Privatefirewall 5 released

As for the Leaktest 1.2

As "Hipgnosis", stated, you must rename the leaktest to the name of a program already given internet access.
I have just tested Privatefirewall for this, and the firewall is intercepting the changed file (see attached pic).

If this test is failing on some setups, I would ask if they have any other security applications on their PC (such as PG, SSM etc)

 

Will you be adding the ability to control localhost comms. Currently, if such an application as "Proxo" is used, then your application internet access control is bypassed. (there are other concerns due to this possible bypass)

 

We are prepping for a vista-compliant update and will consider this during the process. We are targeting March for a release date.

Thanks,

Chris Iannicello
Product Manager, Privacyware
www.privacyware.com

 

Just been trying this firewall out and it seems as if it doesn't want to do what i set it to do. With default rules i tried to connect to the net with firefox and a few prompts come up to which i clicked 'allow', yet i see pfw blocking data and firefox cannot connect. The only way i have been able to connect is if i set firefox rules to allow all data.
I then selected 'enable training mode' from the settings menu yet i still get prompts about allowing apps to access the net.
I'm running pfw alongside nod32 on xp home with sp2 fully updates. Whats going on here?

 

Hi farmerlee,

I normally manually create all rules for my applications but:-

I have been taking a look at the rules creation, and it looks buggy.

Explanation:
The rules for HTTP connection require TCP to remote port 80 and need to be allowed (within this firewall) for both inbound and outbound. When you are first prompted for this, there is a direction within the rule, so on first popup and you allow(remember/create rule), a rule is created to allow the outbound, but then the returned packets are being blocked without prompt. So you need to manually edit the rules to allow both outbound and inbound for the connection to be allowed.

 

I find that if the network security is set to high it blocks all my apps even if i have training mode enabled. Only when i set netwok security to low does it allow me access.

I don't fancy having to go thru manually setting rules for all my apps as you've explained.

I guess i'll have to stick with dsa for now until pfw becomes better suited to my preferences.

 

Played around with pfw a bit more, i found that the windows dns client service needs to be running in order for pfw to work properly.
Normally i have it disabled and other firewalls have run just fine.

 

I do not (never) have the DNS client active. I see no problems related to this.

 

Also one thing I dont like about this fw , is that doesn't have termination protection...

 

Hi dah145,
Using APT, the 12 basic termination tests, of which 10 will run on my setup, the firewall will block all 10.

Edit:
It as also just blocked all 16 SPT kill attempts.

 

Reading between the lines here, it appears your becoming more impressed each day with this firewall Stem!.

 

Hi tobacco,
Yes,.. I was put off at one point due to a reply made (by "ciannicello") concerning the interception of windows comms. (but it appears he did not correctly read the post he was agreeing with)

After playing for a while, although it seems a bit buggy with firewall rules creation, I am starting to like the protection given.

 

Thats strange, as soon as i enabled this service pfw seemed to start to behave itself. If this is not the problem i guess i'll have to keep looking.

 

mmm, maybe I did something wrong.... I am going to reinstall it and test it again... Because it looks good.

 

Hi dah145,
What you may of missed,.. Have a look at the "Process Monitor" settings.

For example, when I first ran "APT", it did manage to KILL on method 2, but I noticed that APT had not been added to the application list, so on the Process Monitor "Medium" setting(default), APT was not being intercepted. I changed the setting on this to "High", which then makes the "Monitor" check all applications within the system.

 

Are these tests done with the default settings?

 

Ok thanks for the suggestion.

 

Hi CJsDad,
I just changed the "Process Monitor" to "High", all other settings as default

 

Thanks Stem.

 

Hi Stem,

Thanks, I appreciate you testing this firewall out for everyone. It's nice to hear opinions and see some useful info concerning other various software firewall products (options) like this one available to users.

BTW, I haven't seen a dedicated "user forum" for privacyware products anywhere....are you aware of one?

And regarding the above.....are you suggesting that the "only" tweaking (at least CURRENTLY) really necessary for this firewall is to adjust the process monitor from medium to high?

Also, does PFW install as a "service", and how quickly does it "load" (including the sys tray icon, etc.)? How many "processes" do you see pertaining to Privatefirewall, and what's the memory and CPU associated with each?

Thanks

P.S. - is the sys tray icon the cop with the stop sign, or the two-color shield?

 

Hi farmerlee,

On re-checking, it does appear the rules creation problem is caused when the DNS client is diabled.

 

Hi JR,

No, the question was asked on this forum, but no reply given (Maybe "ciannicello" will return to answer?)

For my testing, and for the correct interception of the "KILL" test I made, yes.
The rules for some windows applications are too open, As example: IE is allowed all activity (Terminate/ Manipulate services etc, etc), which I personally think is dangerous. So users of IE should look at these settings.

There is a service installed, but this is currently Stopped, it is set to autostart, so not sure as of yet what is going on there.

With the service stopped, there is only one firewall app running "PF5.exe" current memory: 19816k (showing peak at 22052k). There is very little activity from the cpu due to this process.

The cop.

 

Hi Stem,

Yeah, hopefully ciannicello will reply and provide some info. And if one doesn't currently exist, hopefully they are planning to implement one or will strongly and seriously consider it. It just seems that vendors with a forum presense support their customer base better, which in turn gains favorable reviews, compliments, and more recommendations, etc.

Thanks for that info. Perhaps maybe he can address the bold-faced text highlighted above and provide a little more info on this one as well.....

Hmmm....that's interesting. I definitely would like to hear exactly why that is. I'm guessing that it loads fairly early, but it just seems I've heard that firewalls (i.e. - Look 'n' Stop, etc.) just seem to load a little earlier whenever there is a "service" associated with it. I guess I'm also just a little surprised that with the integration of the "Dynamic Security Agent" that there wouldn't be a second running process.....

Thanks. OK, now you've got me curious....

does it "monitor" traffic activity with a http://www.privacyware.com/img/PF_Icon_Small.gif whenever traffic is being allowed, and then with a http://www.firewallleaktester.com/images_site/pf.gif whenever something is being blocked?

That would be kinda cool......

 

Yeah i've noticed that some activities seemed to be allowed with dns client disabled and some activities seem to be blocked even if i allow them. With it enabled, all seems to be running smoothly at the moment.

 

Hi farmerlee,
With the DNS client disabled there is a problem with the creation of the DNS rules for applications, these are only created for one direction, but then blocked. If I manually create the DNS rules then all other rules are automatically created correctly on access. It must be a bug.