• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

What does LSA Shell do???

M

MWink

Diamond Member
I recently changed to a new software firewall (Sygate Personal Firewall Pro) and it keeps asking me if I want to allow "LSA Shell" access to the Internet. Since I have no idea what it is or what it does I keep saying no. It has not affected anything as far as I can see but I'd still like to know what it is supposed to do? Should I be blocking it or should I allow it? Thanks.
 
What OS are you running?
Do you run in stand-alone or Domain mode?

Under the NT family (NT, W2K, XP Pro) the LSA is the Local Security Authority, and is responsible for handling all authentication (logon) calls. Usually, if it gets a logon that doesn't match a local account, it will try and contact a Domain Controller to pass along the authentication request. If it's W2K, it may be doing a broadcast look for an Active Directory DC.
 
I'm running a stand alone Win XP Pro system. Some of the traffic is incoming, some is outgoing. Should I be blocking it?
 
If I have correctly identified the LSA service as the one your firewall is catching, then Yes, you should be blocking it. You should never need to authenticate any users from outside your system.
 
Yes, it calls it "LSA Shell (Export Version)". I set it to Block so it should be quiet now. Thanks! I was worried it might be something important.
 
As something of an aside... It seems like all these networking accessing components of Win32 and other applications ought to be known by these firewalls. I don't mean that the firewall should decide whether they get network access but it would be helpful if the companies producing them (Sygate, ZoneLabs, etc.) kept up a database of common programs that gave people guidelines for what should and shouldn't need network access.
 
Originally posted by: CplHicks
As something of an aside... It seems like all these networking accessing components of Win32 and other applications ought to be known by these firewalls. I don't mean that the firewall should decide whether they get network access but it would be helpful if the companies producing them (Sygate, ZoneLabs, etc.) kept up a database of common programs that gave people guidelines for what should and shouldn't need network access.
Click to expand...

I agree totally. It would also be helpful, in in W2K (what I am running currently), there was a way to differentiate some of these various system services to the firewall (I run ZoneAlarm free version), since by default in W2K they run under the same process and executable shell. That's kind of annoying, no way to tell them apart. :|
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top