TinyWall Firewall

Discussion in 'other firewalls' started by ultim, Oct 12, 2011.

  1. bellgamin

    bellgamin Registered Member

    Joined:
    Aug 1, 2002
    Posts:
    8,102
    Location:
    Hawaii
    New question for anybody/everybody: I have an app (namely WinZip) that I have allowed to connect out to IP 9.9.9.9. I checked that IP via THIS useful outfit and found it applies to dns9 dot quad9 dot net. That quad9 outfit gets explained by Wikipedia HERE. Ergo, it all sounds innocent enough, so I allowed the connection. However, I am curious as to what & why WinZip is doing this. Sure, I could ask WinZip's outfit but that runs the risk of a polite "none of your business" reply so -- why open myself up to a possible put-down -- where's the fun in that?

    Any & all comments are appreciated (it's a slow lockdown day in Hawaii). :-*
     
    Last edited: Jul 21, 2020
  2. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    4,064
    Location:
    Canada
    Aloha bellgamin!

    you must have DNS service disabled. Not a problem, of course. WinZip will probably want to connect to an http or https remote IP, likely an update server. As a result, it should be okay, although not really necessary if you would rather check for and install updates yourself.
     
  3. bellgamin

    bellgamin Registered Member

    Joined:
    Aug 1, 2002
    Posts:
    8,102
    Location:
    Hawaii
    10Q VERY much!!! :thumb:
     
  4. myk1

    myk1 Registered Member

    Joined:
    Sep 2, 2012
    Posts:
    158
    Location:
    Belgium
    Hi everybody,
    General question!
    What would be the advantages (? superiority) of this software (i.e. TinyWall) compared to Windows Firewall (assuming that Windows Firewall would be managed with WFC-Control ) ?
    Thanks.
     
    Last edited: Jul 25, 2020
  5. NormanF

    NormanF Registered Member

    Joined:
    Feb 20, 2009
    Posts:
    2,874
    Its a GUI to Windows Firewall. Makes settings easier to manage.
     
  6. myk1

    myk1 Registered Member

    Joined:
    Sep 2, 2012
    Posts:
    158
    Location:
    Belgium
    ?? Tinywall is a GUI to windows firewall?? Strange..
     
  7. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    WFC is pretty good, but on my system it had a bug that wouldn't always let me make outbound rules. TW doesn't have this bug so that's why I switched. Actually, I'm using both WFC and TinyWall, but it can cause problems on certain systems when combining them.

    No, it's not anymore. It works independent of the Windows Firewall, so even if you disable it, TinyWall will keep protecting the system. In contrary to WFC, which is a GUI with extra features for the WF.
     
  8. Sm3K3R

    Sm3K3R Registered Member

    Joined:
    Feb 29, 2008
    Posts:
    611
    Location:
    Wallachia
    Tinywall is an interface for the Windows Filtering Platform.
    Not the best source, but to get an idea - >hxxps://en.wikipedia.org/wiki/Windows_Filtering_Platform.
    WFC is an interface for Windows Firewall.
     
  9. myk1

    myk1 Registered Member

    Joined:
    Sep 2, 2012
    Posts:
    158
    Location:
    Belgium
    Thanks.....but why would (I) choose Tynywall and not WindowsFirewall (+WFC) ? (or the opposite?!!)
     
  10. myk1

    myk1 Registered Member

    Joined:
    Sep 2, 2012
    Posts:
    158
    Location:
    Belgium
    Thks..
     
  11. ultim

    ultim Developer

    Joined:
    Oct 12, 2011
    Posts:
    703
    Location:
    Hungary
    By using the WFP directly and not being an interface to Windows Firewall, TinyWall has some features that cannot be achieved with Windows Firewall (+WFC): boot-time filtering, raw socket filtering, more reliable firewall protection, and less resource-intensive connection monitoring (without constant harddisk access). If you don't care about the technical side of things much, then you'll decide based on which graphical interface you find easier to use, TinyWall's or WFC's. Some people cannot live without connection popup windows, then they should choose WFC.
     
