LnS - Do I need to tweak the original config?

I've just installed LnS for a trial.

I use XP, IE7 and adsl via router.

Things seem sweet straight out of the box. However are there any tweaks I should consider?

 

Well if you feel you need a higher level of protection you can load the enhanced ruleset or download phant0ms ruleset. Theres also a few advanced options such as watch dns calls, watch thread injection and dll detection which will give you more security. You can read about them in the lns help and decide if you want to turn them on or not.

 

You should turn SPI (Stateful Packet Inspection) on. Amazingly, it's not on by default.

In advanced options, you should also turn on ADVANCED MODE. This will give you more control of the applications filter. Specifically, a new column will show up in that panel with a new type of icons representing the ability of each application to launch other applications. By clicking on that icon for any particular application in that panel, you disable that potentially dangerous function. Few legitimate apps need to launch another app to go to the Internet. Advanced mode will also let you specify UDP and TCP port restrictions.

I am sure I am forgetting something, but you should get familiar with this kind of software if you want to take advantage of its potential.

 

Hi tisatashar

1- I suggest you to use the "Enhanced rule set"

2- You may adapt your rule set for specific needs here:

http://www.looknstop.com/En/faq_configuration.htm

3- The rule set fits for most "standard application" using the TCP protocol.
For some applications such as Voice over Internet, Instant messaging,
P2P programs you have to create some news rules using a combination
of TCP/UDP, or UDP only or TCP as a "server" and so on...

Start with the enhanced rules, check the LNS Documentation and the LNS Faq
and, for sure, ask your questions here.