Configuring the fire wall to allow SocksChain

Discussion in 'LnS English Forum' started by sisi, Jun 19, 2004.

Thread Status:
Not open for further replies.
  1. sisi

    sisi Guest

    In principle SocksChain works as a local proxy server to the applications which access it. It opens a connection on the (local) IP address 127.0.0.1 and uses a user defined port (default is 1081). An attacker who accesses 127:0.0.1:1081 from the outside (internet, intranet,...) is now able to enter the system. Ufasoft is aware of the problem and recommends to block the inbound access by a personal firewall. The firewall must be configured to disallow server rights for SocksChain...........

    is this possible with L&S? Fred?

    sisi
     
  2. Frederic

    Frederic LnS Developer

    Joined:
    Jan 9, 2003
    Posts:
    4,353
    Location:
    France
    Hi,

    I don't understand how it is possible to connect from the outside to 127.0.0.1. I thought it was normally not possible.

    But anyway, if you create a rule to block incoming packets with a dest address set to 127.0.0.1 yes, it should work.
    Or, you can also block specifically all incoming connections on port 1081. If you are using the BlockIncomingConnection rule, this should already block these packets, except if you placed a dedicated rule before that rule to allow some specfic connections.

    Frederic
     
  3. sisi

    sisi Guest

    Thanks for the quick response

    There was a thread a while back....by Matrix2002


    "Hey I remember there was some registry tweak to make looknstop to have spi
    only for incoming connections.
    Can someone please remind me how to do that?
    (I want to use it in order to socksify my browsing using sockschain)
    When I try to use it I get a lot of spi entries in the log and most of the times am not able to browser using sockschain.........."


    Matrix 2002 did you manage to sockify your browsing, i am still having trouble.....

    sisi
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.