Failing Shields Up

Discussion in 'LnS English Forum' started by DanL, Jan 2, 2005.

Thread Status:
Not open for further replies.
  1. DanL

    DanL Registered Member

    Joined:
    Nov 25, 2004
    Posts:
    159
    With my router in place I have no trouble passing the shields up tests at Gibson Research.
    If I take the router out of the loop and go with just LookNStop both computers fail.

    I'm running ver.2.05p2. Licensed on my main desktop and a trial on my notebook. Both with enhanced rules.

    I tried the notebook earlier this evening and the results were:

    Respond to ping...........Fail
    Unsolicited packets.......Passed
    Solicited packets..........Fail

    On the test all ports test all ports responded as closed with the exception of 135, 136, 137, 138, 139 and 445 which
    were stealth.

    How do I correct this?

    Before I tried LookNStop I was using Norton NIS and could pass the test without the router in place.
    However I am on a mission to declare my residence a
    Norton free environment.

    I hear good reports on LookNStop and would like to get it correctly configured.

    Dan
     
  2. Frederic

    Frederic LnS Developer

    Joined:
    Jan 9, 2003
    Posts:
    4,354
    Location:
    France
    Hi,

    Normally, all the ruleset are supposed to block the ping, so this is strange.

    Are you sure the network adapter is correctly selected in the options ?
    To check that, you verify if your IP address is correctly displayed in the Welcome Page and if the "Connected To Internet" box is checked. If not, then try another network interface (don't forget to press the Apply button after the change).

    Frederic
     
  3. DanL

    DanL Registered Member

    Joined:
    Nov 25, 2004
    Posts:
    159
    Hi Frederic,

    I double checked and the network adapter appears to be set correctly and the connected box is checked.
    Besides the ping test, should the ports show stealth or does LookNSoft just block without stealth?

    I'm thinking about doing an un-install/re-install to get a fresh start with this.

    Dan
     
  4. Frederic

    Frederic LnS Developer

    Joined:
    Jan 9, 2003
    Posts:
    4,354
    Location:
    France
    Hi,

    Yes, all the ports should be stealth.

    Except if you have absolutely nothing in the Look 'n' Stop log you can try to uninstal + reboot + reinstall, otherwise it is probably working correctly and there is another issue somewhere.

    If you are not using it yet, you should try the enhanced ruleset.

    Frederic
     
  5. DanL

    DanL Registered Member

    Joined:
    Nov 25, 2004
    Posts:
    159
    After checking the network adapter setup I noticed something odd.
    On my main computer, when I go to the LookNStop options page there are 2 options for network adapter:

    Intel(R) Pro/100 VE Network Con, which is the correct adapter, the box is checked for that one.

    Also, WAN Miniport(IP)-Look 'N' St
    This one is not listed in my control panel.
    Even though I have the ckeck in the Intel box, the "Look 'N' St" stays with the other selection.

    I tried checking the "automatic" box but no change.

    Same issue on my Laptop, except there are 3 options because of the wireless, but the "Look 'N' St" is once again on the
    WAN Miniport(IP).

    Any thoughts?

    Dan

    P.S. Yes, I'm using advanced ruleset.
     
  6. DanL

    DanL Registered Member

    Joined:
    Nov 25, 2004
    Posts:
    159
    Well, I just did an uninstall/re-install and nothing has changed.
    If I disable the router firewall, LookNStop fails the Shields Up test.
    Re-enable the router, everything passes stealth.

    I'm at a loss here..........any ideas?

    Dan
     
  7. Phant0m

    Phant0m Registered Member

    Joined:
    Jun 7, 2003
    Posts:
    3,684
    Location:
    Canada
    Yes make sure EnhancedRulesSet.rls is used, if you made any modifications apply a refreshed EnhancedRulesSet.rls. Make sure you set the protected machine on DMZ, and make sure you aren’t doing Online scans behind a proxy server.

    As for the NIC, I have the very thing on this machine and it works correctly with Look ‘n’ Stop, and what you seeing there are Look ‘n’ Stop emulated interfaces. All normal there….
     
  8. JerryM

    JerryM Registered Member

    Joined:
    Aug 31, 2003
    Posts:
    4,221
    Today I installed a trial version on LnS on my old machine to see how it would be.
    The GRC shields up test showed port 113, and 1024 - 1055 as closed. None were open.
    I went to the site where there are FAQ, and although it addressed the problem, I don't have a clue as to what they are talking about.
    I don't know what a "Ethernet Address" means, and don't see any reference to it in my LnS.
    One instruction was to "The 113 or 5000 ports are open according to an online scan.
    Import the "TCP : Block incoming connections" from this file:
    http://looknstop.soft4ever.com/Rules/BlockIncomingTCPConnection.rie

    For an enhanced security, we recommand you to load the EnhancedRulesSet.rls ruleset from the Internet Filtering page.

    I am using the free trial version 2.05 and my OS is W 98. I could notg determine what to do when I went ot the above reverenced page.
    Maybe the free version does not have some of the things they are talking about. I have not found anything about "Enhanced Rules" but it has "Standard Rulesset, with not option.

    There is also a ding noise when something is happening. I don't know what it means or how to shut it off.

    Any help available?

    Jerry
     
  9. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    Are you physically removing the router from the equation or just changing it's configuration/options? If you are not connecting the system with LnS directly to the Internet, any scans will be dealt with by the router, not LnS.

    Regards,

    CrazyM
     
  10. Lowryder

    Lowryder Guest

    Hi Jerry,


    If you want the EnhancedRulesSet.rls ruleset go to the internet filtering box and find the box that says Load click on it,then you should be in the Look"n"Stop Folder,if not browse for it in programs files,it called Soft4Ever,by by default it should be right there when you click on load,highlight it now load it.

    To shut the sound off go to options panel and find sound box,uncheck it.
     
  11. DanL

    DanL Registered Member

    Joined:
    Nov 25, 2004
    Posts:
    159
    CrazyM,

    Yes, I did disconnect the router and go direct. I actually did it both ways and you are correct,
    the router has to be physically disconnected.
    I eventually got my desktop to pass shields up but the laptop was a different story.
    LookNStop was causing other problems on my laptop so I just did a permanent un-install.
    I believe the problems were network related, and from some of the posts I've read LookNStop can be difficult
    to configure in a network.
    The laptop and wireless router were just purchased in the past month and everything was up to date.

    Dan
     
  12. JerryM

    JerryM Registered Member

    Joined:
    Aug 31, 2003
    Posts:
    4,221
    Lowryder,

    Many thanks, I was able to do it with your directions. I am still considering the OP Pro Christmas offer of free upgrades. I don't have much time so will have to make up my mind fast.

    I wish I had time to compare LnS and OP on my machine.

    Jerry
     
  13. JerryM

    JerryM Registered Member

    Joined:
    Aug 31, 2003
    Posts:
    4,221
    I just ran the tests at Gibson's and all ports were stealth, and the leak test passed.
    Great, and thanks for the help.

    Jerry
     
  14. Lowryder

    Lowryder Guest

    Hello Jerry,


    Glad it worked for you LnS, is the best firewall I have came across and I have tried many over the past years,and OP Pro,is one I would stay away from,I think its all hype from PC F_ _ _K, secutity site.LnS has a much better interface,it a better firewall just over all,sure OP Pro users will tell you different.But give LnS a try,it worth every cent.



    Good luck on whatever you decide to buy.
     
Thread Status:
Not open for further replies.