someone can help me ?

Discussion in 'LnS English Forum' started by fd222, Nov 17, 2008.

Thread Status:
Not open for further replies.
  1. fd222

    fd222 Registered Member

    Joined:
    Nov 17, 2008
    Posts:
    9
    look at this pic,i wanna block 23 port ,although in lns's rules,it has 137-138 port rule,when i use x-scan,it told me there're some port are open,(139,135,123).

    in fact,i found the rule "block about blocking 139",but it seems no available.

    is there someone can help me,and told me how i can set it.

    thanks!
     

    Attached Files:

  2. fd222

    fd222 Registered Member

    Joined:
    Nov 17, 2008
    Posts:
    9
    oh ,if there's a picture show the set,i'm very appreciation.....
     
  3. fd222

    fd222 Registered Member

    Joined:
    Nov 17, 2008
    Posts:
    9
    my purpose is blocking some ports connect my local port.
     
  4. Frederic

    Frederic LnS Developer

    Joined:
    Jan 9, 2003
    Posts:
    4,354
    Location:
    France
    Hi,

    I'm not sure to understand what you want to block.

    If you want to block other computers from internet connecting to your PC on the port 23, the rule is correct. But you should indicate TCP for the IP protocol.
    Also, normally the rule "Block incoming connections" from the enhanced ruleset should do the job for all ports, and you don't need this kind of rule (except if you want to allow everything and just block port 23).

    If you want to block your computer to connect to a remote machine on port 23, then the 23 should be on the right part of the rule (because it is a destination port for a packet going from PC to internet).

    Note that some local tools executed only on the PC with no remote side are not so relevant to check if a port is open or not.
    Only online scans (or scans between two computers) can help you to determine if a port is open or not.
    I don't know exactly how x-scan works.

    Regards,

    Frederic
     
  5. fd222

    fd222 Registered Member

    Joined:
    Nov 17, 2008
    Posts:
    9
    Frederic
    thank you

    yeah,I want to block other computer to connect my port ....

    and I'am in Local Area Network so if I use online checking, it will display the ports of my server.

    Another problem is when I use OUTPOST2009 firewall,there's no port can be scaned and no service can be found on my computer....


    When I scaned my computer,I use the IP Address of Local Area Network,not 127.0.0.1 I cann't understand why it is happened
     
  6. Climenole

    Climenole Look 'n' Stop Expert

    Joined:
    Jun 3, 2005
    Posts:
    1,640
    Hi fd222

    Help us to help you fd222... o_O

    1) You're talking about LnS installed on the Gateway/Server of you LAN: is that right?

    2) You're running some firewall tests such as The Gibson Research Shields UP:
    https://www.grc.com/x/ne.dll?bh0bkyd2

    and some ports are reported open or blocked instead of stealth. Is that right?

    Question 1 : which rules set are you using with the PC used as Gateway/Server ?

    Question 2 : what are you seeing in the LnS log?
    Upload a copy of this log here using the manage attachment button down the editing window of this forum

    Hope you give us these information ASAP and solve this problem...

    :)
     
  7. fd222

    fd222 Registered Member

    Joined:
    Nov 17, 2008
    Posts:
    9
    This is the logs of X-scan:

    ------------------

    You can see something about it,and in the LNS,the rules is like this..

    look at the pictures:
    137.PNG
    139.PNG

    it exists in LNS,but it looks no useful...

    ————————————————————
    In my gateway ,I think there's anything on it , I only on my computer installed the LNS.


    even if I test on The Gibson Research Shields UP,it is not retrun me a real test result,because I'm in LAN,it can not get my IP Address,i think.
     
  8. Climenole

    Climenole Look 'n' Stop Expert

    Joined:
    Jun 3, 2005
    Posts:
    1,640
    Hi fd222

    Check your Gateway/Router configuration...

    :)
     
  9. Frederic

    Frederic LnS Developer

    Joined:
    Jan 9, 2003
    Posts:
    4,354
    Location:
    France
    Hi fd222,

    For me X-Scan is just doing a local test probably on 127.0.0.1 and this is not relevant to verify the ports are stealth, for computers trying to connect to these ports from internet.

    This kind of local interface is not present at NDIS level (this interface is not present in the list in the options tab), and so, packets sent on 127.0.0.1 are not visible to the packet filter.

    Regards,

    Frederic
     
  10. fd222

    fd222 Registered Member

    Joined:
    Nov 17, 2008
    Posts:
    9
    Thank you
     
Thread Status:
Not open for further replies.