How secure is LNS?

Discussion in 'LnS English Forum' started by primesuspect, Jan 9, 2008.

Thread Status:
Not open for further replies.
  1. primesuspect

    primesuspect Registered Member

    Joined:
    Dec 31, 2007
    Posts:
    8
    Hey,

    I have been looking into getting a copy of LNS, and installing Phant0m's v8 Ruleset. But I was wondering, from current LNS users, what you think of the security level of LNS?

    I like how it is very light an un-obtrusive, but I've never used a rule based FW before. So I don't really know about the security level of it. I was reading some FW comparisons at Matousec, but in looking at the high ranking FW's (most of them anyways) they have so many features beyond just a FW, such as a HIPS, that I don't really find it that fair of a comparitive. I don't need a HIPS built in, I will be getting DefenseWall for that... Coincidentally, DefenseWall is a rule based HIPs, if I have understood it correctly. I just need to find/learn how to configure DW secure though.

    So... What has been able to sneak past your copy of LNS?

    Thanks!
     
  2. primesuspect

    primesuspect Registered Member

    Joined:
    Dec 31, 2007
    Posts:
    8
    Umm.... Anyone?
     
  3. the_sly_dog

    the_sly_dog Registered Member

    Joined:
    Feb 28, 2006
    Posts:
    297
    Location:
    The Heart Of London
    Hello

    Looknstop is very robust Firewall and runs ultra light ,

    its as secure as you want to make it ??

    just use the EnhancedRulesSet and you should be more than fine :thumb: :thumb: :thumb:

    phantom ruleset is from what i heard very very good so you should be very good with that

    i dont go for all the stuff on leaktests, looknstop has never let me down
     
  4. swami

    swami Registered Member

    Joined:
    Mar 24, 2006
    Posts:
    167
    Could've been my words.
    To my mind leaktests are just marketing jibberish. Nothing ever passed one of the greatest "walls".
     
  5. primesuspect

    primesuspect Registered Member

    Joined:
    Dec 31, 2007
    Posts:
    8
    I understand it is as secure as you wan't to make it... But thats the problem. I don't have the slightest clue on how to configure firewall rules. So I was hoping for, though not requested clearly, some opinions on the available rules sets like the Enhanced and Phant0m's custom rule set. Because I wouldn't be able to configure my own.

    Yes, thats what I was saying (though not very clearly in my first post) that leak tests seem overrated. Especially since the high ranking ones have so many features beyond what I would classify as a firewall.
     
  6. the_sly_dog

    the_sly_dog Registered Member

    Joined:
    Feb 28, 2006
    Posts:
    297
    Location:
    The Heart Of London
    Hello Buddy

    eg: Lets say you use the Enhanced ruleset I can 100% say you will be more than fine, with its protecion its top notch :thumb: :thumb:

    And if there is something that you dont understand our your want to tweak your ruleset or add to the Enhanced ruleset then post here what you dont understand and im 10000% you will get 1st class help and advice, stick with the Enhanced ruleset for awhile and im sure it will be more than ok for your needs :thumb: :thumb: :thumb: :thumb: :thumb: :thumb:

    You picked a very good rulebased firewall :D :D :D

    Is looknstop leaky - No i dont think so leaktest prove nothing in my mind and they are pants,

    Looknstop does what it says on the tin " so to speak " lol its secure as any other firewall
     
  7. cdr

    cdr Registered Member

    Joined:
    Jan 26, 2006
    Posts:
    143
    Location:
    Chapel Hill, NC USA
    :) I absolutely agree with Swami and Sly Dog! I have been using Look 'n' Stop for a very long time, first with the enhanced ruleset and then with Phant0m's ruleset, and nothing has ever gotten past these. I, also, know nothing about configuring rules, and I really don't care to! ;) I would certainly trust the effectiveness of either the enhanced ruleset or Phant0m's--whichever you feel you want to use with this super-light and excellent firewall. :D
     
  8. Fedorov999

    Fedorov999 Registered Member

    Joined:
    Sep 13, 2002
    Posts:
    182
    Have we got many Vista users running Look 'n' Stop - is it running very stable. While I'm an "advanced" user and quite happy creating rules as they popup in Kaspersky Internet Security, how much harder is it with LnS?

    I see the post above saying he "knows nothing about creating rules" - I know that when I put Kaspersky into Training mode for iTunes for example that I have to configure rules for not just iTunes.exe, but for the Bonjour service and 1 or 2 more.

    I also use QTracker (similar to All-Seeing-Eye) for watching Call of Duty 4 game servers, this uses hundereds of ports. Call of Duty 4 requires various connections, as does PunkBuster - I normally have PunkBuster and Call of Duty 4 in the "Trusted Zone" in Kaspersky so that their traffic is not logged or scanned to ensure maximum response times when gaming etc...

    I'm becoming quite tempted to move away from Kaspersky after all these years, it was the only good choice of Firewall/Antivirus when Vista first came out and I've used it for 5+years under XP etc...

    LnS and NOD32 appear to be a good choice for a much faster/lighter system.... appreciate any feedback.

    Fedorov.
     
