LooknStop_Info_Fetcher_v1.1.exe *Updated*

Discussion in 'LnS English Forum' started by Phant0m, Sep 20, 2004.

Thread Status:
Not open for further replies.
  1. Phant0m

    Phant0m Registered Member

    Joined:
    Jun 7, 2003
    Posts:
    3,684
    Location:
    Canada
    LooknStop_Info_Fetcher_v1.1.exe *Updated*

    : This little utility is for those who experience Application filtering anomaly which renders Application Filtering useless, and who’d like to participate to aid the way for a patch that works under all conditions.

    Technical Details:
    - Creates three .reg files (LnS-Info_0.reg, LnS-Info_1.reg, LnS-Info_2.reg)
    - If Bootlog is present it saves for later restore
    - Bootlog Flag gets temporary activated
    - Inserts itself temporary into Windows “RunOnce” Group
    After Windows gets manually re-booted
    - Newly created Bootlog gets placed in LooknStop_Info_Fetcher location
    - Your old Bootlog becomes restored
    - SendMail window gets called

    Default distribution: http://142.177.170.23/LooknStop_Info_Fetcher_v1.1.exe 16.3KB
    Zip distribution: http://142.177.170.23/LooknStop_Info_Fetcher_v1.1.zip 7.69KB

    In addition:

    LooknStop_GUI-Exit.exe *New*

    : This little utility demonstrates how easily the Look ‘n’ Stop GUI can be exited, rendering ones security useless.

    Default distribution: http://142.177.170.23/LooknStop_GUI-Exit.exe 6.83KB
    Zip distribution: http://142.177.170.23/LooknStop_GUI-Exit.zip 3.35KB
     
    Last edited: Sep 21, 2004
  2. FluxGFX

    FluxGFX Registered Member

    Joined:
    Jan 23, 2003
    Posts:
    667
    Location:
    Ottawa/Canada
    I like the concept of the GUI-EXIT.... goes to show that simple methods can be used to have the program quit, add, modify anything within LNS.

    - Among others if anyone care to take a look closer this should prove to be quite interesting :)

    HIGH FIVE for Phant0m :) God I love the kid ! lol
     
  3. rerun2

    rerun2 Registered Member

    Joined:
    Aug 27, 2003
    Posts:
    338
    Hi Phant0m,

    Does this utility effect a password protected LnS as well?

    I assume it will not work if LnS is protected with a program like PG though.

    I do agree this is interesting, but it is not anything new. I imagine there are MANY "vulnerabilities" to be found in the GUI of MANY security programs.
     
  4. Phant0m

    Phant0m Registered Member

    Joined:
    Jun 7, 2003
    Posts:
    3,684
    Location:
    Canada
    Hey Rerun

    - Actually user’s who using Password Protection aren’t affected by this method however with little bit of additional code that can easily change.

    - I don’t believe PG does because of the style used, however I could be wrong. I’ll wait to see if any PG user’s has to say on the matter.

    - Of course it’s nothing new; the concept is what’s important though.
     
  5. rerun2

    rerun2 Registered Member

    Joined:
    Aug 27, 2003
    Posts:
    338
    Thank you for the replys Phant0m and your hard work :)

    Couldn't agree with you more.
     
  6. Phant0m

    Phant0m Registered Member

    Joined:
    Jun 7, 2003
    Posts:
    3,684
    Location:
    Canada
    Thanks, but don’t give me too much credit.
    This was birds feet, :p
     
  7. gkweb

    gkweb Expert Firewall Tester

    Joined:
    Aug 29, 2003
    Posts:
    1,932
    Location:
    FRANCE, Rouen (76)
    Hi,

    Process Guard protects against any termination, even the simple Close Message Handling.

    PG v3 is currently in BETA, and fully protect Look'n'Stop.

