Ports & IP address selection ?

Discussion in 'LnS English Forum' started by Fad, Feb 26, 2009.

Thread Status:
Not open for further replies.
  1. Fad

    Fad Registered Member

    Joined:
    Feb 25, 2009
    Posts:
    378
    Location:
    England
    I can see when in Advanced Mode I am able to specify Ports & IP address for both TCP & UDP in each application in the list.

    Could someone please give an example of when these options might be used.

    Do they override any separate rules that might have been made, or can they be used at the same time ?

    What is the purpose of the extra options ?

    The help guide doesn`t specify when these could or should be used, just that they can.

    Thanks :doubt:
     
  2. Climenole

    Climenole Look 'n' Stop Expert

    Joined:
    Jun 3, 2005
    Posts:
    1,640
    Hi Fad :)


    These applications rules or restrictions based on IP addresses and ports (remote) may be used with the other level of filtering: the Internet Filtering.

    These extra options allow you to keep some application to a certain range of port or disallow the application to access some remote ports or IP address.

    An example of this may be some random access to a large range of remote ports with applications like eMule or Skype... Be advised of some drawback:

    1- When an application is blocked that way there is no pop-up warning msg to advise you: the only warning comes from the log IF you put the "!" symbol on the corresponding line in the application filtering

    2- Some application may have a weird behaviour with this kind of blocking...

    Most of the time this feature is almost useless since if you don't trust an application and want to keep it so restricted, the best is to remove it from your system IMHO...

    3- If you put too much restriction at the level of Application Filtering this can't be a compensation for an incorrect rules set and give you a lot of headaches since it becomes fastly unmanageable...

    To keep a long story short, these features are for mainly for debugging process or learning which ports are in use by blocking some and watch the result... AS well as the !! symbol to log the application itself blocked or not...

    4- Most of the time, say 99,9% of the time, the default filtering at this level is sufficient:

    The RUN programs are allowed to launch other programs to connect to Internet such as Windows Explorer, the EXE programs are allowed to connect to Internet "directly" (at this level: there is also the Internet filtering too...)such as a web browser.

    Hope this help. Let us know.
    :)

    EDIT: as you see Windows Intaller is not authorised here to directly connect to Internet. BUT, in some case, you must allow it... If an installation with Windows installer failed the best is to check in the log to see if a direct connection was blocked...

    Another example: Notepad++ is not allowed to connect to Internet directly but allow other applications to do so such as GUP a program to update Notepad++ and, as an example, Firefox since hyperlinks in a text in Notepad++ are "clickables"...

    Remember: when you enter a list authorised ports, in the same time you limit the access to these ports only...

    And now, I let you makes your own experiments! ;)
     

    Attached Files:

    Last edited: Feb 26, 2009
  3. Fad

    Fad Registered Member

    Joined:
    Feb 25, 2009
    Posts:
    378
    Location:
    England
    Thankyou Climenole for such a clear & detailed reply !

    In my opinion, information such as this should be made sticky on the forum so new users such as myself, and of course existing users who don`t already understand can read it and be made aware of what these options are for.

    As it can be difficult to have to read through the whole forum back to the beginning to find important information such as this.

    Thankyou very much, I have learned a lot in just a few short hours :thumb:
     
Thread Status:
Not open for further replies.