Who have better rules than phantom rules 5 ??

Discussion in 'LnS English Forum' started by kamui, May 29, 2004.

Thread Status:
Not open for further replies.
  1. kamui

    kamui Registered Member

    Joined:
    Aug 19, 2003
    Posts:
    218
    Location:
    France
    Hi All ,

    I use lns 2.05 with ph rules 5 , I passed almost scan test except this one: sygate udp scan ,all ports are closed :eek: .
    http://scan.sygatetech.com/udpscan.html
    :'(

    I'm running on Xp Pro Sp1 with a DSL Router Cisco C827 :cool:
    I want to know if phantom rule's users passed this udp scan test

    thx Kamui ^^

    ++
     
  2. Frederic

    Frederic LnS Developer

    Joined:
    Jan 9, 2003
    Posts:
    4,354
    Location:
    France
    Hi kamui,

    Just tested it, with the basic enhanced ruleset, and it reported the following:


    ______________________________________________________________________
    We have determined that you have a firewall blocking UDP ports!
    We are unable to scan any more UDP ports on IP: xx.yy.zz.23 . . .

    You have blocked all of our probes! We still recommend running this test both with
    and without Sygate Personal Firewall enabled... so turn it off and try the test again.

    ______________________________________________________________________

    So, I don't know if the problem is really coming from the ruleset.

    Do you have some alerts in the Look 'n' Stop log page when you perform this test ?

    Perhaps your router is answering directly to the scanner ? and the packets are not even seen by the PC ?

    Frederic
     
  3. kamui

    kamui Registered Member

    Joined:
    Aug 19, 2003
    Posts:
    218
    Location:
    France
    Thx Fred , I think you are right because I try Lns 2.05+Ph rules 5 with my old Alcatel Speedtouch Usb Modem , and I passed this test :cool: . and have block log in Lns :).

    But with my Cisco C827 , no log in Lns2.05 and test failed , the problem come to my router ,I need to most secure my ACL .

    In this case , am I protected with cisco c827 and lns 2.05 o_O? .
    Regards ,
    Kamui
     
  4. gkweb

    gkweb Expert Firewall Tester

    Joined:
    Aug 29, 2003
    Posts:
    1,932
    Location:
    FRANCE, Rouen (76)
    Yes you are, ports reported as being closed are those from your routers, not your computer.

    Same if you go throught a proxy, with many scanner, it won't be your computer which will be scanned but the proxy, displaying "wrong" results.

    regards,

    gkweb.
     
  5. kamui

    kamui Registered Member

    Joined:
    Aug 19, 2003
    Posts:
    218
    Location:
    France
    oki guys , that reassure me .

    in french ,

    Merci les gars sa me rassure ;)

    ++
    Kamui
     
  6. kamui

    kamui Registered Member

    Joined:
    Aug 19, 2003
    Posts:
    218
    Location:
    France
    I retry the test with my new ACL and it's passed :cool:

    Cisco powaaaaaaaaaaa *puppy*
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.