  9. the_sly_dog

    the_sly_dog Registered Member

    Joined:
    Feb 28, 2006
    Posts:
    297
    Location:
    The Heart Of London
    Fedorov999 Looknstop is very simple to run and manage, i have vista ultimate edition no problems running it here :D :D :D

    support for looknstop is 1st class, It runs light as a feather
    All i can say is give "looknstop a whirl round the block " Im very sure u will like it And it fits your Criteria

    PS:Regards to antivirus i would couple it with antivir but thats my 2cents worth....

    Let me know if you try it :thumb: :thumb: :thumb: :thumb:
     
  10. fallsoffmotorcycle

    fallsoffmotorcycle Registered Member

    Joined:
    Jan 7, 2007
    Posts:
    23
    Hello
    I am an intermediate pc user [about 10 years_no programming or esoteric knowledge__just always learning and appying]. I am VERY impressed with LnS after a few months of ''well, when is it going to start bugging meo_O?''
    Strangely enough, it never did bug me. I really like that.

    I am inexperienced with rule sets and am looking for input as to where I can score something simple and painless.

    I could not DL the NOD32 trial last week__endless loop of responding to the emai and not getting the DL. I like NOD, but this is not the month to be buying anything; so I will be patient with them and tolerant of myself.

    As an aside, AVG 7.5 trial locked up a dll this morning and drained over 350 MB in a heartbeat. Nice! Now it is gone permanently and I wil return to NOD asap.
    I have always used www.grc.com for security details and firewall testing as I trust Steve Gibson. I have never had a bit of hype or BS from those people and I reccomend Steve to anyone who can navigate the site. As a result I have no open sockets and a better level of XP security.

    I fee exactly the same about www.wilderssecurity.com. It is an excellent tool in acheiving far better security than Willy Gates ever intended us to have.

    Please respond someone as to a rule set improvement for LnS.

    Thanks all. Wilders has made the biggest improvement to my peace of mind and ease of life since Bill Wilson.
    falsoffmotorcycle
    Dell Latitude C610, 768 MB, 60G Hitachi TravelStar, lotsa Blood tears and sweat, XP pro SP2 full tilt
     
  11. Frederic

    Frederic LnS Developer

    Joined:
    Jan 9, 2003
    Posts:
    4,354
    Location:
    France
    Hi fallsoffmotorcycle,

    Thanks for your post.

    As for ruleset improvements for Look 'n' Stop, there are 2:
    - the Phant0m ruleset
    - the Climenole ruleset

    I've no direct link, but browsing the forum you could find them.
    Note that these rulesets need to be configured, some minimal knowledge is required to edit some rules.

    Besides complete rulesets, to improve Look 'n' Stop you can also:
    - enable the TCP SPI in the advanced options
    - enable the DLL & Protocol detections in the advanced options
    - try the 2.06p2 and import the new SPF rules, the post is here

    Regards,

    Frederic
     
  12. cdr

    cdr Registered Member

    Joined:
    Jan 26, 2006
    Posts:
    143
    Location:
    Chapel Hill, NC USA
    Frederic,
    :) When I look under "advanced options," I don't see where or how to "enable the TCP SPI." Can you help me find how to enable this?
    Thanks!:D
     
  13. cdr

    cdr Registered Member

    Joined:
    Jan 26, 2006
    Posts:
    143
    Location:
    Chapel Hill, NC USA
    I think I found it! Perhaps it says, "Enable Stateful Packet Filtering?" If so, I enabled it.
    Thanks!;)
     
  14. Frederic

    Frederic LnS Developer

    Joined:
    Jan 9, 2003
    Posts:
    4,354
    Location:
    France
    Hi cdr,

    This option is now labeled "Enable the Stateful Packet Filtering".
    This is to be more generic, as it includes now the TCP SPI and the new SPF rules (if any).

    Regards,

    Frederic
     
  15. mantra

    mantra Registered Member

    Joined:
    Jan 25, 2005
    Posts:
    5,158
    you know what i miss about look and stop (i agree with you look and stop is really a great software) is that i can allow or deny!
    in outpost i can see what a program try to do , so i can make easy rules
    in look and stop there is not such feature
     
  16. Frederic

    Frederic LnS Developer

    Joined:
    Jan 9, 2003
    Posts:
    4,354
    Location:
    France
    What you can do is selecting the !! attribute in application filtering for the application you would like to monitor (just click two times on the ! column for the application).
    Then in the log you will see the ports and IP address the application is using.

    Frederic
     
  17. mantra

    mantra Registered Member

    Joined:
    Jan 25, 2005
    Posts:
    5,158
    thanks Frederic
    but after i have to use the log to make a specific rule
    it's more easy with a pop window , that let me to allow ,dany or make a rule about the imminent action of the program , is for this reason that outpost and comodo are popular because are more easy

    but again look and stop is really impressive !
     
  18. Frederic

    Frederic LnS Developer

    Joined:
    Jan 9, 2003
    Posts:
    4,354
    Location:
    France
    Yes, I understand.

    For most of standard applications you don't need to create rules, you just have to allow/block the application through a simple popup, and this is also considered easier by people who are not familiar with ports.
    Problems come when some applications (like P2P) are using ports which are not compatible with default rulesets, this requires specific rules, and I agree it is not simple to configure, especially when importing rules available from our web site are not sufficient.

    Frederic
     
Thread Status:
Not open for further replies.