Windows Firewall Control (WFC) by BiniSoft.org

Discussion in 'other firewalls' started by alexandrud, May 20, 2013.

  1. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,411
    Location:
    Romania
    You can check the changelog located at https://www.binisoft.org/changelog.txt and you can decide if you want the new improvements or not. Yes, I recommend you to install the latest version which is 5.4.1.0. I also use this version on my computers.
     
  2. Special

    Special Registered Member

    Joined:
    Mar 23, 2016
    Posts:
    454
    Location:
    .
    5.3.1.0 was the last version before the Malwarebytes acquisition and added telemetry put in, it's also the last version that has a great feature called "Secure Rules" which was removed to keep stupid people from hurting themselves, but as Alex says, read the changelog and decide for yourself.
     
  3. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,411
    Location:
    Romania
    I had to revert that implementation of Secure Rules because there were too many support emails each day complaining that "your software broke my Windows 10 computer" :( My new security software which will be ready this year, will be able to define protected registry keys and that key could be added :)
     
  4. myk1

    myk1 Registered Member

    Joined:
    Sep 2, 2012
    Posts:
    157
    Location:
    Belgium
    I will follow your recommendation for my 'updated' Win (1709 etc... in the future).
    What about my Win ver 1511 (I do not plan to update it) ? >> can I install your last WFC version?
    Thanks!
     
  5. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,411
    Location:
    Romania
    Yes, sure. When there are reported problems, they are usually with the latest updates from Windows 10. For version 1511, any version of WFC will work just fine.
     
  6. myk1

    myk1 Registered Member

    Joined:
    Sep 2, 2012
    Posts:
    157
    Location:
    Belgium
    Thanks again...!
     
  7. Special

    Special Registered Member

    Joined:
    Mar 23, 2016
    Posts:
    454
    Location:
    .
    Looking forward to see what you come up with, you make good stuff. It's to bad about Malwarebytes buying you and your WFC software (from a user point of view) because since then WFC has just halted development as can be seen from the changelog above, only minor maintenance stuff that doesn't amount to much. I always wonder what could've been, what was being cooked up for WFC future if you were still independent, possibly adding an easy way to edit the HOST file or something. Maybe a possible feature for a new security program. :p
     
  8. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,411
    Location:
    Romania
    Regarding the development of WFC, yes, it is a great loss that the development is stagnating, but I already do my best to ensure that the project will continue. Unfortunately, I'm not able to set the priorities for this project anymore.
    Meanwhile, I started Biniware, I am currently developing Biniware Run and soon I will start the new security software that I have in mind.
     
  9. guest

    guest Guest

    I was expected it. WFC is taking the road of Threatfire...
     
  10. myk1

    myk1 Registered Member

    Joined:
    Sep 2, 2012
    Posts:
    157
    Location:
    Belgium
    No, no EXCELLENT stuff ! Alex is a real computer programmer...
    edit: an idea for you >WinPatrol (the only good WinPatrol, made by Bill Pytlovany, who was also a real programmer) is dead, just make a new one!
     
    Last edited: Jan 31, 2019
  11. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,411
    Location:
    Romania
    Want to hear something funny? My first bachelor's degree is in Law, not Computer Science. Also, studying Law was easier and nicer than studying Math and Algorithms. But life is full of surprises.
     
  12. myk1

    myk1 Registered Member

    Joined:
    Sep 2, 2012
    Posts:
    157
    Location:
    Belgium
    Oh yes...35 years ago I was a medical doctor, and after I started computer sciences...As you say, ' a lot of surprises' LOL!!
     
  13. paulderdash

    paulderdash Registered Member

    Joined:
    Dec 27, 2013
    Posts:
    4,639
    Location:
    Under a bushel ...
    Intrigued. :geek:
    :thumb:
     
  14. Roberteyewhy

    Roberteyewhy Registered Member

    Joined:
    Mar 4, 2007
    Posts:
    610
    Location:
    US
    Bring it On!:shifty:
    Ain't that the truth!

