Is Firewall Working Correctly?

Do or Do Not.
But quit griping. You're being petty.

 

Pegas:

Go into your Internet Options via the control panel or IE.
Click the Connections tab.
Click the "LAN Settings" button near the bottom.

Is "Use a proxy server for your LAN (These settings will not apply to Dial-up or VPN connections)" checked?

 

Thx Techfox1976 for the hint however I am not using a proxy connection.

 

Thanks for the feedback - could you let me know what OS you're using for these tests so that we can try to reproduce them internally?

Thanks!

 

Hi Joe,

Vista Business SP2 32-bit fully patched and updated in the Czech localization.

Looking forward to hearing from you.

Thanks & regards,
pegas

 

"Do or Do Not.
But quit griping. You're being petty."

Just your opinion

I'm a paying customer and I have the right too

 

I hope all these gets fixed soon.

WSA just allows everything thru the firewall. No pop up even when I click the "warn if any process". Even after removing the app from the list.

And please add some way to delete the list. I have hundreds of items on allowed even though I've set "warn if any process" long ago.

 

You can right click on a process to remove it from the list. It's possible that the allowed state is being cached now as it was previously allowed.

 

Could you try looking in the firewall list and right click "Remove" on the entry for one of the applications that's able to connect outbound, and try it again to see if it is blocked?

 

From what PrevxHelp has said, you've already been running the 'firewall' in the AV-only version previously. You just weren't aware of it.

Quote:

 

Joe, I am off my PC now but I tried what you suggested today morning with Opera, so I removed Opera but once I run Opera its entry came back automatically with Allow. Other one I tried was VLC player, removed VLC process, run VLC again which conncted to the net without asking me for access. Checked the list of processes but VLC process wasn't back there.

 

I confirm what Pegas observed :

0- set the FW as "warn if any new, untrusted process connects to the internet..."
1- opened the Network Application" tab
2- launched VLC
3- observed the automatic allowance of VLC (no prompt)
4- did an update check of VLC via its GUI, connection authorized.
5- set VLC process to "Block", did an update check of VLC via its GUI, connection blocked.

http://i.imgur.com/dZGgm.jpg

6- deleted the VLC process from the list
7- redone the steps 1 to 5 with "Warn if any process...", same results.

 

That tells me the program is already trusted in the Cloud database with the setting 0 but try again with this setting.

TH

 

Thanks for helping, TH and Prevxhelper.

But TH, as u can see guest has already tried that (in step 7).

I have the same issue. Everything just goes thru the firewall unless I explicitly go to the list and select BLOCK. Removing it from entry justs adds it back as allowed whether or not I have "warn if any process.." turned on.

 

Thanks I need to open my eyes I don't use VLC but all my testing with that setting has passed Win 7 x64 and I just opened WinZip and checked for updates and I get the prompt as I did with the earlier posts.

TH

 

it seems that some softwares can bypass the FW but not all, i redone the test with some others apps , the FW caught them.

 

Today I was updating Adobe Flash player for IE9 as well as Opera 12.02 to the latest build (11.4.402.287). During the both updates a WSA prompt jumped out asking for the outbound permission to let Adobe online updater go on the internet. I chose Allow Once and the update finished successfully.

I have noticed later that the both updaters are listed in the network applications with action Allow (see below).



I tried a few other applications to access the internet and always opted to Allow Once and all these applications were automatically added to the allowed applications.

That's not correct behaviour because I opted Allow Once so these files shouldn't be automatically added to the allowed applications.

I verified the protected applications and they worked fine. I tried the Vista snippingtool and chose Allow Once and the snipping tool wasn't added to the protected applications. When I was trying to take another snapshot I was prompted to allow the file.

 

exactly, not only was it forced upon us,
it does even work correctly

 

You could always use it for its primary function as a Firewall Helper (ignore it completely but it will help in the event you get an infection and help to detect infections) as opposed to trying to use it in a capacity of a standalone firewall, which it is not and in no way claims to be. If you ignore it, pretend it's not there, has no configuration options, etc, as long as it doesn't get in the way in a way that it would not if the functionality weren't turned on, it doesn't hurt, and if it helps, that's even better.

 

I never heard of a Firewall Helper before

Think I'll use one that does not need help

Oh well

 

Oh, I didn't know your firewall was virus-aware.
The WSA is a firewall helper or firewall extender. That's why it's able to coexist with other firewalls and asks you to turn on Windows Firewall if no other firewall is installed. If you try to pretend it's a full firewall, you'll be just as disillusioned as if you try to pretend you're a unicorn.

- The code has always been there in the AV. It just didn't take action if there was something it would take action against.
- Now the code capability is activated, so if it sees something it should do, it will do it.
- If you can set it to default and ignore it and it does nothing negative, then it's just like not having it unless you are incapable of ignoring its UI.
- If you set it to default and it does something positive in the future, then it's a benefit.

So, other than the fact that you seem to be incapable of ignoring its UI, what negative impact has it had on your system at default settings?

 

hahaha mine is (aka OAP)

 

Trend Micro's top-of-the-line Titanium™ Maximum Security has a firewall helper also; that way the user can use the firewall of his/her choice.

Some of us like that; some of us like that a lot....

 

@guest Even Frederic said that Look'n'Stop will run with Windows Firewall https://www.wilderssecurity.com/showpost.php?p=1085394&postcount=2 so in fact you can run all 3 firewalls together without issues or slow downs but alittle over kill IMO!

TH

 

"Oh, I didn't know your firewall was virus-aware"
FIREWALL!! not AV, two different Programs

"firewalls together without issues or slow downs but alittle over kill"
of course this would be over kill, using more than one program to do
the same job is "bloatware"

I still prefer one that does not need help

and windows firewall doesn't even exist on my XP system at all,
along with 90% of the rest of it that has been removed