Phant0m`` $v3.1 Rules Definition

Discussion in 'LnS English Forum' started by Phant0m, Aug 27, 2003.

Thread Status:
Not open for further replies.
  1. Phant0m

    Phant0m Registered Member

    Joined:
    Jun 7, 2003
    Posts:
    3,684
    Location:
    Canada
    Hey folks

    I like to mention a new addition to my Look ‘n’ Stop website, it’s titled “Phant0m`` $v3.1 Rules Definition”. Many of you been wanting something which explains a bit about per rule in Phant0m`` Rule-sets and now I have been taking Time-Out throughout my busy day to work on providing you guys with something of the sort.

    It’s not completed page but I thought I would poster the url and you guys take a gander at it and give me you all opinions, and suggestions on improving it that much more. I would be extremely grateful if little time was spared to assist me in this area, Thanks!

    http://www.wilderssecurity.info/pg41.shtml
     
  2. Phant0m

    Phant0m Registered Member

    Joined:
    Jun 7, 2003
    Posts:
    3,684
    Location:
    Canada
    To be little more Informative about that page; It’s actually a replica of Phant0m`` Rule-set $v3.1, every rule on the page is in exact order as listed in the rule-set, and the states for each rule is what you’d see when you 1stly Load up the Phant0m`` Rule-set, and mixture of colors been used for user efficient interpretation.

    Maroon = Enabled rules
    Blue = Disabled rules
    Bolded Blue = Disabled rules that needs to be configured by Default before activation
    Purple = Allowed packets
    Mediumslateblue = Denied packets

    Hope this is clarity for you… :p
     
  3. tosbsas

    tosbsas Registered Member

    Joined:
    Feb 9, 2002
    Posts:
    789
    Location:
    Lima, Peru
    You ARE the man :)--))

    Thanks for all your efforts. Its goos to know you are around.

    Ruben :D
     
  4. Phant0m

    Phant0m Registered Member

    Joined:
    Jun 7, 2003
    Posts:
    3,684
    Location:
    Canada
    :D
     
  5. PikeDude

    PikeDude Registered Member

    Joined:
    Aug 3, 2003
    Posts:
    45
    Hey Phantom,

    I just installed your new ruleset and it works great. Thanks once again for all the help you give us :).
    I have enabled all of them except the Arp Gateways Arp Reply because I am behind a router and the Gateway address that is shown in the IPConfig utility is not taken by ARP : Authorize Gateways ARP Replies where it's circled in red. The address is 198.168.1.1 unlike the picture that shows it as a mac address. Do I need to add the same Mac address in both fields or do i simply not enable the rule being behind a router.
    Thanks.
     
  6. PikeDude

    PikeDude Registered Member

    Joined:
    Aug 3, 2003
    Posts:
    45
    Hey Phantom,

    I found the answer (I believe o_O) in manuangi's post. When I logged into my Linksys router, on the front page, there was the router's mac address and I placed it in the Source Ethernet Address and I was able to surf the web again. Is this right?

    Although, in the logs as you described to manuangi, I still have another ethernet address that appears from time to time (always the same one). I don't know which one to use! I also keep getting the FF:FF:FF:FF:FF:FF” rule appearing in the logs even though the rule is disabled.

    Thanks for all the help.
     
  7. Phant0m

    Phant0m Registered Member

    Joined:
    Jun 7, 2003
    Posts:
    3,684
    Location:
    Canada
    Hey PikeDude

    Well done! :)

    Apparently you got the right Ethernet Adapter Address otherwise you wouldn’t be capable of surfing like you are now.

    LOL! Can you verify that “FF:FF:FF:FF:FF:FF”, or “+FF:FF:FF:FF:FF:FF”?
    Verify from the Loggings in the Look ‘n’ Stop’s “Log” screen that “*FF:FF:FF:FF:FF:FF” isn’t being shown on the “Address / Application” column, possible it must be confusing with rule-name “+FF:FF:FF:FF:FF:FF”. ;)
     
  8. PikeDude

    PikeDude Registered Member

    Joined:
    Aug 3, 2003
    Posts:
    45
    Hi Phantom,

    Just figured out what the other Mac Address was, it's my wife's computer that is also sharing the router. It's her Mac address, since we share files between computers I guess it was only verifying if I was there. I had not given that computer access with the new 3.1 rules.
    Since she turned off her computer, I got no more entries in the log.
    Again great work and Thanks a million.
     
  9. Phant0m

    Phant0m Registered Member

    Joined:
    Jun 7, 2003
    Posts:
    3,684
    Location:
    Canada
    Hey PikeDude

    You have any situations regarding Phant0m`` Rule-set and Client Machines, don’t hesitate to tell me…

    Also; between you and I, I’m currently working on upcoming Phant0m`` Rule-set release. It’s has number of Enhancements, efficient rule labelling for user easy interpation. I also decreased the rule-set filesize greatly, thus allowing the rule-set to be read even faster.

    It’s completed but wont be publicly released until after I complete that Phant0m`` Rule-set Rules Definition page to apply to this new rule-set.
     
Thread Status:
Not open for further replies.