looking for old version (2.06) and SPI questions

Discussion in 'LnS English Forum' started by RootAccess, Jun 12, 2011.

Thread Status:
Not open for further replies.
  1. RootAccess

    RootAccess Registered Member

    Joined:
    Jul 20, 2007
    Posts:
    64
    From what I know, Stateful Packet Inspection (SPI) is merely a way to maintain a constant connection. It prevents incoming packets from being spoofed and allows FTP connections. Is it also used to maintain torrent connections?

    From a security standpoint, I don't think it is worth the risk since SPI allows you to bypass your firewall rules. Furthermore, according to Wikipedia, you're web browser can be forced to solicit outside connections just by viewing malicious websites. Is Wikipedia correct in this allegation?

    It would be much appreciated if I could some how get a hold of Look N Stop version 2.06 and its md5 check sum.

    Thanks!
     
  2. Phant0m

    Phant0m Registered Member

    Joined:
    Jun 7, 2003
    Posts:
    3,684
    Location:
    Canada
    Automatic tracking and allowing of FTP connections via SPI would be possible with Look ’n’ Stop .. if it had ‘full application-layer awareness’.

    When Look ‘n’ Stop TCP SPF is enabled, all TCP connections are maintained, creating rules for connectionless protocols visit http://looknstop.soft4ever.com/Beta/2.06p2/Plugins/SPF-Info.HTM

    Way Look ‘n’ Stop does TCP SPF, it works after the Internet Filtering layer, meaning the rules in the ruleset is first considered.

    ... I wouldn’t recommend using any security system version that isn’t the latest. ;)
     
  3. InDICa

    InDICa Registered Member

    Joined:
    Apr 16, 2008
    Posts:
    11
    Hello, RootAccess

    Look N Stop 2.06

    ("RootAccess Quote) Does anyone have a version of this popular firewall? I am using Windows but for some reason it doesn't work with the new version 2.07. It won't allow me to update from Microsoft. Has anyone kept an old copy to try out? I got no response from the official forums so I'm asking here. I would like to use Look N Stop very much. Thank you!

    Here try this it did work for me(the download) v2.06


    https://www.wilderssecurity.com/showthread.php?t=175766

    Good luck!
     
  4. Phant0m

    Phant0m Registered Member

    Joined:
    Jun 7, 2003
    Posts:
    3,684
    Location:
    Canada
    To me, this sounds like a configuration problem, that should be treated as such before considering downgrading your security system.
     
  5. RootAccess

    RootAccess Registered Member

    Joined:
    Jul 20, 2007
    Posts:
    64
    InDica,

    Thanks for your consideration. I didn't know someone would show me that thread. But, I actually scanned this forum for all threads before making mine. If you download that file from that link you will get version 2.07. And, yes, I have already downloaded from that thread two times before giving up. Rest assured though, I was able to find the version 2.06 and yes it was legit too.
     
    Last edited: Aug 1, 2011
  6. RootAccess

    RootAccess Registered Member

    Joined:
    Jul 20, 2007
    Posts:
    64
    Phant0m,

    I'm not the firewall expert here but if there was no downside to SPI in Look N Stop, why is it not enabled in its default configuration?

    And the link you provided talked about spF, not spI...or are you implying spF == spI?

    I guess I have to pick your brains a little bit more.
     
  7. Phant0m

    Phant0m Registered Member

    Joined:
    Jun 7, 2003
    Posts:
    3,684
    Location:
    Canada
    * Because it isn’t enabled by default doesn’t mean that the feature has a downside, look at the other protections in Look ‘n’ Stop that has to be manually enabled. However there was annoying problems with TCP SPI implementation for a little while, just for instance, .. with the very small limit that was set by default that caused all subsequent connections to fail until the connecting and connected table entries eases up a little. And if you are on a fast connection and make many connections, you could still reach the increased default limit of simultaneous connections causing subsequent connections being blocked, so this is likely why it is disabled by default. You tweak the limit for your connection type (if any tweaking needed for your needs), and you’d have it made.

    The link was for pseudo-stateful mechanism usage, for the connectionless IP protocols like UDP, ICMP. Look ‘n’ Stop TCP SPI is the actual stateful mechanism (separate from the pseudo-stateful mechanism that I had giving the link to).


    When we refer to Look ‘n’ Stop SPI implementation, we are referring to non-application level awareness, as Stateful Packet Inspection (SPI) originally coined by Check Point includes application level awareness in the SPI terminology.
     
Thread Status:
Not open for further replies.