Ever heard of OOPS! leaktest?

Discussion in 'LnS English Forum' started by jgama, May 28, 2004.

Thread Status:
Not open for further replies.
  1. jgama

    jgama Registered Member

    Joined:
    May 4, 2004
    Posts:
    34
    Hi,

    I just heard about it and the solution seems to be very simple( by El Chico ):


    "I've discovered the 'workaround': But feel free to correct me if you think I'm wrong

    Make the following 2 Advanced Rules, and the 'Allowed Rule' must be sorted ABOVE the 'Blocked Rule':

    1) Allow Incoming and Outgoing traffic to remote UDP port 53, to the IP-adresses of your DNS-servers (you should test and monitor your traffic logs to discover their IP's), but ONLY for the applications you want, like IE, MSN Messenger, and other programs you are using that you saw blocked in traffic logs to remote port 53, and thereby unable to connect.

    2) BLock ALL Incoming and Outgoing traffic to remote port 53, without selecting ANY application in the Applications tab (this way all new applications will also be blocked by default, until you allow them in Rule nr. 1, because it can't connect) Remember this Rule must be placed BELOW the Allowed DNS Rule..."
    El Chico
    http://forums.sygatetech.com/vb/showthread.php?s=&threadid=5038&highlight=oops
     
  2. gkweb

    gkweb Expert Firewall Tester

    Joined:
    Aug 29, 2003
    Posts:
    1,932
    Location:
    FRANCE, Rouen (76)
    Oops is from Tom Liston and was reserved to firewall vendors only, NOT for the public. Therefore when it was by mistake available on public forums, Tom Liston
    removed his webpage which was needed to see if the leaktest has worked or not, so having this leaktest now is pretty useless because it can't fail or success.

    The availability of this leaktest on public forums put his author in a difficult position regarding the laws of his state, and should not be available nor downloadable anywhere, and this thread on sygate forum could much give troubles to Tom Liston than anything else.

    You should warn them if you can, Tom Liston has personally emailed me at the time when the mistake happened, I could give you quote, but the best if you want to check by yourself is to write an email to him.

    I think this thread here and at Sygate forum should be locked, and the same kind of available public leaktest "DNStester" used instead, available from my website.

    quote from Tom Liston website :
    Regards,

    gkweb.
     
Thread Status:
Not open for further replies.