LooknStop 2.04beta Rules Set

Discussion in 'other firewalls' started by Scotcov, Nov 10, 2002.

Thread Status:
Not open for further replies.
  1. Scotcov

    Scotcov Guest

    I am new to rule based firewalls.
    I want to make sure that in LooknStop 2.04 beta, the enhanced rules set is enough security for an average internet user such as myself.
    Also, is it enough to "authorize" the web browser, updaters, etc., or do I need to tinker with the rules?
    Thank you!
    Scotcov
     
  2. snowy

    snowy Guest

    Scotcov

    LooknStop may well be one of the very best firewalls around.......however.....last night I installed it briefly and enable the enhabced rules set.......an all my netbios ports remained open
    knowing full well that this is an error on my part I un-installed......an will wait until I can get more instructions from a lookNstop user.......there is a lookNstop forum but I chose not to go there.......registration was required last I looked..........
    nevertheless....imo lookNstop is a great firewall.

    snowy
     
  3. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    Scotcov

    The enahanced rule set should provide the average user with good security. Should you encounter something being blocked that you require, then you would need to go in and tinker with the rule set.

    The latest beta does provide additional application control, perhaps Mickey will jump in and explain that further.
     
  4. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    Hi Scotcov,

    In case you are referring to Andreas' enhanced ruleset: it is.

    A matter of personal choice. Overall, the safest way is never authorizing any executable once and for all. Many do, on the other hand.

    regards.

    paul
     
  5. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    Scotcov

    The enhanced rule set does provide good out of the box security for most users. Should you want to venture further into the rule set and create your own custom rule set, the following are some additional resources for you.

    The Look ‘n’ Stop web site FAQ has some rule examples and pertinent information:
    http://www.looknstop.com/En/faq.htm

    There is Andreas Wagner’s site, which provides information on a number of different LnS rules:
    http://itsec.commontology.de/firewalls/lns/lns-rules.html

    Becky’s also hosts a Look ‘n’ Stop Forum where the developer, Frederic, frequents along with other knowledgeable users:
    http://www.morelerbe.com/cgi-bin/ubb-cgi/ultimatebb.cgi?ubb=forum&f=35&DaysPrune=20

    Recent posts here that might be of assistance in customizing rules:
    http://www.wilderssecurity.com/showthread.php?t=4413

    http://www.wilderssecurity.com/showthread.php?t=4419

    http://www.wilderssecurity.com/showthread.php?t=4423

    http://www.wilderssecurity.com/showthread.php?t=4426
     
  6. MickeyTheMan

    MickeyTheMan Security Expert

    Joined:
    Feb 9, 2002
    Posts:
    1,016
    Except for the REAL PARANOID users like myself, the enhanced ruleset included in LNS will give you as good protection as any other firewall out there.
    There should be no need to make any other rules than the ones already included other than in rare cases such as WinMx for example that uses special rules.
    Even then, making a rule in such case is easy as all you have to do is go to your log, look at the entry being blocked and you can add the rule directly from that screen at that time.
     
  7. Scotcov

    Scotcov Guest

    Thank you all for the very clear answers. And thanks
    CrazyM for all those links. I'm going to follow up as soon as I log out.
    I'm sorry to hear about those open ports, snowman. I've taken all the tests at PC Flank about 3 times since getting LooknStop (I'm paranoid! :D ), and passed them all 100%. Hope it works out! It does seem to be a great firewall.

    Scotcov
     
Loading...
Thread Status:
Not open for further replies.