Simple LAN Setup

Discussion in 'LnS English Forum' started by ched, Jun 24, 2004.

Thread Status:
Not open for further replies.
  1. ched

    ched Registered Member

    Joined:
    Jun 24, 2004
    Posts:
    7
    Newbie here.

    XP Home SP1
    LnS 2.05 EnhancedRulesSet.rls and LnSSvc (English version) (2 Computers)
    Linksys BEFSR41 (2 Computers)

    I tried to follow the faq: "How to configure LnS for a LAN". The instructions seem to be for an earlier/different version of LnS (not 2.05 En). I just can't seem to get it to work. File sharing and print sharing work fine when LnS not loaded. I have the ethernet address for each computer. There is nothing in the LnS log file.

    Please Help. TIA
     
  2. jgama

    jgama Registered Member

    Joined:
    May 4, 2004
    Posts:
    34
    Please go to options and uncheck the "automatic selection" if you have more than one network adapters listed. Then select the network adapter that was not previously checked.
    Did this solved your problem?

    Peace,
    JG
     
  3. ched

    ched Registered Member

    Joined:
    Jun 24, 2004
    Posts:
    7
    Thanks jgama but I already had it set that way. I have two listed: Intel network card and WAN miniport. I have the network card checked on both CPU's.

    The only thing I have found that helps is to uncheck the box for Internet Filtering Enabled on both CPU's, have both CPU's access each other, then re-enable Internet Filtering. This works for a period of time, then both become inaccessable again.

    It's just a guess, but there is some "handshake" signal not passing through and I suspect it may have something to do with NetBios. Also, I'm still not sure I have the ETH rule set up correctly.
     
  4. gkweb

    gkweb Expert Firewall Tester

    Joined:
    Aug 29, 2003
    Posts:
    1,932
    Location:
    FRANCE, Rouen (76)
  5. ched

    ched Registered Member

    Joined:
    Jun 24, 2004
    Posts:
    7
    Thanks gkweb. Tried it and no change.

    Have found that if in "Internet Filtering" on the enhanced rules, I remove the red sign from UDP : Stop NetBIOS, I have good comms between the CPU's.

    Is there a rule I could use that would only allow NetBIOS between my two CPU's on the LAN?
     
  6. ched

    ched Registered Member

    Joined:
    Jun 24, 2004
    Posts:
    7
    Okay, I just spent the last 4+ hours trying to get my simple two computer LAN to work with LnS. No joy. I re-read help files both on the net and with the application. I tried everything Patrice suggested in the router sticky because Patrice has the exact same router that I do. I finally started getting messages in the log file each time I re-booted and I made rules until there were no more messages. Nothing worked. I'm sure it's just me doing something wrong or overlooking something.

    Before I even installed LnS, I had my router setup securely (Linksys BEFSR41). On the Linksys Security Tab, I have "Filter Musticast" enabled and "Block Anonymous Internet Requests" enabled. On the same Security Tab, I applied a "Filter Port Range" to ports 135 thru 139 and port 445. Also on the Linksys Applications and Gaming tab I have "Port Range Forwarding" for both TCP and UDP on port 113, so "hits" on that port are forwarded to a non used IP address 192.168.1.xxx (xxx= a very high number but not greater than 255).

    With the Linksys set this way and NO software firewall installed, I passed ("Stealth" results) every test on the internet I could find, grc, pcflank and others. I installed a software firewall just to give me a "warm fuzzy". I don't know if these Linksys settings are interfering with the LnS software or not.

    Bottom line is that in the LnS default enhanced rule set, I removed the red stop sign on UDP : Stop NetBIOS. My LAN is working now and I still get "Stealth" results at all the online security testing sites. I kind of feel as though my router settings are taking care of the NetBIOS ports.

    Should I be concerned with this setup or can I feel relatively safe concerning security?

    I am also running NOD32, BOClean, SpywareGuard, SpywareBlaster, CookieMuncher and Spybot.

    Thanks for your help guys. I really appreciate it! There are many people here and you took the time to try and help. Thanks!
     
  7. jgama

    jgama Registered Member

    Joined:
    May 4, 2004
    Posts:
    34
    Hi ched,
    I guess you need to add the MAC address to the rule:
    1-remove the red sign from UDP : Stop NetBIOS.
    2-add a blue !
    3-check the log, double clink on "UDP : Stop NetBIOS." to see the packet's content
    4-select the source address and copy it (ctrl c)
    5-return to internet filtering
    6-paste the MAC address into the ethernet address box and replace All with equals

    do the same in the other box

    This way each one will filter by MAC, allowing only the other one to get there.
    I think this is waht you're looking for, let me know OK?

    Peace,
    JG
     
  8. ched

    ched Registered Member

    Joined:
    Jun 24, 2004
    Posts:
    7
    That did it I think jgama!

    I had to make four rules:

    UDP inbound from other computer
    UDP outbound to router
    UDP outbound to other computer
    ETH inbound&outbound destination/source other computer

    I used (equals) MAC addresses and didn't specify ports. I placed the rules at the top of the enhanced rules list in the order as shown above. I probably could have combined the first and third into one rule. Not sure. I placed the red stop back on UDP : Stop NetBIOS. Does this sound right so far? The LAN is up and working.

    I know hate is a strong word, but I hate it when a perfectly good app like LnS kicks my bu%%. I'm a newbie at this stuff and just trying to learn as I go along. I really like LnS for it's small footprint and lack of "fluff". I just need to get up to speed. I'm on a big learning curve right now.

    THANKS!
     
    Last edited: Jun 25, 2004
  9. jgama

    jgama Registered Member

    Joined:
    May 4, 2004
    Posts:
    34
    I am glad you got it to work!
    It seems right to me. You are allowing access to all ports from only the other box and then blocking netbios from any other MAC.
    When you are not sure if things work, you can create a rule in advanced mode without the yellow arrow and that will allow you to get the log filled with info. I do it all the time.
    Peace,
    Joseph Gama
     
Thread Status:
Not open for further replies.