New Phant0m Ruleset

Discussion in 'LnS English Forum' started by G1111, Aug 7, 2011.

Thread Status:
Not open for further replies.
  1. Phant0m

    Phant0m Registered Member

    Joined:
    Jun 7, 2003
    Posts:
    3,726
    Location:
    Canada
    No, not in the archive but available, besides the obvious place, generous posting here :) , also by visiting the official forum announcement or directly http://www.mntolympus.org/Changelogs.html


    Regards,
    Phant0m``
     
    Last edited: Oct 14, 2011
  2. Otomatic

    Otomatic Registered Member

    Joined:
    Mar 28, 2005
    Posts:
    98
    Location:
    Paris - France
    Good evening, as they say in France,

    Thanks for : support for disabling rules. Il works well specially for -IPv6 rule for me. :thumb:
     
  3. Phant0m

    Phant0m Registered Member

    Joined:
    Jun 7, 2003
    Posts:
    3,726
    Location:
    Canada
    Your welcome.
     
  4. G1111

    G1111 Registered Member

    Joined:
    May 11, 2005
    Posts:
    2,294
    Location:
    USA
    v1 Build: 008.9 Rev: 1 [14-10-11]

    ¤ Installer: minor change to better support Unbound and alike.
     
  5. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,694
    Location:
    USA
    What advantage does the phantom rule set offer that the standard rule set does not?
     
  6. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,694
    Location:
    USA
    How do I get the phantom rule set?
     
  7. moontan

    moontan Registered Member

    Joined:
    Sep 11, 2010
    Posts:
    3,931
    Location:
    Québec
  8. shadek

    shadek Registered Member

    Joined:
    Feb 26, 2008
    Posts:
    2,538
    Location:
    Sweden
    Where do I put the marked rules for maximum protection?

    I want to be able to connect to other computers in my network, hence the importet network rules... how far down can I put them to be as safe as possible and still 100% working? Are there any other tweaks I can do to phant0m's ruleset without having to have those rules at all?
     

    Attached Files:

  9. act8192

    act8192 Registered Member

    Joined:
    Nov 9, 2006
    Posts:
    1,789
    Delete those three rules, you won't need them.
    Start over with Phant0m rules installation. After unzipping, make a copy of forceconfig.ini and edit the original to enable Networking and make sure to enter the range of IPs on your LAN.
    Install the newest ruleset and it'll work.
     
  10. shadek

    shadek Registered Member

    Joined:
    Feb 26, 2008
    Posts:
    2,538
    Location:
    Sweden
    Thanks, that did the trick! Much appreciated. :thumb:
     
  11. act8192

    act8192 Registered Member

    Joined:
    Nov 9, 2006
    Posts:
    1,789
    You're welcome. Enjoy!
     
  12. G1111

    G1111 Registered Member

    Joined:
    May 11, 2005
    Posts:
    2,294
    Location:
    USA
    v1 Build: 009 [02-01-12]

    ¤ Installer: Fixed: Error box after receiving WRONG REG
    ¤ Installer: Added: Additional check and complain if the installer was denied specific registry access, warn about the possibility of a connectivity issue if registry access isn't permitted.
     
  13. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    13,269
    Location:
    Ontario, Canada
    Got it and working well on 2 Laptops! :thumb:

    Thanks,

    TH
     
  14. Anth-Unit

    Anth-Unit Registered Member

    Joined:
    Oct 13, 2006
    Posts:
    108
    Anyone else get this when downloading the latest installer?

    ~ VirusTotal Results Removed per Policy ~
     
    Last edited by a moderator: Feb 13, 2012
  15. Phant0m

    Phant0m Registered Member

    Joined:
    Jun 7, 2003
    Posts:
    3,726
    Location:
    Canada
  16. Anth-Unit

    Anth-Unit Registered Member

    Joined:
    Oct 13, 2006
    Posts:
    108
  17. Phant0m

    Phant0m Registered Member

    Joined:
    Jun 7, 2003
    Posts:
    3,726
    Location:
    Canada
    I'm using Microsoft Security Essentials on Win7 x64, and I just re-downloaded the latest P. Ruleset package, nothing triggered even when I initiated manually the scan on all the extracted files.

    MD5 Hashes
    8a06b3c0381f341f779ba817d55604a0 License.txt
    416c1444ae398ae5825cfb3d09d2486a Ruleset_Installer_Deluxe.exe
    79ddbccc190401d4f2a050c687475387 English.lng
    bca428c731a9fc5db0155c70a40dc3d8 ForceConfig.ini

    MSE Information:
    Security Essentials Version: 2.1.1116.0
    Antimalware Client Version: 3.0.8402.0
    Engine Version: 1.1.8001.0
    Antivirus definition: 1.119.1835.0
    Antispyware definition: 1.119.1835.0
    Network Inspection System Engine Version: 2.0.8001.0
    Network Inspection System Definition Version: 11.0.0.0
     
  18. G1111

    G1111 Registered Member

    Joined:
    May 11, 2005
    Posts:
    2,294
    Location:
    USA
    I just did scans with Emsisoft, HitmanPro, MBAM and TrojanHunter and all were clean (no malware found).
     
    Last edited by a moderator: Feb 13, 2012
  19. Anth-Unit

    Anth-Unit Registered Member

    Joined:
    Oct 13, 2006
    Posts:
    108
    That's really strange....

    Here is the latest virustotal upload of the file I have (from 2 minutes ago): ~ VirusTotal Results Removed per Policy ~

    Emsisoft Virus.Win32.Heur!IK

    I Just bought the rule-set and downloaded it directly from the website. My MSE prompts when I scan manually.
     
    Last edited by a moderator: Feb 13, 2012
  20. Anth-Unit

    Anth-Unit Registered Member

    Joined:
    Oct 13, 2006
    Posts:
    108
    Did you add it to your MSE exclusions maybe? This is what I get: Microsoft Trojan:Win32/Anomaly.gen!A

    Security Essentials Version: 2.1.1116.0
    Antimalware Client Version: 3.0.8402.0
    Engine Version: 1.1.8001.0
    Antivirus definition: 1.119.1835.0
    Antispyware definition: 1.119.1835.0
    Network Inspection System Engine Version: 2.0.8001.0
    Network Inspection System Definition Version: 11.0.0.0
     
  21. Phant0m

    Phant0m Registered Member

    Joined:
    Jun 7, 2003
    Posts:
    3,726
    Location:
    Canada
    Excluded files and locations list is empty
    Excluded file types list is empty
    Excluded processes list is empty
     
  22. Anth-Unit

    Anth-Unit Registered Member

    Joined:
    Oct 13, 2006
    Posts:
    108
    I have no idea what is going on. I go to the website, download it, and get the same prompt from MSE. What do you get when you upload it to virus total?
     
  23. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    13,269
    Location:
    Ontario, Canada
    It's a false positive that's all I use it all the time!:rolleyes:

    TH
     
  24. Phant0m

    Phant0m Registered Member

    Joined:
    Jun 7, 2003
    Posts:
    3,726
    Location:
    Canada
    No need for me to upload to Virus Total, I already know the results, they are flagging because I use run-time packers.
     
  25. Anth-Unit

    Anth-Unit Registered Member

    Joined:
    Oct 13, 2006
    Posts:
    108
    Kind of strange were both using the same anti-virus but getting different results. I have the same MD5 for the executable as well.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.