LooknStop Fails Test

Discussion in 'LnS English Forum' started by darksky, Jan 26, 2003.

Thread Status:
Not open for further replies.
  1. darksky
    Offline

    darksky Registered Member

    Activated LooknStop and imported the Advanced RuleSet. Tested against PC-Flank - even on QuickTest, it failed to stealth Port 80.

    Ruleset attached, what can be done to stealth this port?? o_O

    Attached Files:

  2. darksky
    Offline

    darksky Registered Member

    See PCFlank Test Results below: :(

    Attached Files:

  3. Klaude
    Offline

    Klaude Registered Member

    Create a rule to block port 80. ;)

    Attached Files:

  4. Klaude
    Offline

    Klaude Registered Member

    In your "Internet Filtering List", looks like...

    Attached Files:

  5. Frederic
    Offline

    Frederic LnS Developer

  6. SKA
    Offline

    SKA Registered Member

    Where shud such a rule(Block 80) appear be in the list of advanced rules ?

    SKA
  7. Klaude
    Offline

    Klaude Registered Member

    There's no rule to block the port 80 in the advanced rules set I think. So you need to create one if needed, and you put it "at the top" of the list if you wish.
  8. MickeyTheMan
    Offline

    MickeyTheMan Security Expert

    Darksy, any reason why you deactivated rule 4 & 5 ?
  9. MickeyTheMan
    Offline

    MickeyTheMan Security Expert

    http://itsec.commontology.de/firewalls/lns/block%2080%20outbound.gif

    That rule is really to prevent EDexter, spyblocker and similar apps to send out info, which they shouldn't in the first place

    BTW, That site is a good place to learn about rules http://itsec.commontology.de/firewalls/lns/lns-rules.html
  10. darksky
    Offline

    darksky Registered Member

    Added rule for Port 80 - still, LooknStop is failing to stealth port on PCFlank's QuickTest. See below

    Attached Files:

  11. darksky
    Offline

    darksky Registered Member

    See below

    Attached Files:

  12. darksky
    Offline

    darksky Registered Member

    Still failing to stealth on QuickTest of PCFlank...see test below:

    Attached Files:

  13. Klaude
    Offline

    Klaude Registered Member

    Weird. :eek:
    Like Frederic said, select the ! to see if the packets are seen and not blocked, or not seen at all.
    Check your logs after...
    Did you try the test elsewhere ?
    Use the "Advanced port scanner" at PCFlank just to scan ONE port, 80 in your case. Same result ?

    Attached Files:

  14. darksky
    Offline

    darksky Registered Member

    Hi,

    I selected ! and re-ran the test...

    My stats are below:

    Thanks....

    Attached Files:

  15. Vampirefo
    Offline

    Vampirefo Guest

    Post your logs, I am guessing your ISP is blocking port 80, meaning your port 80 is not being scanned, your ISP's port 80 is being scanned instead of yours.


    Look in your logs, do you see a scan on port 80? I think not.
Thread Status:
Not open for further replies.