Look'N'Stop Beta 2.05

I'm using this beta and I don't know if it's a problem with the beta because I haven't tried the release version but I ran a security check in grc.com >

I like Look'N'Stop but it has a lot of open ports

113
IDENT
Closed Your computer has responded that this port exists but is currently closed to connections

1024
DCOM
Closed Your computer has responded that this port exists but is currently closed to connections.

1025
Host
OPEN! One or more unspecified Distributed COM (DCOM) services are opened by Windows. The exact port(s) opened can change, since queries to port 135 are used to determine which services are operating where. As is the rule for all exposed Internet services, you should arrange to close this port to external access so that potential current and future security or privacy exploits can not succeed against your system.

1026
Host
Closed Your computer has responded that this port exists but is currently closed to connections.

1027
Host
Closed Your computer has responded that this port exists but is currently closed to connections.

1028
Host
Closed Your computer has responded that this port exists but is currently closed to connections.

1029
Host
Closed Your computer has responded that this port exists but is currently closed to connections.

1030
Host
Closed Your computer has responded that this port exists but is currently closed to connections.

1720
H.323
Closed Your computer has responded that this port exists but is currently closed to connections.

5000
UPnP
Closed Your computer has responded that this port exists but is currently closed to connections.


Then all the rest were stealthed

 

Hey RobNyc

Have you switched from StandardRulesSet.rls to EnhancedRulesSet.rls rule-set yet?

In Look ‘n’ Stop Internet Filtering screen go-to “Load…” button..

 

Just did it .. There we go perfect =]
Another Question, is being pingable good or not?

 

As in ICMP Ping?

 

Ya

 

Allowing ICMP Pinging of your Machine can be a bonus for the Attacker wanting to wipe you off the Internet easily.

 

Ouch! . But I noticed when I ran the dslr tweak test I am pingable because it pinged it and I saw my ping rates

 

Being 'pingable' is not as evil as he makes it sound, but there are some malicious things people can do with it.

Its fine to use your normal icmp rules that don't make you 'pingable', but you can also easily make two rules to allow a single site to ping you. Make sure they go above the icmp blocking rule(s).
Inbound icmp type 8, code 0 from xx.xx.xx.xx
Outbound icmp type 0, code 0 to xx.xx.xx.xx

 

BlitzenZeus

A Computer that is “Pingable” can be wiped off the Internet much easier then a Machine that is not, are you trying to say otherwise?

Hey RobNyc

BlitzenZeus is right that the Look ‘n’ Stop EnhancedRulesSet.rls rule-set contains normal ICMP rules that don’t make you “pingable”.

 

Ok, just who are you going to piss off that would want to force you offline by filling your inbound bandwidth anyway, effectively doing a Denial of service attack, or send some of the malicious variants of the icmp 0 packet? Realisticly most people will not have this used against them, but most firewall configurations do block type 8 inbound along with most of the other icmp types and codes.

To this day servers have ran on the internet without any ill effect from responding to pings, even with everything malicious you can do with them.

 

To simplify what BlitzenZeus had said, he agrees… Thank you BlitzenZeus!

 

Okay got'cha then I guess I'm good I haven't edit nothing I only changed from the rule set they told me to change since i wasn't stealth and stuff

 

Heheh thanks

 

Anyone who’s anyone knows you don’t need to give a reason for a lamer to start attacking.

 

LOL, should I put on my tin foil hat now? Are they coming to attack me?

The only thing I could consider an 'attack' was some lamer who was getting their butt handed to them in an online game, and wanted to flood my bandwidth. Well they coudln't do that on their DSL connection with 128kbps upload when I had cable!

 

When you're pingable aren't you going faster?