AOL connection problems

Discussion in 'LnS English Forum' started by Defenestration, Jul 26, 2004.

Thread Status:
Not open for further replies.
  1. Defenestration

    Defenestration Registered Member

    Joined:
    Jul 17, 2004
    Posts:
    1,086
    Hi,

    I wanted to ask the best way of dealing with a problem I'm having with my AOL dialler failing to connect the first two or three attempts. It then connects correctly after that. The reason (I think) for the connection failing is that some UDP packets are being blocked. Most are being sent to AOL. The following lists who owns each IP address range (ie. if it lies in between it belongs to them):

    224.0.0.0 - 239.255.255.255 -> Internet Assigned Numbers Authority
    172.128.0.0 - 172.191.255.255 -> AOL
    205.188.0.0 - 205.188.255.255 -> AOL
    195.0.0.0 - 195.255.255.255 -> RIPE

    I'm guessing it fails the first couple of times because LnS is blocking a UDP packet to AOL, but I don't understand why it would then connect the third/fourth time. Any ideas ?

    What is the best way to set up LnS so it will connect first time ? Please can you give detailed instructions on exactly what needs to be set.

    Attached is the log of the three attempts.

    Thanks for your help.

    PS. I'll be switching to Phant0m's rule set soon because I am paranoid, so I'll probably post again about that if I have any problems. I'll also try to document it to produce a tutorial for using them. However, my knowledge of firewall related stuff is limited so any corrections/suggestions would be welcome.
     

    Attached Files:

  2. gkweb

    gkweb Expert Firewall Tester

    Joined:
    Aug 29, 2003
    Posts:
    1,932
    Location:
    FRANCE, Rouen (76)
    Hello,

    for the first 2 attempts, your computer tries to send UDP packets to 1900 remote port.
    At the third attempt, it changes, and send to 7425 remorte port.

    The 1900 port is related to many things, so I don't know what is your case precisely (gateway discovering, MSN messenger, Messenger service, etc...).

    regards,

    gkweb.
     
  3. Defenestration

    Defenestration Registered Member

    Joined:
    Jul 17, 2004
    Posts:
    1,086
    I'm fed up of AOL not connecting first go, so I thought I'd have a go at creating a rule and need a bit of help. I've noticed that the UDP packets that are being sent to AOL are always sent to an IP address which is same as my IP address apart from the last component which is always 1. eg. if my IP address is "AAA.BBB.CCC.DDD" (where DDD is never 1), then the UDP packet will be sent to "AAA.BBB.CCC.1".

    Is it possible to specify a destination IP address which matches the first three components of my IP address but whose last component is 1 ?

    I hope so, otherwise I have to set a very large range of addresses which is not very secure.

    Also, how do the "Mask" and "Not Mask" options work ?

    Thanks for the help!
     
  4. gkweb

    gkweb Expert Firewall Tester

    Joined:
    Aug 29, 2003
    Posts:
    1,932
    Location:
    FRANCE, Rouen (76)
    Hi,

    why not to allow the remote port on a IP addresses range, for a single protocol ?
    I doubt you can specify A.B.C.1 in a rule, and I don't think the MASK will help you, since for your Internet IP address the MASK will always be 255.255.255.255, so you can't define a network (usually a mask can be used like this 192.168.0.0/255.255.255.0 which defines all IP addresses between 192.168.0.1 to 192.168.0.254).

    regards,

    gkweb.
     
  5. Defenestration

    Defenestration Registered Member

    Joined:
    Jul 17, 2004
    Posts:
    1,086
    Thanks for the reply. Because it doesn't always connect on the same port I'll have to set a range of ports and update it as and when I find a new port.

    Frederic - Maybe you could could add the capability to specify a source/destination IP address based certain components of the PC's IP address, as I require. Even better (and which would allow even greater configurability) would be the ability to base certain components of a source/destination IP address on the destination/source IP address. Any chance of this feature for the next version ?
     
  6. beats_me

    beats_me Registered Member

    Joined:
    Sep 13, 2004
    Posts:
    2
    I have just started trying out LooknStop, and I have experienced the same problem using AOL 9.0 (UK version).

    The "solution" I have found is that if I exit LooknStop by right clicking on the tray icon and selecting 'Quit' immediately after booting up, AOL will connect up immediately on the first attempt.

    I have selected the item "Keep Internet filtering active after the application is left" under "Advanced options" so I am sill protected after closing LooknStop down - righto_O
     
  7. Defenestration

    Defenestration Registered Member

    Joined:
    Jul 17, 2004
    Posts:
    1,086
    As long as you're running Windows 2000 or XP then Internet Filtering should still be active (As I understand it). Not sure if Application Filtering will still be active though.

    Frederic, Any chance of some clarification on exactly what this option does ?
     
Thread Status:
Not open for further replies.