    Finally, I would say that it is I think important to say that this kind of termination works on almost every software, that's why PG was created, to "Guard" them.
    It is important also to say that even Look'n'Stop closed, the internet filtering is still alive if the options has been selected.

    regards,

    gkweb.
     
  8. Phant0m

    Phant0m Registered Member

    Joined:
    Jun 7, 2003
    Posts:
    3,684
    Location:
    Canada
    Thanks gkweb for confirming PG v3b prevents GUI-Exit demonstration from exiting Look ‘n’ Stop, however what would you recommend for those who can’t afford PG? Do you think securing security apps like Firewalls from being exited through malicious means should be dealt by additional software or by the author of that particular software or both?

    You are right; I was actually waiting for someone to mention that, Look ‘n’ Stop does offer "Keep Internet filtering active after the application is left." and highly advised to use that feature. However there is still the fact with Application filtering being rendered useless upon GUI exited, any thoughts on this?
     
  9. gkweb

    gkweb Expert Firewall Tester

    Joined:
    Aug 29, 2003
    Posts:
    1,932
    Location:
    FRANCE, Rouen (76)
    Hi,

    without PG, any software can indeed be terminated like this.
    About Look'n'Stop, the application filtering would indeed be disabled, and I would so suggest as a feature request the possibility to keep it enabled as for the internet filtering, I think it should be possible.
    The software's dev could indeed protect their app themselves, but the only way to do it properly is with human popup verification like for PG.

    But anyway, PG is not very expensive and worth your money IMHO.

    regards,

    gkweb.
     
  10. Phant0m

    Phant0m Registered Member

    Joined:
    Jun 7, 2003
    Posts:
    3,684
    Location:
    Canada
    I agree, Thanks gkweb
     
  11. FluxGFX

    FluxGFX Registered Member

    Joined:
    Jan 23, 2003
    Posts:
    667
    Location:
    Ottawa/Canada
    Could to program LNS call it self to terminate? Surely that would not be prevent by PG....
     
  12. Phant0m

    Phant0m Registered Member

    Joined:
    Jun 7, 2003
    Posts:
    3,684
    Location:
    Canada
    Most likely have to manipulate Look ‘n’ Stop memory area.
     
  13. gkweb

    gkweb Expert Firewall Tester

    Joined:
    Aug 29, 2003
    Posts:
    1,932
    Location:
    FRANCE, Rouen (76)
    Hi,

    for any question about PG you can have, ask DiamondCS on their official forum here at wilder.

    If a program wants to close, then that's fine, why to look at a way to deny it to ?
    The whole problem is an external unwanted closing done by various viruses which kill firewalls & AV.
    PG prevents any process memory manipulation, but you would be better to read their documentation to know more about it.

    regards,

    gkweb.
     
  14. Phant0m

    Phant0m Registered Member

    Joined:
    Jun 7, 2003
    Posts:
    3,684
    Location:
    Canada
    No need for that I know PG is unique and does what it supposed to.
    And regardless how little amount of money PG costs, some merely can’t afford it and I know because I’m speaking first hand.
     
  15. Velnias

    Velnias Registered Member

    Joined:
    Jul 14, 2004
    Posts:
    32
  16. FluxGFX

    FluxGFX Registered Member

    Joined:
    Jan 23, 2003
    Posts:
    667
    Location:
    Ottawa/Canada
    Hey were's my password thread.... sniffles...
     
  17. Phant0m

    Phant0m Registered Member

    Joined:
    Jun 7, 2003
    Posts:
    3,684
    Location:
    Canada
    Frederic and JF decided to delete it...
     
  18. jag1967

    jag1967 Registered Member

    Joined:
    Sep 17, 2003
    Posts:
    68
    For those who can't afford PG, why not get the free version which protects just one process - and set this as your firewall?
    I assume, the free version has the same protection functionality as the paid for one.
    Or as many say, PG is one bit of s/w worth saving up for. (Sorry if this is going OT...)

    jag
     
Thread Status:
Not open for further replies.