  12. myk1

    myk1 Registered Member

    Joined:
    Sep 2, 2012
    Posts:
    158
    Location:
    Belgium
    Hi!
    Nice to meet you!
    Indeed, personally I don't have an SSD, but inevitably my next PC will have at least one, maybe two and we know that they are very sensitive to disk access.
    I haven't seen a user's guide. I know that it takes a considerable amount of time to write one ...

    After a quick read of the forum, I propose to install your soft as follows (please note that I often work with a lot of caution, I work with my machine!):

    1- physically disconnect the PC from the Internet
    2- disable the Windows firewall.

    I understand that points 1 and 2 are not at all essential. But as I said, I do at the safest.

    3-Install the software (administrator mode is not recommended).
    4-Reconnect the PC to the Internet and restart it.
    5-Use auto-learn until I have used all the applications of my computer.

    And then ?!
    Thanks!
     
  13. ultim

    ultim Developer

    Joined:
    Oct 12, 2011
    Posts:
    703
    Location:
    Hungary
    Nah, no need to do all that. First, from TinyWall's perspective there is no difference if it is running with or without Windows Firewall. So I would recommend keeping Windows Firewall on (in its default state), otherwise Windows Security Center will (falsely) nag you about installing a firewall. Then, since you never disable Windows Firewall, there is also no need to unplug and re-plug your internet. Restarting the PC is also unnecessary when installing TinyWall, a restart is only recommended when you're installing a beta or test release. So with all these in mind, your above steps simplify to 1) Install TinyWall, 2) Create any rules necessary.

    As for creating an initial ruleset, yes autolearn is one possible way, but I generally only recommend it only on newly installed PCs to avoid learning any possible malware on the computer. The basic way to use TinyWall is the same right after installation as well as "and then" later on: When an application you want to use cannot access the network, you try unblocking it using the "by window" method, because that is by far the easiest one to use. If your application still cannot access the internet, then you open TinyWall's Connections window to check what was blocked, and you unblock anything related to your application in question, and ignore everything else there.
    For some Windows services, such as WSL2 or File and Printer Sharing, be sure to enable the corresponding built-in rule under Manage->Special Exceptions.

    This is pretty much everything you need 95% of the time. I've been planning on making some short tutorial videos on Youtube for a while now instead of a manual, but whenever I sit down to work on TinyWall, I always end up working on the code instead of the videos :D Anyway, there will be tutorials at some point, let's hope earlier than later.
     
  14. plat

    plat Registered Member

    Joined:
    Dec 19, 2018
    Posts:
    2,233
    Location:
    Brooklyn, NY
    Some elaborate ways described--I simply installed it while online, went to the System tray and took it from there. I actually didn't know there was an "Auto Learn" function until after the fact, when I was already used to whitelisting by hand. For example, I'm successfully blocking the horrid ASUS updater by including its child processes (I really don't trust ASUS software very much btw) and try to limit when a prog/app is "unrestricted."

    Though I'm still learning about TinyWall, I really like this software, thank you. :)

    Turns out this can't be done, it seems, though I will certainly be glad if corrected. After the machine started suddenly restarting for no reason, I looked in Event Viewer and the ASUS updater had "successfully completed" an operation, whatever that means, coinciding with the time the restart occurred. It seems ASUS utilities can bypass normal Windows pathways. :cautious: I had to unblock ASUS updater in Services to stop the sudden restarts. Dang!
     
    Last edited: Jul 29, 2020
  15. myk1

    myk1 Registered Member

    Joined:
    Sep 2, 2012
    Posts:
    158
    Location:
    Belgium
    :)
    Thanks, I'll give a try!
     
  16. kenw

    kenw Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    145
    Location:
    Brighton, Colorado
    The new TinyWall is now a standalone firewall. Version 3 starting in March 2020.
     
  17. ultim

    ultim Developer

    Joined:
    Oct 12, 2011
    Posts:
    703
    Location:
    Hungary
    I am yet unaware of any software that provenly bypasses the WFP. My guess is that you have a firewall rule with unexpected/unwanted side effects. One likely suspect is the Windows Update rule under TinyWall's Special Exceptions tab. If you are curious to figure this out you could try disabling it and then see again if the ASUS updater can still get out, but only for a learning effect. My recommendation is still to enabled Windows Update and to not block it.
     
