How do you know you've been hacked into, and what was involved?
I was told so by the author of the WordPress theme Cudazi Mono. My browser (Chrome Canary) started behaving in strange ways after I installed MAMP, WordPress and the Cudazi Mono WP theme. I was creating a WordPress site locally on my machine. Suddenly ads started appearing everywhere. They were labeled OffersWizard which, after some Google searching, I understood came from superfish (http://malwaretips.com/blogs/offerswizard-removal/). I first thought that the ads were bundled with the theme because the theme was free, so I contacted the author and he told me that my web site had been hacked into.
My browser's homepage was also being hijacked and I was being redirected to different sites. I can't remember which ones though, because I immediately deleted MAMP, WordPress, Cudazi Mono and Chrome Canary. I then removed all cookies, cleared the browser caches and ran a full scan with the Kaspersky anti-virus, but no malware was found. I re-installed everything including the latest version of Chrome (but not Canary as I suspected that it could have some security holes). I also remember that one of the websites I was redirected to included a dozen iframes (revealed by the developer tools), some containing a one pixel image and a link ending in .ru !
Then, I decided to purchase LS hoping that someone would explain in plain English what rules I should use for safe browsing and to prevent unwarranted incoming connections. For my browsers, I'm wondering if I should allow all outgoing connections on ports 80 and 443 in order not to get hundreds of alerts, which is annoying. [UPDATE 2014-04-21: Thank you for answering my other post, hagen!] Furthermore, what am I supposed to do when I get an IP address (such as 81.19.182.226 on port 2083) instead of a readable address? Or what to do when your browser or other software wants to connect to s3.amazon.com, cloudfront.net, cdn stuff or googleadservices.com? Sometimes blocking ad or analytics services will prevent a web page from displaying properly. This happened to me with the Chrome Web Store where all the images wouldn't display.
Unfortunately, LS isn't very helpful there because AFAIK users can't easily import shared sets of rules, e.g. white and black lists, to avoid ad, tracking and malware infested sites. Why isn't there anything equivalent to EasyList (https://easylist.adblockplus.org/en/) for LS that would allow users to block unwanted addresses? [UPDATE 2014-04-21: some good ideas have been posted under my 'another feature request' post!]