Hi to all. I've been trying to understand LNS as far as I can. So far so good... I have one question related Local Loopback. I used to have Kerio 2.1.5, which allowed me to set a rule for "All Applications" connecting to 127.0.0.1. I don't seem to find this in LNS (I've googled it). One of the problems i'm encountering is when trying to install Oracle XE. It seems that many components "talk" themselves via TCP/IP at localhost. I guess that there are many programs that work like this. Is there any way to allow Local Loopback via a rule or something? Thanks in adavance! PS: Sorry for my english!
That's what keeps me from using this otherwise very fine firewall (and [deleted ref]). All localhost allowed by default. NOD, Avast, Avira and many other security applications can do web monitoring via one localhost port. If we can't set a rule to block applications from using that port, my understanding is that a tunnel is made and it is not safe.
Interesting... I have no idea: How can a loopback packet leave my computer without being detected by my internet filtering ?? Thanks for clarification Thomas
New application attempting to use Local loopback, Look ‘n’ Stop Application filtering will detect and alert. Anything using Local loopback interface to then make Internet connections, don’t get a free pass .. simply because the Local loopback interface was used.
I think I'm now confused. I, like pantezuma, come from Kerio, and its relative (which I won't name 'cause it might be seen as an ad ), where I can make rules for local host and the proxy ports use or non use. @Phant0m and Stem, Have I misunderstood the answer - see posts 8 and 9 here https://www.wilderssecurity.com/showthread.php?t=256474 and to clarify my question, can something like this be done in LnS - see proxy blocks at the end of the screen shots in this ancient thread http://www.dslreports.com/forum/remark,13064195
The loopback(localhost) is only intercepted at application(filtering) level. So if you allow an application internet access, you allow it all loopback. If you block internet for an application, then you also block it from loopback. You cannot make rules for loopback address, they are not filtered by the driver sitting on the NIC(Internet filtering). - Stem
If a new application attempts to use Local loopback interface, it’ll be detected by Application filtering, you can permit or deny the application. When you deny the application, it’ll also deny application attempts to use local loopback interface. When permitting the application .. you have no fine controls for just the Local loopback activity done by the application there-after.
Hi to all. And what about allowing that application at the Application Filter layer to only connect to 127.0.0.1? Would that work? Thanks in advance.
Specify !0-65535 for TCP and UDP ports, this'll block TCP & UDP packets sent to Internet but still allow local Loopback activity.
Hi to all. I tried the !0-65535 trick but it doesn't seem to work. It doesn't work putting 127.0.0.1 and allowing all ports neither. I made it work by setting only the port for Oracle 1521 and my Ip in Application Filtering. I don't know that much about TCP/IP but I have dinamic IP, so I know that tomorrow this rule won't work as I will have a new IP! I used to think that my IP was similar to 127.0.0.1 to local applications... Is there any way to reference my IP in Application Filtering considering what I have stated? Any help would be appreciated! PS: Sorry for my english.