Newbie Look 'n Stop question

Discussion in 'other firewalls' started by TonyKlein, Jun 27, 2002.

Thread Status:
Not open for further replies.
  1. TonyKlein

    TonyKlein Security Expert

    Joined:
    Feb 9, 2002
    Posts:
    4,347
    Location:
    The Netherlands
    I've just replaced Norton Internet Security by Look 'n Stop and AdShield, and I must say I'm impressed by both.

    They replace NIS quite nicely.

    I'm just a newbie as regards configuring firewall rules, so here's a question.

    When I run Neotrace, two things happen:

    I found I need to allow my computer "to receive
    and to send packets of type 11 on ICMP
    protocol."

    And the default "Block all other UDP packets" rule (destination Nebios-ns) is invoked as well.

    Is it safe to allow the first one without modifying the rule any further?

    Or does anyone have any other recommendations.

    BTW I have seen this article, and it certainly is quite useful.
    Now if only I knew what to do with it... :rolleyes: (and I'm only half kidding...)
     
  2. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
  3. root

    root Registered Member

    Joined:
    Feb 19, 2002
    Posts:
    1,723
    Location:
    Missouri, USA
    When it comes to ICMP, I have always allowed types 0,3,and 11 in and type 8 out. This should allow you to Ping and traceroute, but leave you unpingable. I believe I got this from Andrea's ruleset a long time ago.
    I might get some flack on this as there seems to be differences of opinion about ICMP being safe at all. I haven't had any problem with the settings I mentioned, and I have been set up like that for a long time. I go all over the web just asking for trouble some times, so I think that's safe.
    Paul is right of course about Frederic. He is always very helpful and has the patience of a Saint.
     
  4. TonyKlein

    TonyKlein Security Expert

    Joined:
    Feb 9, 2002
    Posts:
    4,347
    Location:
    The Netherlands
    Thanks guys, I will take a look there.

    And about Fréderic "having the patience of a saint", I'm sure he'll need it with me...LOL ;)
     
  5. TonyKlein

    TonyKlein Security Expert

    Joined:
    Feb 9, 2002
    Posts:
    4,347
    Location:
    The Netherlands
    As a follow up, I did post at Becky's LnS board, and have already received satisfying answers from Frederic to all my questions.

    I've just purchased LnS. I like it!

    Thanks again,
     
  6. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    Tony,

    Good! Frederic indeed takes care of LnS users.

    Agreed; it's an awesome software firewall ;)

    regards,

    paul
     
  7. TonyKlein

    TonyKlein Security Expert

    Joined:
    Feb 9, 2002
    Posts:
    4,347
    Location:
    The Netherlands
    I can only say that when I first discovered your site, I was just running Norton Internet Security including NAV, and by now I'm running Nod32, LnS, and BOClean, so what about that!?

    There must be some subliminal advertising going on here that goes directly to your inner cortex.... :D
     
  8. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    I'm going to copy and paste your last post, and mail it to the software vendors - merely to cash in :D :D :D

    regards,

    paul
     
  9. TonyKlein

    TonyKlein Security Expert

    Joined:
    Feb 9, 2002
    Posts:
    4,347
    Location:
    The Netherlands
    :D

    By the way, I just registered LnS, and was pleasantly surprised to find a new 'Track Source' button on the Log tab, with Tracert and Whois functionality.

    Great: I don't even need to use Neotrace any more.

    I'm liking this firewall better all the time.

    I even configured a rule to allow time servers to connect through UDP port 123.

    Hey this is easy! ;)
     
Loading...
Thread Status:
Not open for further replies.