Phant0m`` Rule-set $v3.0 and ports 135 - 139

Hello all,

I get ports 135 - 139 showing only as closed with the new ruleset at PCFlank.... They always showed as stealth with thoe old ruleset....

Any ideas?

Regards,
Kent

 

Hey puff-m-d

Please do a re-scan by that Online webscan, and if it still shows the same then wait a hour or so. And in the mean-time get secondary opinions, do other Online web-scans...

 

Phant0m``,

At GRC, They show up stealthed.... and the beeps from L'n'S sound during the scan and it shows in the log.... However at PCFlank, no beeps and no entries in the log...

Regards,
Kent

 

Hey

I’m assuming you just done another grc. Scan to verify the 1st results, could you please try http://www.blackcode.com/scan/ ?

Thanks…

 

Hey.
I had the same results from pcflank with enhanced rules sets.

grc.com shows all ports stealth every time I use that site.
I get a lot of entries in my log also.


I don't use that pcflank scan anymore!
I don't trust it.

 

Yea the Tester is right, there has been many false readings with other peoples scan results. And this doesn’t just revolve around Look ‘n’ Stop but other Software Firewall products. And you using Phant0m``s Rule-sets and you leaked to these Online web-scans I would say that’s impossible unless improper configuring and/or user additional improperly configured rules (Unless one is purposely running Servers and authorized remote access in through your Software Firewall).

 

Hello all,

Just a quick note to say I have now tested the ruleset at several sites (six to be exact). PC Flank is the only site that reports these ports as closed. the other 5 sites report them as stealthed. From this I "assume" that the PC Flank test is not reliable as it is the only site i have found to give these results....

Regards,
Kent

 

I agree. I ran the PC Flank test on this machine with LnS w. Phantom's ruleset, on another XP running Outpost fw, and on my NAT router. In each case, the PC Flank test shows ports 80 and 135 closed and all other ports stealthed. In each case, other sites' port scans showed all ports stealthed.

 

Hi Finn McCool,

Glad to see someone else gets the same results as me!!!!!

Regards,
Kent

 

Actually guys no one Online Scan is reliable, don’t put faith all into one particular online web-Scanning System. They all have its bad moments and currently pcflanks seems to be having a lot, but I just tested it out tis morning and now it shows my 135port stealthed when it had not the other day…

 

In Addition; when indeed they are unreliable it’s usually with common “Non-existing” ports like 113, 80, and 135 and so on.

btw; Guys! don't forget to-do pc-flanks stealth-test!

 

Hi Phant0m,

Please help having problems with the version 3.0 rule set. I am dialup and had installed your july 18 rules which worked a treat. Have followed the instructions for the version 3.0 ruleset exactly, to the tee as you say, and cannot access the internet and no other application can access the internet. This initially happened to the July-18th rules, at that time you told me to ensure the primary and secondary DNS values were in the appropriate rule set, which of course worked. For this version 3.0 the 1ry and 2ry DNS values are there alongside everything else but no luck. In another thread you mention adjusting the settings and then activating them. Presumably activating means = this is ensuring the internet filtering is enabled (ticked?).

Thanks in advance - P

 

Hey Plavi

The page don’t recommend Disabling/Enabling Internet Filtering, you must retrieve the DNS and Adapter Addresses with EnhancedRulesSet.rls before switching to Phant0m`` Rule-set $v3.0. Verify there are 2 DNS servers and not three or four, you may need to add additional DNS rules if that’s the case. And when you configure the DNS-Allowed-0 rule you must then activate the DNS-Allowed-0 rule, and perhaps try re-booting.

Regards,