CHX Packet Filter - Sample ruleset
in [Firewalls]
|
Prev: spnego Nestaq
Next: Zone Alarm Weirdness
From: Leatrice on 5 Sep 2006 14:13 Running Kerio 2.1.5 and having read about its fragmented-packet vulnerability, I've downloaded CHX3 from http://www.idrci.net/ . Many posts on Google mention downloading the sample ruleset and registering with the website. All I can see on the Third Brigade website are 5 download files and the online documentation, which I have had an initial browse through. It's a bit bewildering at the moment and I was hoping to download and the sample ruleset and take it from there. I'd be really grateful if anyone could point me in the direction of the mysterious "sample ruleset"? Many thanks. Martin
From: Kerodo on 6 Sep 2006 01:01 In article <44ff0dc9(a)news.greennet.net>, vdp3r(a)hotmail.com says... > Running Kerio 2.1.5 and having read about its fragmented-packet > vulnerability, I've downloaded CHX3 from http://www.idrci.net/ . Many > posts on Google mention downloading the sample ruleset and registering with > the website. > > All I can see on the Third Brigade website are 5 download files and the > online documentation, which I have had an initial browse through. > > It's a bit bewildering at the moment and I was hoping to download and the > sample ruleset and take it from there. > > I'd be really grateful if anyone could point me in the direction of the > mysterious "sample ruleset"? > > Many thanks. > > Martin The CHX site has changed in the past year and it looks like they don't have the sample rule set there anymore. I'd try here in the CHX Forum: http://fluxgfx.com/ssc/ Look around and/or ask there. The CHX people post there off and on, and there are several other CHX users who may be able to help or give you a link to the sample set. The sample rules are quite simple. If I recall there are only 2 rules needed, that and you need to enable SPI. Be aware though, that out of the box with no rules, CHX allows all traffic and will not protect you against anything. -- Kerodo
From: Martin on 6 Sep 2006 04:41 Thanks, Kerodo. It was your archived Google posts that I mostly came across, and, whilst I have attempted to see the wood for the trees in the CHX online documentation, your posts with their simple and basic advice were the ones that seemed like a lifeline when swimming in treacle. Many thanks for your helpful reply. Martin "Kerodo" <loopback(a)localhost.com> wrote in message news:MPG.1f67f61dcd5f51c9989681(a)news.west.cox.net... > In article <44ff0dc9(a)news.greennet.net>, vdp3r(a)hotmail.com says... > > Running Kerio 2.1.5 and having read about its fragmented-packet > > vulnerability, I've downloaded CHX3 from http://www.idrci.net/ . Many > > posts on Google mention downloading the sample ruleset and registering with > > the website. > > > > All I can see on the Third Brigade website are 5 download files and the > > online documentation, which I have had an initial browse through. > > > > It's a bit bewildering at the moment and I was hoping to download and the > > sample ruleset and take it from there. > > > > I'd be really grateful if anyone could point me in the direction of the > > mysterious "sample ruleset"? > > > > Many thanks. > > > > Martin > > The CHX site has changed in the past year and it looks like they don't > have the sample rule set there anymore. I'd try here in the CHX Forum: > > http://fluxgfx.com/ssc/ > > Look around and/or ask there. The CHX people post there off and on, and > there are several other CHX users who may be able to help or give you a > link to the sample set. The sample rules are quite simple. If I recall > there are only 2 rules needed, that and you need to enable SPI. Be > aware though, that out of the box with no rules, CHX allows all traffic > and will not protect you against anything. > > -- > Kerodo
