LnS - Do I need to tweak the original config?

Discussion in 'LnS English Forum' started by AaLF, Dec 25, 2006.

Thread Status:
Not open for further replies.
  1. AaLF

    AaLF Registered Member

    Joined:
    Feb 20, 2005
    Posts:
    986
    Location:
    Sydney
    I've just installed LnS for a trial.

    I use XP, IE7 and adsl via router.

    Things seem sweet straight out of the box. However are there any tweaks I should consider?
     
  2. farmerlee

    farmerlee Registered Member

    Joined:
    Jul 1, 2006
    Posts:
    2,585
    Well if you feel you need a higher level of protection you can load the enhanced ruleset or download phant0ms ruleset. Theres also a few advanced options such as watch dns calls, watch thread injection and dll detection which will give you more security. You can read about them in the lns help and decide if you want to turn them on or not.
     
  3. Pigitus

    Pigitus Registered Member

    Joined:
    Jun 29, 2004
    Posts:
    97
    Location:
    USA
    You should turn SPI (Stateful Packet Inspection) on. Amazingly, it's not on by default.

    In advanced options, you should also turn on ADVANCED MODE. This will give you more control of the applications filter. Specifically, a new column will show up in that panel with a new type of icons representing the ability of each application to launch other applications. By clicking on that icon for any particular application in that panel, you disable that potentially dangerous function. Few legitimate apps need to launch another app to go to the Internet. Advanced mode will also let you specify UDP and TCP port restrictions.

    I am sure I am forgetting something, but you should get familiar with this kind of software if you want to take advantage of its potential.
     
  4. Climenole

    Climenole Look 'n' Stop Expert

    Joined:
    Jun 3, 2005
    Posts:
    1,640
    Hi tisatashar :)

    1- I suggest you to use the "Enhanced rule set"

    2- You may adapt your rule set for specific needs here:

    http://www.looknstop.com/En/faq_configuration.htm

    3- The rule set fits for most "standard application" using the TCP protocol.
    For some applications such as Voice over Internet, Instant messaging,
    P2P programs you have to create some news rules using a combination
    of TCP/UDP, or UDP only or TCP as a "server" and so on...

    Start with the enhanced rules, check the LNS Documentation and the LNS Faq
    and, for sure, ask your questions here.

    :)
     
Thread Status:
Not open for further replies.