About Phant0m's rules

Discussion in 'LnS English Forum' started by MakoFusion, May 23, 2004.

Thread Status:
Not open for further replies.
  1. MakoFusion

    MakoFusion Registered Member

    Joined:
    Jun 25, 2003
    Posts:
    130
    I'm sure that this guy is like a firewall guru but I do really have to ask...

    I have tried the most updated ruleset of his but when I apply it I cannot even go to any sites. Am I missing something? Or is it a listing of rules that one may grab from to further secure their system? I am wondering if this is the same exact ruleset that Phant0m surfs the net with because I cannot.
     
  2. kamui

    kamui Registered Member

    Joined:
    Aug 19, 2003
    Posts:
    218
    Location:
    France
  3. MakoFusion

    MakoFusion Registered Member

    Joined:
    Jun 25, 2003
    Posts:
    130
    I do not read french.
     
  4. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    Hi MakoFusion

    Phatom's rules are not plug and play, so to speak.

    The DNS and DHCP (bootp) rules have to be configured correctly. You will need to determine your ISP's DNS and DHCP servers and then modify those rules accordingly. The images in the link in kamui's post should help. Failing that, check your logs for blocked DNS querries and create your rule from there.

    Regards,

    CrazyM
     
  5. Larsirion

    Larsirion Registered Member

    Joined:
    May 24, 2004
    Posts:
    16
    Hello, I'm exactly in the same situation MakoFusion is.
    The phantom rules doesn't work even with the french tutorial (I'm french, so there's no translation issue).

    I configure LNS with my internet provider DNS and I have no DHCP activated.

    I installed the LNS 2.05 version.

    Is the Phantom's rules are up to date for this version?
     
  6. kamui

    kamui Registered Member

    Joined:
    Aug 19, 2003
    Posts:
    218
    Location:
    France
    J'utilise phantom rules 5 et no pb sa roxxx , voici mon phantom rules ;)
    Enjoy !!

    -la plupart des pb avec ces régles sont les pb de DNS et les paquets fragmentés

    Pour les pb de dns , faut les fixer sur sa carte réseaux et ne pas mettre sur automatique , et pour les pb de blocage de paquets fragmentés faut rajoutés la régles pour "Club Internet " autoriser les paquets fragmentés .

    Voila @++
     
  7. Thomas M

    Thomas M Registered Member

    Joined:
    Jan 12, 2003
    Posts:
    355
    Bonjour Kamui,

    are you refering to the PhantOm ruleset, which is offered in THIS RECENT THREAD ?

    I thought about testing a few of PhantOms rules, but first I need to get his latest "release"...

    Thomas :)
     
  8. MakoFusion

    MakoFusion Registered Member

    Joined:
    Jun 25, 2003
    Posts:
    130
    The one offered in this thread and the other one are the same and constitutes as the "most recent" version.
     
  9. Larsirion

    Larsirion Registered Member

    Joined:
    May 24, 2004
    Posts:
    16
    Merci, mais c'est ce que j'ai déjà fait plusieurs fois et ça ne marche pas
    je suis chez wanadoo et j'ai pris les dns avec ipconfig/all et aussi ceux donnés sur leur site...
    ça ne change rien
    dans tous les cas, je ne peux pas utiliser avant browser (ou IE c'est la même chose)
    j'ai bien réglé les dns dans le protocole tcp/ip de windows...

    lns marche sans problème avec les règles de base
    seulement il ne passe aucun test de sécurité avec succès (que ce soit shield up... il y a des ports ouverts et des ports fermés... mais tous ne sont pas invisibles... ou bien pcflank... plein de vulnérabilité... bref, c'est pas le pied...

    For people who don't speak french and want to follow the discussion:
    Kamui said to me to use the phantom rules with customizing the DNS in the rules and in windows...
    I did that previously with 2 different sets of DNS (with ipconfig/all and with the dns provided by my internet provided)
    it works with the standard rules
    but with the phantom's rules it doesn't work
    I can't use IE or avant browser (which is based on IE engine)...
     
  10. kamui

    kamui Registered Member

    Joined:
    Aug 19, 2003
    Posts:
    218
    Location:
    France

    Hi Bro ,

    I use this version : "Phant0m`s-September-9.rls" it's the same as the other post

    ;)
    @Larsirion
    your pb is Strange because I installed lns 2.05 with Phanthom rules 5 for a friend which ISP is Wanadoo and , he have no problem with lns + ph 5 ;)
    Check your log to know which rules blocking your connection ;)
    ++
     
  11. Larsirion

    Larsirion Registered Member

    Joined:
    May 24, 2004
    Posts:
    16
    I checked the log and the rule which block internet explorer/avant browser is the last one "Block all other packets"...

    so it means the previous rules don't accept to let me connect on the net with a browser, isn't it?
     
  12. Larsirion

    Larsirion Registered Member

    Joined:
    May 24, 2004
    Posts:
    16
    Oups :D

    I find what was the problem...
    when it is said "activate" in the french tutorial, I pressed "apply" in lns...
    but in fact I had to clic just in front of the "dns allowed" rule to activate it (green checked box)...

    so now it works....

    thanks for your patience with me... ;)
     
  13. kamui

    kamui Registered Member

    Joined:
    Aug 19, 2003
    Posts:
    218
    Location:
    France
    mdr ct tout con ;)
     
  14. Larsirion

    Larsirion Registered Member

    Joined:
    May 24, 2004
    Posts:
    16
    ben oui...

    c'est en faisant des erreurs qu'on apprend :D

    sinon, quelques petites questions:

    j'ai lu que pour passer pcaudit 2 (qui marche sur les injections de dll) il fallait "activer la détection des dlls"
    je suit donc allé dans option>options avancées>DLLs> et j'ai cocher "activer la détection des dlls"
    seulement pcaudit passe toujours au travers de lns

    faut-il mettre les régles d'emule avec les régles Phant0m?
    c'est ce que j'ai fait mais je ne suis pas sûr de mon coup
    en fait sans les régles emule, la mule a trop du mal à fonctionner...
    avec, ça roule sans problème

    et dernière question: est-ce que le TCP statefull packet inspection est enfin compatible avec le p2p (j'ai lu que dans la version 2.04 c'était pas le cas, alors je me demandais si dans la 2.05 ça avait changer)

    merci d'avance
    et désoler de squater le topic d'un autre ;)
    PS: si ça gène j'efface et je fais un topic séparé...
     
  15. gkweb

    gkweb Expert Firewall Tester

    Joined:
    Aug 29, 2003
    Posts:
    1,932
    Location:
    FRANCE, Rouen (76)
    French :

    J'ai répondu a ta question sur le forum français.
    Je pense que tu devrait t'y tenir pour parler français, ca peu être frustrant pour ceux qui ne parlent pas ta langue de ne pas comprendre ce que tu raconte ;)

    English :

    I have answered to your question on the french forum.
    I think you should stay there to speak french, it can be frustrating for those who don't speak your language to not understand what you are saying ;)

    regards,

    gkweb.
     
  16. FluxGFX

    FluxGFX Registered Member

    Joined:
    Jan 23, 2003
    Posts:
    667
    Location:
    Ottawa/Canada
    I've configured Phant0m'' rules for both DSL, Cable and or Dial-Up.

    Basicly comes back to the samething.

    DHCP, DNS need to be configured before allowed internet protocols will be allowed through.

    Phant0m'' if your reading these post... :)

    In any case any questions regarding how to set it up or configure it correctly you can always PM me, me and phant0m been keeping in touch :)

    cheers,
    Mart
     
Thread Status:
Not open for further replies.