  18. plat

    plat Registered Member

    Joined:
    Dec 19, 2018
    Posts:
    2,233
    Location:
    Brooklyn, NY
    I am definitely taking your recommendation but this would apply to the ASUS updating utility, which doesn't seem to go thru typical Windows channels.

    A quick note: with the TinyWall blocks, every time the ASUS updater would come around, the machine would display half a blue screen and restart. Not a BSOD, it was directly connected to ASUS' update checks and had the same time stamp. Not messing with that any more-I had to wipe my drive and re-install Windows due to a botched BIOS adjustment. Now, no problems, the updater runs unhindered.

    Thanks for advice, I'll take it and run. :)
     
  19. Sm3K3R

    Sm3K3R Registered Member

    Joined:
    Feb 29, 2008
    Posts:
    611
    Location:
    Wallachia
    Let me give you an advice: Remove the ASUS/MSI/whatever crapware utilities from your computer !You do not need it.

    If you want overclocking, do it from the BIOS, if you want BIOS updates, do it from the BIOS or whatever method is not using the Windows OS, if you want to keep your drivers up do date do it manually.If you want monitoring use a better tool.
    Those so called utilities will destroy your OS or BIOS sooner or later.

    I doubt tinywall has anything to do with your BSOD-s.
     
  20. plat

    plat Registered Member

    Joined:
    Dec 19, 2018
    Posts:
    2,233
    Location:
    Brooklyn, NY
    Let me steer this a little bit away from BSODs and bloatware, back to: unable to stop ASUS updater with TinyWall. I've already done some online searching and it seems one can't stop it as it's active via the BIOS. It's in Services, but nowhere in Apps and Features or Programs and Features, which means it wasn't installed via Windows and surely not by me.

    I have it checked off now so it can run. Previously, trying to block it with TinyWall led to several problems, including that which I described above. As for bloatware, this is a custom build and doesn't have any. Tried to get rid of/block that updater--more trouble than it's worth.

    aud.PNG
     
  21. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    BTW, I haven't upgraded yet, because an older version of TW works just fine. However, I still wonder if you can ditch usage of WMI? Every 20 minutes or so it will use 25% of CPU time, but for what exactly? I believe a standalone firewall shouldn't need it. Has this perhaps been improved in the newest version? BTW, I don't mean this in a harsh way, and it's not THAT big of a deal, but I still don't like it.
     
  22. kenw

    kenw Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    145
    Location:
    Brighton, Colorado
    A problem with 3.0.7, the taskbar goes to a gray color, when I try to change I get 'can't communicate, task manager shows one gray icon and one icon for normal mode. The last time I reinstalled it. Rebooting does not change anything and it is not blocking my network access. No problems with previous versions. The msi installer only allows remove, not repair.
    This was in the event viewer KERNELBASE.dll as causing it.
    Ideas Please

    Thanks
     
    Last edited: Aug 1, 2020
  23. kenw

    kenw Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    145
    Location:
    Brighton, Colorado
    I reverted to 3.0.5 as 3.0.7 failed two more times.
     
  24. ultim

    ultim Developer

    Joined:
    Oct 12, 2011
    Posts:
    703
    Location:
    Hungary
    If it is happening only every 20 minutes, then I don't think it is caused by TinyWall. The connection speed monitor in the GUI used to use WMI every couple of seconds, but since version 3.0.5 TinyWall uses a different method and not WMI anymore. The only other feature that often relies on WMI is subprocess monitoring, so I could advice you to make sure it is not turned on for any rules, but since this CPU spike only happens every 20 minutes on your machine, it is safe to say it is not caused by this feature, since that would trigger it much more often. The only other uses of WMI in TinyWall is for notification of rare events, such as when a new drive letter appears or a network adapter gets reconfigured with a new IP address. These happen very rarely as you might also guess, not every 20 minutes, and there is no need to optimize these away.
     
  25. ultim

    ultim Developer

    Joined:
    Oct 12, 2011
    Posts:
    703
    Location:
    Hungary
    Please send me all the log files (if they exist) under C:\ProgramData\TinyWall.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.