From: Kerodo on 6 Sep 2006 12:49 In article <44ffd985(a)news.greennet.net>, vdp3r(a)hotmail.com says... > Thanks, Kerodo. It was your archived Google posts that I mostly came > across, and, whilst I have attempted to see the wood for the trees in the > CHX online documentation, your posts with their simple and basic advice were > the ones that seemed like a lifeline when swimming in treacle. > > Many thanks for your helpful reply. > > Martin > > > > "Kerodo" <loopback(a)localhost.com> wrote in message > news:MPG.1f67f61dcd5f51c9989681(a)news.west.cox.net... > > In article <44ff0dc9(a)news.greennet.net>, vdp3r(a)hotmail.com says... > > > Running Kerio 2.1.5 and having read about its fragmented-packet > > > vulnerability, I've downloaded CHX3 from http://www.idrci.net/ . > Many > > > posts on Google mention downloading the sample ruleset and registering > with > > > the website. > > > > > > All I can see on the Third Brigade website are 5 download files and the > > > online documentation, which I have had an initial browse through. > > > > > > It's a bit bewildering at the moment and I was hoping to download and > the > > > sample ruleset and take it from there. > > > > > > I'd be really grateful if anyone could point me in the direction of the > > > mysterious "sample ruleset"? > > > > > > Many thanks. > > > > > > Martin > > > > The CHX site has changed in the past year and it looks like they don't > > have the sample rule set there anymore. I'd try here in the CHX Forum: > > > > http://fluxgfx.com/ssc/ > > > > Look around and/or ask there. The CHX people post there off and on, and > > there are several other CHX users who may be able to help or give you a > > link to the sample set. The sample rules are quite simple. If I recall > > there are only 2 rules needed, that and you need to enable SPI. Be > > aware though, that out of the box with no rules, CHX allows all traffic > > and will not protect you against anything. > > Martin, if that's a valid email address you're using here, then I can try to dig up my copy of the CHX sample rules and send it to you if you like? -- Kerodo
From: Martin on 6 Sep 2006 20:01
That would be brilliant, many thanks. It is a valid e-mail address. Could you guide me as to where to improt them. I am on dial-up, though I intend moving to ADSL in the future. Under Packet Filters (Global) I have: PGPnet Virtual Identity Adapter (MAC FF FF FF 00 00 00) and Dial-up or VPN (split into Public and Private) (I don't run the PGP service unless I wish to encrypt/decript a file containing sensitive info - I don't otherwise use PGP.) Sincere thanks. Martin "Kerodo" <loopback(a)localhost.com> wrote in message news:MPG.1f689bdd339aa22b989682(a)news.west.cox.net... > In article <44ffd985(a)news.greennet.net>, vdp3r(a)hotmail.com says... > > Thanks, Kerodo. It was your archived Google posts that I mostly came > > across, and, whilst I have attempted to see the wood for the trees in the > > CHX online documentation, your posts with their simple and basic advice were > > the ones that seemed like a lifeline when swimming in treacle. > > > > Many thanks for your helpful reply. > > > > Martin > > > > > > > > "Kerodo" <loopback(a)localhost.com> wrote in message > > news:MPG.1f67f61dcd5f51c9989681(a)news.west.cox.net... > > > In article <44ff0dc9(a)news.greennet.net>, vdp3r(a)hotmail.com says... > > > > Running Kerio 2.1.5 and having read about its fragmented-packet > > > > vulnerability, I've downloaded CHX3 from http://www.idrci.net/ . > > Many > > > > posts on Google mention downloading the sample ruleset and registering > > with > > > > the website. > > > > > > > > All I can see on the Third Brigade website are 5 download files and the > > > > online documentation, which I have had an initial browse through. > > > > > > > > It's a bit bewildering at the moment and I was hoping to download and > > the > > > > sample ruleset and take it from there. > > > > > > > > I'd be really grateful if anyone could point me in the direction of the > > > > mysterious "sample ruleset"? > > > > > > > > Many thanks. > > > > > > > > Martin > > > > > > The CHX site has changed in the past year and it looks like they don't > > > have the sample rule set there anymore. I'd try here in the CHX Forum: > > > > > > http://fluxgfx.com/ssc/ > > > > > > Look around and/or ask there. The CHX people post there off and on, and > > > there are several other CHX users who may be able to help or give you a > > > link to the sample set. The sample rules are quite simple. If I recall > > > there are only 2 rules needed, that and you need to enable SPI. Be > > > aware though, that out of the box with no rules, CHX allows all traffic > > > and will not protect you against anything. > > > > > Martin, if that's a valid email address you're using here, then I can > try to dig up my copy of the CHX sample rules and send it to you if you > like? > > -- > Kerodo |