Learning mode with IP+ports?

Discussion in 'LnS English Forum' started by Maniaxx, Jul 1, 2007.

Thread Status:
Not open for further replies.
  1. Maniaxx

    Maniaxx Registered Member

    Joined:
    Jul 1, 2007
    Posts:
    2
    Hi,
    currently the learning mode just asks 'allow application' -> yes/no. That's kinda easy especially for beginners.

    What i'm searching for is something to have more informations and possibilities in the learning mode window. Its crucial to know where the app wants to phone to as well as the ability to add special rules for ips and ports in the learning mode window.

    Is there any plugin availabe that can handle this already? I have installed 'PlugEditRawRule' yet but nothing really changed regarding this.
     
  2. Climenole

    Climenole Look 'n' Stop Expert

    Joined:
    Jun 3, 2005
    Posts:
    1,640
    Hi Maniaxx :)

    No: there is no learning mode with LnS. (Only learning LnS users... ;) )

    This is rules set firewall... This give you the fun to create the rules yourself or ask somebody to do it for you. (free... ;) )

    Creating rules looks uneasy for "newbies" ... but:

    1- For any TCP based program a general rule for this is enough like the one in the Enhanced rules set of LnS... (allow most common internet programs)

    2- For programs using UDP there's no general rules possible so you have to create specific rules. Here it's quite simple. Just check the outgoing UDP packets blocked when you're using the program and built your rules from this...

    a) On the fly way:

    You may start by right clicking on the log line to create a rule "on the fly" and modify the rule later to have a better one...

    b) Specific blocking rules way:

    add a UDP rule to block all outgoing UDP packets:
    this give you which ports are used by the application...
    See rule {X. 9998} and the details...

    c) Sniffer rule way:

    You may also create a special rules to check the behaviour of the program.
    Just create a specific rule with no restrictions in UDP for the program and used it. Then check in the log... The easiest way is to use the raw log option. With this you may import this raw log in a preadsheet and sort it by ports... See the idea?

    If you understand french the is more details there:
    http://climenole.wordpress.com/lns-les-7-etapes-et-le-journal/

    And so on ... Give you the time to learn how to used LnS.

    Keep smile and have fun (with LnS too!)

    :)
     

    Attached Files:

  3. Maniaxx

    Maniaxx Registered Member

    Joined:
    Jul 1, 2007
    Posts:
    2
    Thank you for the explanation. I'll take a deeper look into this.
     
Thread Status:
Not open for further replies.