Phant0m`` Rule-set $v3.1 (NEW)

Now this is interesting, since I am using exactely the same rules!
PhantOm,
What you are saying is that these rules create an outbound leak from 1024-5000 simply because they are allowed all time. The question is, how can I create a rule for a multi chat client like Trillian, which runs all day long, without opening my shields for these specific outbound ports? Since I allow the leak only for Trillian.exe (as labeled in the application filtering list), only trillian is allowed to use these ports (well, unfortunately in version 2.04p2 all other authorized apps in my application filtering list can also use these ports ). I would really like to know, how you would handle this problem....

By the way, thank you so much for all the supporting work to the LnS community! I checked your new page, which exlains the different rules from your latest ruleset. Unfortunately I can not open the most important links in the column "Rule describtion" named "view". It has something to do with my Javascript. For security reasons I never use IE, and both Mozilla and Opera can not open these javascript links. Is there any way to make it compatible for non IE users
Again, thanks a lot for the tremendous amount of time you are spending for the support of LnS!!!

Thomas

 

ok i disable this two new rules , but in my log where can I found my Gateway Address

Thx

 

Hey Thomas M

Yea that is pretty much another way of looking at the issue, actually I don’t have an issue with Outgoings, and how I see it if you don’t trust the Client Applications you use then you should find something you can trust.

It’s important to have a strong MD5 or something better, hash! And Look ‘n’ Stop doesn’t actually meet these Standards; however this will all change with the new Look ‘n’ Stop release v2.05!

And it’s important to make sure you contain both Anti-Virus and Anti-Trojan Systems which is regularly being kept updated for both Applications and its definitions; to make sure you have full time Background Scanning capabilities in use along with doing Manual Scans of ALL FIXED DRIVES once-in-a-while…

For those who are Outbound paranoia’s, I’d recommend disabling “TCP : Allow” rule altogether and build up manually each service Authorising, and even though it’s “Rule-base Application Filtering” Feature is incomplete I’d still recommend using under these circumstances. Actually I use to enjoy a Feature ConSeal PC Firewall had, “Log-to-file” for Authorizing rules which doesn’t have a “Warning Flag”. This Feature I use to enjoy scanning through all my Authorized Outgoings to monitor for anything which appears malicious.

About my additional page, I had mentioned “Incomplete”. The Links doesn’t work for IE either as they are pointing to $null link which shouldn’t jump you anyplace but yet make it appear to be link anyhoots, I’m in the process of working on that next chance I get.

How I look at it, I’m dedicated Look ‘n’ Stop customer who wants the best for everyone. If I felt Look ‘n’ Stop doesn’t have potentials and it’s wasn’t unique, than I wouldn’t be using this Software Firewall product. I only like unique Software Firewalls which is completely Advance to provide me with necessary controls to ensure I get the maximum Level Software Security available…

But thing is you guys are swell and when I see I’ve succeeded in helping 1 user it makes me extremely grateful, and when I get a Thanks, it shows me how much you guys are appreciative in what I’m trying to-do.

 

When ARP Packets started to get logged in Look 'n' Stop's "Log" screen then you copy down the Packet direction along with Source and Destination MAC Address, then contact me with the findings and I’ll tell you what’s next…