Loopback - Info.

Everything I've ever read about loopback, and regarding the merits of using or not using it, seem very vague. I'm specifically referring to Firefox here, but I'm sure other browsers use it as well.

What exactly is it? What is it's purpose? Should I be allowing it?

My general rule of thumb is that if something doesn't appear necessary on my box for proper functionality... I don't allow it. But I realize that sometimes you can be harming yourself while being oblivious to it. Everything may SEEM to be fine on the surface, but it isn't. And Firefox "seems" to work just fine without allowing a rule for loopback. But... is it really?

Thanks for any insight.

 

I allow it with the default rule in Jetico fw, otherwise it can be restricted on a per application basis. The rule I have:

Trusted addresses is simply: 127.0.0.1

Personally I keep this global allow rule enabled. If you want to bolster security, you could disable loopback rules and create rules as necessary. More about it in an excellent guide by Paranoid2000 (I'm not trying to trumpet Outpost).

 

Loopback is just when a program creates a connection to something on the same computer. Often this can be a web filtering proxy (e.g., some AV web filters, ad blockers like Ad Muncher, etc.), so you get prompted when something connects to the proxy. If you don't enable prompts for loopback connections then you'll just get one when the proxy first connects, and after that everything else will be able to connect out through the proxy without you getting any prompts.

 

Thanks, and confirmed... Firefox anyway uses loopback to facilitate it's implementation of SSL using PSM. Definitely activity I want to allow for my browsers anyway. For other things... well it's really a per case basis.

I'm inclined to think Pidgin Messenger could utilize it for a similar purpose, especially if you're using OTR or Pidgin-Encryption.

 

In addition to what others already posted:

a) this is more a topic for the firewall forum.
b) dear old friend CrazyM posted long ago in general about loopback rules in https://www.wilderssecurity.com/showthread.php?t=4413

 

Yeah, good call having it here along with the thread it was really created for.

And btw, my loopback rule for Pidgin is a tad different, based on the way it handles it... just in case anyone cares:

Allow UDP Out, Source Add.- Network Zone (Loopback), Dest. Add.- Network Zone (Loopback), Source Port- A Port Range- 1030-4999, Dest. Port- A Port Range- 1030-4999