Which of these operations MUST connect To internet?

Discussion in 'other firewalls' started by Jonas, Mar 4, 2003.

Thread Status:
Not open for further replies.
  1. Jonas

    Jonas Registered Member

    Joined:
    Oct 30, 2002
    Posts:
    46
    Hello, i have been a sygate user for some time but lately it has been hanging up my system and i can't figure out why. So I uninstalled and reinstalled the newest version 1175. What i can't seem to remember is which programs/operations MUSt connect to the internet versus which ones just want to. I am running windows XP Pro. Any suggestions about which of the following services must connect to the internet?

    NT Kernel & system
    LSA Shell (Export Version)
    Generic Host process for WIN 32 services
    NWLINK2 IPX protocall Driver
    NDIS user mode I/O


    Thanks in advance,
    Jonas
     
  2. root

    root Registered Member

    Joined:
    Feb 19, 2002
    Posts:
    1,723
    Location:
    Missouri, USA
    For XP with Outpost, the only one you must allow out is what Outpost calls SVCHOST.exe. That must be allowed out to remote port 53(DNS) to your ISPs DNS servers. It also must allow DHCP out.
    I would guess in your case, it would be the Generic Host Process.
    Just thought I'd throw that out. You really need to wait for someone familiar with Sygate to answer your question properly.
     
  3. Jonas

    Jonas Registered Member

    Joined:
    Oct 30, 2002
    Posts:
    46
    I'll keep checking..however after reading i am considering changing products to outpost! Any Major issues with the product i should know about. I have read the other threads in this forum with some of its known issues. Thats aside, you consider outpost a very solid product?

    Thanks in advance.
    Jonas
     
  4. JacK

    JacK Registered Member

    Joined:
    Jun 20, 2002
    Posts:
    737
    Location:
    Belgium -Li?ge
    Hello Root,

    Running OP Pro on WinXP Pro SP1 (no need using DHCP at all when a single post, just give an IP, DNS servers, subnet mask to your local NIC and you may unactivate LMHOSTS seeking and NetBIOS with TCP/IP protocol on all your NICs)

    SVCHOST.EXE, HELPHOST.EXE, HELPCTR.EXE, EXPLORER .EXE, RUNDLL32.EXE SYSTEM are among the blocked applications : no need to connect to W3 as they run localy.

    Best regards,
     
  5. root

    root Registered Member

    Joined:
    Feb 19, 2002
    Posts:
    1,723
    Location:
    Missouri, USA
    Jonas, Outpost had its problems with XP. Most notably no ICS support on lans and no fast user switching.
    Some people have had various problems with XP and Outpost, but no more than other firewall, I think.
    If you are on a stand alone computer, try the free version and see if it works for you. Version 2 is coming along, and it now works better on XP than any other OS.
     
  6. L1mer1ck

    L1mer1ck Registered Member

    Joined:
    Mar 8, 2003
    Posts:
    5
    Jonas,

    You should configure Sygate Pro to "ALLOW" the following...
    Kernal
    LSA Shell
    Generic Host Process
    Application Layer Gateway Service (for XP if listed in apps)
    NDIS User mode I/O Driver

    Also if listed in apps. you may need to "ALLOW" the following...
    LSASS.exe
    ALG.exe

    I hope this helps :doubt:

    Sincerely,
    Skreetoe
     
  7. root

    root Registered Member

    Joined:
    Feb 19, 2002
    Posts:
    1,723
    Location:
    Missouri, USA
    Jack, you completely lost me here.
    Could you please explain how to do these things with some detail. o_O
    I may be old, but I sure ain't smart. :D
     
  8. JacK

    JacK Registered Member

    Joined:
    Jun 20, 2002
    Posts:
    737
    Location:
    Belgium -Li?ge
    Hi Root ;)

    I am surely older (52) and not smarter ;)

    Disable all useless services In WinXP

    Running WinXP Pro ADSL Modem Ethernet with RASPPPoE.

    Local Connection : Properties Untick client for M$ Networks and Printers and folders sharing for M$ Networks.
    Internet TCP/IP Protocols\ Properties General : enter a no portable IP (10.0.0.xx for instance) subnet mask 255.255.255.0 and your ISP DNS.
    Advanced\WINS Unactivate NetBIOS with TCP/IP and untick Active LMHOSTS seaking.

    Connection with NIC : Propertiess\Network Management Untick client for M$ Networks and Printers and folders sharing for M$ Networks.
    Internet TCP/IP Protocols\ Properties General : Obtain an IP automatically - General: Tick use default gateway and your ISP DNS.
    Advanced\WINS Unactivate NetBIOS with TCP/IP (Active LMHOSTS seaking is already unticked once your unticked on another NIC).
    Reboot.
    With OP Pro add in blocked Applications (sligthly different with other FW, make DENY rules)
    EXPLORER.EXE, SYSTEM, SVCHOST.EXE,RUNDLL32.EXE.

    Above the result after applying (ipconfig/all)

    Configuration IP de Windows

    Nom de l'hôte . . . . . . . . . . : abcdefgh
    Suffixe DNS principal . . . . . . :
    Type de noud . . . . . . . . . . : Inconnu
    Routage IP activé . . . . . . . . : Non
    Proxy WINS activé . . . . . . . . : Non

    Carte Ethernet Connexion au réseau local:

    Suffixe DNS propre à la connexion :
    Description . . . . . . . . . . . : Realtek RTL8139/810x Family
    ernet NIC
    Adresse physique . . . . . . . . .: ab-cd-ef-gh-ij-kl
    DHCP activé. . . . . . . . . . . : Non
    Adresse IP. . . . . . . . . . . . : 10.0.0.11
    Masque de sous-réseau . . . . . . : 255.255.255.0
    Passerelle par défaut . . . . . . :
    Serveurs DNS . . . . . . . . . . : 195.74.212.12
    195.74.193.12
    NetBIOS sur TCPIP. . . . . . . . : Désactivé

    Carte PPP Connection through Carte réseau Fast Ethernet PCI Realtek RTL
    ly :

    Suffixe DNS propre à la connexion :
    Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
    Adresse physique . . . . . . . . .: 12-34-56-00-00-00
    DHCP activé. . . . . . . . . . . : Non
    Adresse IP. . . . . . . . . . . . : xxx.yyy.zzz.aaa
    Masque de sous-réseau . . . . . . : 255.255.255.255
    Passerelle par défaut . . . . . . : xxx.yyy.zzz.aaa
    Serveurs DNS . . . . . . . . . . : 195.74.212.12
    195.74.193.12
    NetBIOS sur TCPIP. . . . . . . . : Désactivé


    Hoping it helps,
     
  9. root

    root Registered Member

    Joined:
    Feb 19, 2002
    Posts:
    1,723
    Location:
    Missouri, USA
    Ok, thanks Jack. I see what you are saying.
    I'll probably stick with the simple instructions to the Outpost users though. Trying to get some people to setup like that, would likely be disasterous.
    BTW, I'm 58. Your just a youngster. :D
     
Loading...
Thread Status:
Not open for further replies.