    Robert
     
  15. ravenise

    ravenise Registered Member

    Joined:
    Jul 18, 2009
    Posts:
    92
    Ah that is a great idea! I'm just curious which Delivery Optimization mode will hit those ranges in particular; I guess I could watch and see what appears. Its a lot of bs though. After blocking Windows telemetry via hosts, so far windows has been relatively quiet; I just want to be able to detect what service exactly is trying to call out and the only possible solution I've come up with involves process-monitor monitoring svchost.exe 24/7 until I find the culprits.

    I've been looking for some kind of firewall just for windows services and I don't see anything out there; I've been enjoying windows firewall for years now but I'm considering playing around a bit with something that offers more granule control. Does comodo offer this kind of functionality? individual service blocking?
     
  16. RioHN

    RioHN Registered Member

    Joined:
    Mar 14, 2017
    Posts:
    117
    Location:
    Here
    If you only want to monitor what services are connecting out you can force services to use their own svchost using the sc command. E.g:

    sc config wuauserv type= own

    Above would force windows update service to use it's own svchost and not share with other services. You could then programmatically query each svchost to check which service is running in it (or tasklist /svc) giving you the PID of actual services. PID is often displayed in prompts and logged by firewalls and monitoring software.

    Personally I'm not a fan of maintaining a huge white list of IP's as it's time consuming and it's likely some are used for more than just windows updates. Add to this the frequent use of akamai and other CDN's.

    Although I believe my current setup is capable of blocking and allowing individual svchost services I currently update windows using the catalog server (I'm on windows 7 and not sure if I'll do the same on 10)
     
  17. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    4,064
    Location:
    Canada
    Of possible interest, websites that a clean install of Windows 10 will connect to:

    -https://betanews.com/2018/07/31/all-the-websites-windows-10-connects-to-clean-install
     
  18. lunarlander

    lunarlander Registered Member

    Joined:
    Apr 30, 2011
    Posts:
    326
    Hi,

    I noticed your firewall specified a rule for Windows Update as 'svchost port 443' . I am trying to narrow the Windows Update process down to the actual service wuausvc and its accompanying services. Why did you specify your Windows Update rule as svchost port 443 ? Isn't it a bit broad ? That would allow all running services?
     
  19. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,411
    Location:
    Romania
    Do a search for "wuauserv" in this topic and you will find the reason mentioned several times. For example this one.
     
  20. lunarlander

    lunarlander Registered Member

    Joined:
    Apr 30, 2011
    Posts:
    326
    Thanks alexandrud.
     
  21. lunarlander

    lunarlander Registered Member

    Joined:
    Apr 30, 2011
    Posts:
    326
    I am getting Notifications for 'MS Account Sign in Assistant' . But I have a Allow Outbound rule for svchost.exe, for that service specified, all protocols, all ports. Why is it popping up? Have I specified the rule incorrectly ?
     
  22. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,411
    Location:
    Romania
    In Windows 10, service based rules don't always work. One example is Windows Update (wuauserv) for which you can't define anymore a service based rule for svchost.exe. I mean, you can define it, but Windows Update will not work. It may be possible that the same applies here too. But how do you know that the notifications are for 'MS Account Sing in Assistant' ?
     
  23. krawhitham

    krawhitham Registered Member

    Joined:
    Apr 20, 2015
    Posts:
    4
    Anyway to make "Learning Mode" a true "Learning Mode" and not auto accept digitally signed programs, is their a setting I'm missing or did someone misname "Learning Mode"?
     
  24. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,411
    Location:
    Romania
    What you call a "true Learning Mode" is called "Display notifications". There is no misname since all settings have descriptions and also an extended description in the user manual. Please check the user manual.
     
  25. lunarlander

    lunarlander Registered Member

    Joined:
    Apr 30, 2011
    Posts:
    326
    I know because I looked up the PID provided in the notification. In task manager, services tab, there is a pid column.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.