I recently checked out Paranoid's "Guide to Producing a Secure Configuration for Outpost" thread (in the Agnitum forum)....and it seems that Outpost has addressed the DNS issue. From that guide: "D1 - Specifying DNS Server Addresses DNS (Domain Name System) is the method by which an IP address is found for a domain name (e.g. outpostfirewall.com has the IP address 220.127.116.11 - a full description is available in RFC 1034 - Domain names - concepts and facilities). Since DNS traffic has to be allowed through firewalls in order to be able to perform the IP-address lookup needed when connecting to a site, some trojans and leaktests attempt to disguise their traffic as a DNS request. However by limiting access only to those DNS servers offered by your Internet Service Provider (ISP), this tactic can be effectively blocked. There are two options to follow here: (a). The "Global DNS" Option - Add the ISP DNS server addresses to the Global rule ----- (b). The "Application DNS" Option - Remove the Global rule, add a DNS rule to every application ----- " So Outpost evidently has a feature for addressing DNS requests (traffic/spoofing,etc.). I've looked around, but couldn't find anything that definitively says whether LNS also has this ability/feature as well. Can anyone tell me if Look 'n' Stop (with either the "Enhanced Rules Set" or Phant0m's Rules Set, etc.) also address DNS traffic and/or spoofing?