It should have no ill effects on your connection. And assuming your LnS rules are in order, there should be no problems. You might check and make sure your LnS DNS rules are good. Did the problem presist for more than just a few minutes?

 

Harden IT will never block sites, check your LnS logs for IP's being blocked.

 

That's just what I thought. I put a post in the LNS forum with a screenshot of my log, and about how to make the rules.

@Arup

Since you also use Harden It, I have a question; When you clean your registry, how do you get around not deleting any entries that Harden It set.

I installed a registry cleaner and a lot of these entries look like they belong to Secure It & Harden It and I didn't want to delete them being afraid it would destroy the programs. Any tips or suggestions.

Thanks fellas as always!

 

Rilla,

Good point, so far, with four of the reg cleaners I use, none of them touched the TCP stack because its generally considered off limits by any respectable reg cleaner, they are after all only looking for software entries and service and drivers added or removed, ideally, they have no business in the TCP stack which Harden IT mods, if that was the case, your net would stop working and you would have to re-install TCP stack.

 

Arup,

What are the four respectable reg cleaners? I'm using Registry Mechanic latest version.

 

Hey Fellas,

Notice it says custom controls on left side of screenshot. It looks like all eight of those entries have key words that relate to Secure It & Harden It, but I cannot positively confirm. See what you guys come up with

This program also picked up both file paths for Secure It & Harden It and refers to them as missing program short cuts, the exact path where their folders are (Not in screenshot).

 

That unfortunately is the problem with many reg cleaners, that they aren't too awfully smart sometimes. You have to be careful about what you let them delete. I personally do not use any for this reason, and prefer to keep a good HD image and restore from that as often as necessary.

As for your connections problems though, I still don't see how this could be effected at all by anything related to Harden-It. So whether the reg cleaner deletes your Harden-It entries or not shouldn't make any difference there. I would suspect something amiss in your LnS rules. I would probably first try uninstalling LnS and deleting the rules left behind if any, and then reinstalling LnS and starting with a clean default advanced rule set again. Then take it from there.

I saw your post in the LnS forum yesterday about some weird clicking sounds and such, and admit that I have no idea what that's all about!

 

Rilla,

I use Reg Seeker, WinASO Reg Optimizer, Crap Cleaner and Reg Vac, none of them have so far wiped out my Harden IT settings.

 

I don't suspect Harden It

The machine that LNS is on is with the standard ruleset with all defaults, I never changed anything after the install. But, according to the log, I'm sure it has something to do with my router and or something else in the log, because there are tons of entries for the 2WIRE Portal. I'm wondering if that constant sound is related to something being blocked in the log.

I'm waiting on a reply to my posts to see what I should do about the rules.

Will keep ya posted

 

Thanks Arup for the info.

 

Well, I would think that Frederic should/would reply soon with some help. Are you by any chance using the 2.05p3 beta? If so, that might possibly be causing some problems if it's not fully debugged yet..

 

No. I'm using 2.05 straight from the Soft4ever site.

I'm going to throw something at you and Arup. Doesn't (if I remember correctly) Harden It disable UPnP and Multicast Pass Through? Take a look at my post about the LNS FW log and look at the reply, you'll know what I mean when you see it, I'm starting to get nervous.

 

Well, to be honest, I don't know the answer to that one. There is however, one sure way to see if Harden-It is your problem. Simply deselect all the options in the Harden-It window and apply the changes, then reboot. If the problem is still there, then it wasn't Harden-It. Same for Secure-It also, although I'm not familiar with Secure-It's interface and have not used it, but I assume you can reverse it's settings and return things to normal there too.

 

Yep, as a safety feature Harden IT does disable multicast and UPnP, but they have nothing to do with blocking the net, they are disabled on my system as well which is also a Gateway ICS PC, I also have muticast and UPnP disabled on my router as well.

 

Kerodo,

I know it's not Harden It, it's something as simple as some type of rule. Harden It & Secure It are awesome little programs. Secure It has a nice white list of activex feature I like. Try it out, you'll only be safer.

 

I knew it, I knew it, cuz I remembered those settings.

That was my exact thought, but I didn't want to say that. That would have started trouble. Harden It wouldn't have something that could disable your router, people wouldn't use the program.

My other machine I reformatted that doesn't have LNS on it, it has Windows FW and Harden It and it runs beautifully. I was waiting for the answer to LNS before I add it to this machine.

I checked the FW log for the router and there were four High Severity Syn Flood Attacks, tons of port scans, and a lot of Null Attack Detection (I think it was). At least they are not able to get in. I saved a copy of the log.

I checked out those registry cleaners you suggested and I tested allof them first and I ended up buying RegVac and using CCleaner. RegVac found a ton of stuff, a lot more than all the others. After running RegVac four times it came up with zip. Then I ran CCleaner and it found 40 more entries. I guess that'll happen, ha.

Thanks as always

 

Rilla,

If you are behind a router, SYN Flood attack are virtually impossible as the router does the SPI for you. There truly has to be something wrong there to show those attacks in the logs. Harden It in itself will do no such thing as blocking your connnection, as a matter of fact, Harden It will block DDoS, SYN attacks and many more in case your router fails to do that.