How secure is LNS?

Hey,

I have been looking into getting a copy of LNS, and installing Phant0m's v8 Ruleset. But I was wondering, from current LNS users, what you think of the security level of LNS?

I like how it is very light an un-obtrusive, but I've never used a rule based FW before. So I don't really know about the security level of it. I was reading some FW comparisons at Matousec, but in looking at the high ranking FW's (most of them anyways) they have so many features beyond just a FW, such as a HIPS, that I don't really find it that fair of a comparitive. I don't need a HIPS built in, I will be getting DefenseWall for that... Coincidentally, DefenseWall is a rule based HIPs, if I have understood it correctly. I just need to find/learn how to configure DW secure though.

So... What has been able to sneak past your copy of LNS?

Thanks!

 

Umm.... Anyone?

 

Hello

Looknstop is very robust Firewall and runs ultra light ,

its as secure as you want to make it ??

just use the EnhancedRulesSet and you should be more than fine

phantom ruleset is from what i heard very very good so you should be very good with that

i dont go for all the stuff on leaktests, looknstop has never let me down

 

Could've been my words.
To my mind leaktests are just marketing jibberish. Nothing ever passed one of the greatest "walls".

 

I understand it is as secure as you wan't to make it... But thats the problem. I don't have the slightest clue on how to configure firewall rules. So I was hoping for, though not requested clearly, some opinions on the available rules sets like the Enhanced and Phant0m's custom rule set. Because I wouldn't be able to configure my own.

Yes, thats what I was saying (though not very clearly in my first post) that leak tests seem overrated. Especially since the high ranking ones have so many features beyond what I would classify as a firewall.

 

Hello Buddy

eg: Lets say you use the Enhanced ruleset I can 100% say you will be more than fine, with its protecion its top notch

And if there is something that you dont understand our your want to tweak your ruleset or add to the Enhanced ruleset then post here what you dont understand and im 10000% you will get 1st class help and advice, stick with the Enhanced ruleset for awhile and im sure it will be more than ok for your needs

You picked a very good rulebased firewall

Is looknstop leaky - No i dont think so leaktest prove nothing in my mind and they are pants,

Looknstop does what it says on the tin " so to speak " lol its secure as any other firewall

 

I absolutely agree with Swami and Sly Dog! I have been using Look 'n' Stop for a very long time, first with the enhanced ruleset and then with Phant0m's ruleset, and nothing has ever gotten past these. I, also, know nothing about configuring rules, and I really don't care to! I would certainly trust the effectiveness of either the enhanced ruleset or Phant0m's--whichever you feel you want to use with this super-light and excellent firewall.

 

Have we got many Vista users running Look 'n' Stop - is it running very stable. While I'm an "advanced" user and quite happy creating rules as they popup in Kaspersky Internet Security, how much harder is it with LnS?

I see the post above saying he "knows nothing about creating rules" - I know that when I put Kaspersky into Training mode for iTunes for example that I have to configure rules for not just iTunes.exe, but for the Bonjour service and 1 or 2 more.

I also use QTracker (similar to All-Seeing-Eye) for watching Call of Duty 4 game servers, this uses hundereds of ports. Call of Duty 4 requires various connections, as does PunkBuster - I normally have PunkBuster and Call of Duty 4 in the "Trusted Zone" in Kaspersky so that their traffic is not logged or scanned to ensure maximum response times when gaming etc...

I'm becoming quite tempted to move away from Kaspersky after all these years, it was the only good choice of Firewall/Antivirus when Vista first came out and I've used it for 5+years under XP etc...

LnS and NOD32 appear to be a good choice for a much faster/lighter system.... appreciate any feedback.

Fedorov.

 

Fedorov999 Looknstop is very simple to run and manage, i have vista ultimate edition no problems running it here

support for looknstop is 1st class, It runs light as a feather
All i can say is give "looknstop a whirl round the block " Im very sure u will like it And it fits your Criteria

PS:Regards to antivirus i would couple it with antivir but thats my 2cents worth....

Let me know if you try it

 

Hello
I am an intermediate pc user [about 10 years_no programming or esoteric knowledge__just always learning and appying]. I am VERY impressed with LnS after a few months of ''well, when is it going to start bugging me?''
Strangely enough, it never did bug me. I really like that.

I am inexperienced with rule sets and am looking for input as to where I can score something simple and painless.

I could not DL the NOD32 trial last week__endless loop of responding to the emai and not getting the DL. I like NOD, but this is not the month to be buying anything; so I will be patient with them and tolerant of myself.

As an aside, AVG 7.5 trial locked up a dll this morning and drained over 350 MB in a heartbeat. Nice! Now it is gone permanently and I wil return to NOD asap.
I have always used www.grc.com for security details and firewall testing as I trust Steve Gibson. I have never had a bit of hype or BS from those people and I reccomend Steve to anyone who can navigate the site. As a result I have no open sockets and a better level of XP security.

I fee exactly the same about www.wilderssecurity.com. It is an excellent tool in acheiving far better security than Willy Gates ever intended us to have.

Please respond someone as to a rule set improvement for LnS.

Thanks all. Wilders has made the biggest improvement to my peace of mind and ease of life since Bill Wilson.
falsoffmotorcycle
Dell Latitude C610, 768 MB, 60G Hitachi TravelStar, lotsa Blood tears and sweat, XP pro SP2 full tilt

 

Hi fallsoffmotorcycle,

Thanks for your post.

As for ruleset improvements for Look 'n' Stop, there are 2:
- the Phant0m ruleset
- the Climenole ruleset

I've no direct link, but browsing the forum you could find them.
Note that these rulesets need to be configured, some minimal knowledge is required to edit some rules.

Besides complete rulesets, to improve Look 'n' Stop you can also:
- enable the TCP SPI in the advanced options
- enable the DLL & Protocol detections in the advanced options
- try the 2.06p2 and import the new SPF rules, the post is here

Regards,

Frederic

 

Frederic,
When I look under "advanced options," I don't see where or how to "enable the TCP SPI." Can you help me find how to enable this?
Thanks!

 

I think I found it! Perhaps it says, "Enable Stateful Packet Filtering?" If so, I enabled it.
Thanks!

 

Hi cdr,

This option is now labeled "Enable the Stateful Packet Filtering".
This is to be more generic, as it includes now the TCP SPI and the new SPF rules (if any).

Regards,

Frederic

 

you know what i miss about look and stop (i agree with you look and stop is really a great software) is that i can allow or deny!
in outpost i can see what a program try to do , so i can make easy rules
in look and stop there is not such feature

 

What you can do is selecting the !! attribute in application filtering for the application you would like to monitor (just click two times on the ! column for the application).
Then in the log you will see the ports and IP address the application is using.

Frederic

 

thanks Frederic
but after i have to use the log to make a specific rule
it's more easy with a pop window , that let me to allow ,dany or make a rule about the imminent action of the program , is for this reason that outpost and comodo are popular because are more easy

but again look and stop is really impressive !

 

Yes, I understand.

For most of standard applications you don't need to create rules, you just have to allow/block the application through a simple popup, and this is also considered easier by people who are not familiar with ports.
Problems come when some applications (like P2P) are using ports which are not compatible with default rulesets, this requires specific rules, and I agree it is not simple to configure, especially when importing rules available from our web site are not sufficient.

Frederic