Free, Light App For Outbound Connections

Well, i've tested out several firewalls and found PCTools and Private Firewall to run the best on my system. However, both of these ended up interfering with a program and were therefore removed. The latest being Private Firewall preventing Prevx from scanning new installs, etc. despite giving Prevx full open access in the rules.

So since i'm already behind a router, i thought i would try to "fore-go the firewall route" and use something else for outbound internet monitoring.

Looking for a free and lightweight app that will tell me when an outbound request is made and give me the option to allow/deny "once" or create a "standing rule".

Again, outbound connections only. I don't want to be popup bothered everytime a program tries to run (full HIPS)

Can Sandboxie be setup this way or is it just whatever is running in the sandbox??

Thanks!

 

Sandboxie can be configured to only allow outbound connections from designated applications, but you aren't going to get any on-the-fly options. If you set restrictions on network connections then you have to specifically configure Sandboxie for each application to allow.

You can do what you want with Threatfire by enabling the included custom rule for processes enabling network connections.

 

Online armour free w/ HIPS off. You can configure the firewall under advanced user.

 

That firewall did not play well on my setup.

 

I understand that program is a behaviour blocker. Can it be used for outbound connections "Only"?? No other action popups??

 

Tobacco,
It sounds like you are looking for a light weight firewall w/ outbound only. Have you tried look nstop or sunbelt personal firewall? You might also try and figure out the problem with the firewalls that do work with your system. I can't think of any programs other than a firewall that monitors and allow/deny access to access the net.

 

Well, I'd suggest LnS as well, be he wants a free one...

 

Yes, the construction industry where i live is still suffering

 

look n stop is lite

 

I tested all the freebies and any major conflicts or major bootup slowdowns were immediately yanked. The 2 i mentioned i spent time investigating and trying to correct the issue but enough was enough which is why i want to try another direction. I'll try an HIPS if i can disable it to only watch outbound connections.

 

No, you can't disable the behavior blocker. But it is lightweight and free, and if you turn it down to its lowest settings you'll probably never see a popup.

 

Yes set sensitivity level to 1 and you are done

 

Thanks - am testing right now in a VM, in WonderShare Time Freeze, in Sandboxie

 

There's a link for Look 'n' Stop Lite in this post if you're looking for a free version of this lightweight firewall.

 

Thanks but my bad - i didn't say i run Vista32 and it says XP and older. Secondly, from the description it looks like inbound protection only in that free version??

 

I'm liking so far with it set at "2". Very light. Wonder if it's outbound blocking abilities have been tested??

Thanks Again

 

for a light app...

i would recommend

http://www.privacyware.com/

 

Free? Light?

Kerio 2.15 - Lightest
Sygate 5.5 - Very Light (turning off IDS lightens it a lot)

 

i am very tempted to try threatfire again

 

Bootup time a tad slower now but besides that, Threat is playin well with Avira and Prevx.

So far, as a non-firewall app, it is fulfilling my outbound protection needs.

 

Great stuff Kees, didn't know that. Been using the latest threatfire for a couple of weeks now, on its own (network connection alerts enabled), with Hitman Pro on-demand and sandboxie. Awesome.

 

Yep,

See some older instruction https://www.wilderssecurity.com/showthread.php?t=253507

Please make two precautions

1. Make sure you create a restore point before Quarantaine (see older post)

2. Secure explorer from being quarantained

Remove an allow outbound connection program from the Allowed list in threatcontrol (e.g. WindowsMediaPlayer). Now start WMP, choose KILL! Then start WMP again: Terror will strike into your heart wih the following pop-up: TF tries to quarantaine Explorer because it launches a untrusted program. Now choose ALLOW + REMEMBER. again start WMP and also choose ALLOW + REMEMBER.


For XP users running admin (and Windows 7 users running UAC default) and wanting to add startup protection of HKLM: Download Autoruns (from Microsoft), run it and simply add all keys listed in HKLM) see picture (Note when you run full UAC in Vista or Windows7 registry keys of HKLM are protected)

 

Yes,

For a reasonable knowledgeable PC user, Windows 7 with UAC on default, my registry download protection tweak (using Chrome as Browser) and TF (set sensitivity level to 1) looking at autorun keys and outbound, you get a decent protection.

DJames has promised me that they would add sensitivity level and the ADS bit (which I use for my registry tweak) of mail attachements and downloaded files (the ADS bit which prompts Windows for a warning) to the custom rules.

This would make custom rules possible like

When any process
tries to execute a file
which has been downloaded
set sensitivity level to 4

regards Kees

 

Great info there Kees

Would you give us your general option on Threatfire??

 

For a freebie it is a good application. In the time the HIPS were real 'dumb' meaning the user had to know, it was a breakthrough technology.

Currently I think PrevX has the best BB implementation. WIth HIPS going smart (e.g. Comodo Sandbox), It is still a viable strong solution. But they big plus (less user knowledge) is reducing because ithers get smarter.

I really like the custom rules, I really dislike the auto quarantaine, as illustrated with my bewares. I think they shot themselves in the foot. TF was the best BB, so they even imitated AV behaviour (quarantaine). The reported false quarantaines are really decreased. You can influence it by adding trusted processes (they will never be quarantained).

Still for a knowledgeable user TF on sensitivity level 2 or 3 with some custom rules is a strong free solution.