LooknStop Fails Test

Discussion in 'LnS English Forum' started by darksky, Jan 26, 2003.

Thread Status:
Not open for further replies.
  1. darksky

    darksky Registered Member

    Joined:
    Jan 13, 2003
    Posts:
    33
    Activated LooknStop and imported the Advanced RuleSet. Tested against PC-Flank - even on QuickTest, it failed to stealth Port 80.

    Ruleset attached, what can be done to stealth this port?? o_O
     

    Attached Files:

  2. darksky

    darksky Registered Member

    Joined:
    Jan 13, 2003
    Posts:
    33
    See PCFlank Test Results below: :(
     

    Attached Files:

  3. Klaude

    Klaude Registered Member

    Joined:
    Jan 16, 2003
    Posts:
    17
    Create a rule to block port 80. ;)
     

    Attached Files:

  4. Klaude

    Klaude Registered Member

    Joined:
    Jan 16, 2003
    Posts:
    17
    In your "Internet Filtering List", looks like...
     

    Attached Files:

  5. Frederic

    Frederic LnS Developer

    Joined:
    Jan 9, 2003
    Posts:
    4,354
    Location:
    France
  6. SKA

    SKA Registered Member

    Joined:
    Aug 2, 2002
    Posts:
    151
    Where shud such a rule(Block 80) appear be in the list of advanced rules ?

    SKA
     
  7. Klaude

    Klaude Registered Member

    Joined:
    Jan 16, 2003
    Posts:
    17
    There's no rule to block the port 80 in the advanced rules set I think. So you need to create one if needed, and you put it "at the top" of the list if you wish.
     
  8. MickeyTheMan

    MickeyTheMan Security Expert

    Joined:
    Feb 9, 2002
    Posts:
    1,016
    Darksy, any reason why you deactivated rule 4 & 5 ?
     
  9. MickeyTheMan

    MickeyTheMan Security Expert

    Joined:
    Feb 9, 2002
    Posts:
    1,016
    http://itsec.commontology.de/firewalls/lns/block%2080%20outbound.gif

    That rule is really to prevent EDexter, spyblocker and similar apps to send out info, which they shouldn't in the first place

    BTW, That site is a good place to learn about rules http://itsec.commontology.de/firewalls/lns/lns-rules.html
     
  10. darksky

    darksky Registered Member

    Joined:
    Jan 13, 2003
    Posts:
    33
    Added rule for Port 80 - still, LooknStop is failing to stealth port on PCFlank's QuickTest. See below
     

    Attached Files:

  11. darksky

    darksky Registered Member

    Joined:
    Jan 13, 2003
    Posts:
    33
    See below
     

    Attached Files:

  12. darksky

    darksky Registered Member

    Joined:
    Jan 13, 2003
    Posts:
    33
    Still failing to stealth on QuickTest of PCFlank...see test below:
     

    Attached Files:

  13. Klaude

    Klaude Registered Member

    Joined:
    Jan 16, 2003
    Posts:
    17
    Weird. :eek:
    Like Frederic said, select the ! to see if the packets are seen and not blocked, or not seen at all.
    Check your logs after...
    Did you try the test elsewhere ?
    Use the "Advanced port scanner" at PCFlank just to scan ONE port, 80 in your case. Same result ?
     

    Attached Files:

  14. darksky

    darksky Registered Member

    Joined:
    Jan 13, 2003
    Posts:
    33
    Hi,

    I selected ! and re-ran the test...

    My stats are below:

    Thanks....
     

    Attached Files:

  15. Vampirefo

    Vampirefo Guest

    Post your logs, I am guessing your ISP is blocking port 80, meaning your port 80 is not being scanned, your ISP's port 80 is being scanned instead of yours.


    Look in your logs, do you see a scan on port 80? I think not.
     
Thread Status:
Not open for further replies.