RuleSet opinion.....please

After the window update fiasco, I decided to migrate to LnS from ZA after reading favaorable reviews. I installed it and I am liking it so far.
I downloaded latest PhantOm ruleset(from http://www.mntolympus.org) and my AV alert to an infection of installer "virus obfustat.tcp".

My question is this: Is phantom ruleset a must have enhancement to LnS or the is supplied LnS enhanced ruleset more than adequate??

Thanks

 

If you want an high protection, and you would like to tune exactly which packets are sent/received (and you are able to that), then Phant0m ruleset is for you.
If you want a standard protection, and you are not so familiar with packet filter rules, then the enhanced ruleset is for you.

Note that Look 'n' Stop is also concerned by the Microsoft issue, and the DNS rule has to be updated to use local port range 49152-65535 instead of 1024-5000 according to this post.

Regards,

Frederic

 

Yesterday's update addresses the WU KB951748 issue...

 

thanks for the reply.....I'll stick with enhanced ruleset for now.

 

Where is the enhanced rules set for getting around yesterday's Microsoft Security Update, KB951748?

Where is the link for this enhanced rules set?

I do have the thread on how to possibly fix this 'manually', but I rather just install the new rules set. Also please a short refresher on how to install a rules set would be nice.

I'll check later today for an answer... meanwhile I'm surfing the new without a firewall...

 

OK, I did follow the thread where you change the "UDP: Authorize name resolution (DNS)" rule, and it worked. So no need for a new rules file, however, I am using version 2.06 and if there's a newer rules file do let me know, though for now I'm happy.