Newbie Questions

Discussion in 'LnS English Forum' started by mrgrieves, Nov 21, 2004.

Thread Status:
Not open for further replies.
  1. mrgrieves

    mrgrieves Registered Member

    Joined:
    Nov 21, 2004
    Posts:
    10
    Hello,

    I have been a user of Kerio Personal Firewall for a while now, but noticed that it scored very badly on firewallleaktester.com. So I decided to give LnS a try. I have a few questions before I commit to a purchase though:

    1. In Kerio I marked something as safe for internal and external access separately. In LnS I just mark an application as OK. Am I right in thinking the internet rules govern server access rather than the application ones?

    2. I imported the edonkey and emule rules and changed my Shareaza port to 27580. Shareaza can now connect to all the networks but I still think Gnutella 1 is being blocked. Is there anything else I should do? The link to the shareaza rules file was not valid.

    3. Windows XP SP2 does not detect it as a firewall. I think a new version is coming out to resolve this. Is "2.05p2" an update? (Does "p2" mean preview - ie beta - release?)

    4. Are Application Layer Gateway, LSA Shell and Generic Host Process safe to access the internet? Kerio also used to ask me about them but I never knew what to answer!

    5. Shield's Up (http://www.grc.com/x/ne.dll?rh1dkyd2) is reporting that I have RPC and MSFT DS ports open. Kerio passed all these tests. Why is this?

    Any help would be very much appreciated.

    Thanks,

    John
     
  2. bloodscourge

    bloodscourge Registered Member

    Joined:
    Jul 3, 2004
    Posts:
    372
    Location:
    France
    Hi,

    Yep, application filering's purpose is to give application rights (acces internet, launch another application to access internet and restrict outgoing connection), whereas internet filtering is mainly aimed at incoming connections.

    2.05p2 version was designed, among other features, to allow security center detection of LNS under Windows XP SP2. Take a look at this topic

    I am interested in answers too! For sure, there are some sites describing this but I am a lazy boy sometime ;)
     
  3. Phant0m

    Phant0m Registered Member

    Joined:
    Jun 7, 2003
    Posts:
    3,684
    Location:
    Canada
    Packet-filtering, filters Inbounds and Outbounds.
    Wouldn’t be much of a firewall if it didn’t… ;)
     
  4. bloodscourge

    bloodscourge Registered Member

    Joined:
    Jul 3, 2004
    Posts:
    372
    Location:
    France
    lol, yeah right ;)

    But in LnS, by design, application filtering rules outbound whereas internet filtering rules mainly inbound (in terms of applications rules).

    PS : thanks for your rule-set ;)
     
    Last edited: Nov 21, 2004
  5. mrgrieves

    mrgrieves Registered Member

    Joined:
    Nov 21, 2004
    Posts:
    10
    Thanks very much for the replies. Does anyone have any ideas about this one:

    Thanks,

    John
     
  6. no13

    no13 Retired Major Resident Nutcase

    Joined:
    Sep 28, 2004
    Posts:
    1,327
    Location:
    Wouldn't YOU like to know?
    If you mean LnS fails while Kerio passes... its probably because there's a rule in LnS to "allow" these ports to communicate (check with port no.s) and Kerio has a rule that blocks them. It maybe in the form of a definite rule that identifies port numbers, or a general rule like "Block all" at the bottom of your ruleset. Also, you fail to mention version nos. (especially for kerio... is it v2 or v4?)
     
  7. Phant0m

    Phant0m Registered Member

    Joined:
    Jun 7, 2003
    Posts:
    3,684
    Location:
    Canada
    Have you loaded the EnhancedRulesSet.rls? or you still using StandardRulesSet.rls? If you are still using StandardRulesSet.rls, goto "Internet Filtering" screen, click the "Load..." button and select EnhancedRulesSet.rls file and click "Open" button.

     
  8. mrgrieves

    mrgrieves Registered Member

    Joined:
    Nov 21, 2004
    Posts:
    10
    Yeah I have loaded the advanced set. I've also imported in a few other rules such as edonkey and FTP so I may have messed something up. I don't really know what these ports are or if they are dangerous.

    I was using the latest version of Kerio (4.something)
     
Thread Status:
Not open for further replies.