p2p/filesharing and outpost...

hello,

I have always been adamant that I would never put any filesharing software on my computer but recently I am realy tempted to get Limewire. I use outpost firewall and so was wondering a few things:

a) what configurations must I put in place to ensure I do not get hacked or is there an automatic ruleset?
b) is it inevitable that I will be hacked due to the weaknesses inherant in p2p filesharing?
c) is Limewire any better or worse than the rest in terms of security?

So in sum, is it reasonably safe or should I make it a big NO on my computer?

thanks very much,

IB.

 

In the past, I have used Outpost and Limewire together and they worked just fine. Here's the ruleset I used, found somewhere in the Outpost forums:

Rule #1: TCP, Outbound, Remote Port 80, Allow
Rule #2: TCP, Outbound, Remote Port 443, Allow
Rule #3: TCP, Outbound, Remote Port 6346-6349, Allow
Rule #4: TCP, Inbound, LOCAL Port 6346, Allow (share your files) or Deny (do not share your files)
Rule #5: TCP, Outbound, Deny
Rule #6: TCP, Inbound, Deny
Rule #7: UDP, Deny

I would suggest having a good antivirus or antitrojan or both installed to scan your downloaded files to make sure you don't accidentally execute a virus or trojan. Using the free versions of Ewido or A2 (www.ewido.com, http://www.emsisoft.com/en/) can help identify malware posing as legit files.

The good thing about Limewire is that it does not bundle spyware and other junk in the installation. Other than that it is prone to the same pitfalls as many p2p apps. I rarely use p2p, but when I do, I scan all downloads before execution and when I'm done downloading I make sure I do not leave the app running in the background.
I'm sure others take more precautions by keeping a blacklist of known, bad hosts. The Blockpost plugin can accomplish this. Hope this helps.

 

Thanks for the reply. I have just implemented the ruleset but everytime i go to start limewire i am told that it cannot start due to a firewall not letting it or not allowing loopback. The trouble is that I am allowing loopback and have set up your rules, so why am i getting this message?

Also, i already use nod32 and ewido anti-trojan suite.

thanks again,

IB.

 

Also, just noticed that everytime limewire tries to connect, network activity shows that rule 5 is preventing it...weird.


Please Help


IB.

 

Outpost's rules are read in sequential order so as long as you created them in the correct order, Limewire should have all it needs to communitcate.
I am not using Outpost at the moment, so I'm downloading the trial version along with the latest Limewire so I can try to duplicate this in VMWare. I'll post back.

 

thank you so much, i really appreciate it.

IB.

 

Iorek,
In my VM setup, I experienced the same loopback issue you described, so I added a rule allowing the loopback and placed it just before the block rules. After that, Limewire was able to connect just fine. Below is a pic of the ruleset that worked for me. The allow rules absolutely must come before the block rules. Let me know if this works for you.

 

woohoo!! Yep, its working just fine now, thank you so much for your time and patience! Ill report back if I have any other issues for the benefit of others trying to configure Limewire.

again, thanks you!

IB.

 

No problem, glad to hear it works!