another Windows Firewall Control?

Discussion in 'other firewalls' started by moontan, Feb 15, 2011.

Thread Status:
Not open for further replies.
  1. CGA

    CGA Registered Member

    Joined:
    May 11, 2007
    Posts:
    18
    This is making me more and more confused. Now it's working again but WFC is rather slow at throwing up the notifications. Downloaded and tested with Chrome and it took about ten seconds until the notification came up.
     
  2. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,412
    Location:
    Romania
    Please open About window and choose to generate a new debug log file. Please send that file to our support email. Also please include a short description of your problem.
     
  3. ibydos

    ibydos Registered Member

    Joined:
    Nov 1, 2011
    Posts:
    5
    I would also like to see this feature, maybe make it optional so the user can choose if he likes one rule for a app and or "20" (like me).

    One short example:
    You got mIRC with 2 connections. 1st to 1.1.1.1:1111 so you connect and get the WFC Popup, u check ok thats where I want to go and define it only to connect to that ip:port. After 3h you create a second connection for another server like 2.2.2.2:2222 and try to connect and then wonder why it does not connect. Sure because the firewall blocks it and you wont get any response what so ever. WFC Should then popup again and ask for 2.2.2.2:2222 to be allowed or not.

    Best
    ibydos
     
  4. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,412
    Location:
    Romania
    I will try to add this feature in the next version. This is not a promise, but I will try to implement this. I'm thinking on a new checkbox in the notification form named "Don't alert me again for this program."
     
  5. TheMozart

    TheMozart Former Poster

    Joined:
    Jan 6, 2010
    Posts:
    1,486
    How can i know i can trust this firewall and that its not sending personal data somewhere?
     
  6. Greg S

    Greg S Registered Member

    Joined:
    Mar 1, 2009
    Posts:
    1,039
    Location:
    A l a b a m a
    In general or the WFC process? Either way, the first thing that comes to mind would be that a rule would have to be created for it send outbound. With that in mind, checking the rules in WFC or WFAS will show you that a rule has not been created without your blessing.
     
  7. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,412
    Location:
    Romania
    You can block wfc.exe from communicating through Windows Firewall. In this way you can be sure that "this program" does not send any data. Anyway wfc.exe does not collect any data, but if you don't trust...
     
  8. Greg S

    Greg S Registered Member

    Joined:
    Mar 1, 2009
    Posts:
    1,039
    Location:
    A l a b a m a
    I'll go on record to say that I trust you!
     
  9. delah

    delah Registered Member

    Joined:
    Oct 27, 2007
    Posts:
    81
    Location:
    Ireland
    +1 alexandrud.
    Fair play for giving it a try.
    If it happens I'll be along to buy 2 or 3 licences.:)
     
  10. Greg S

    Greg S Registered Member

    Joined:
    Mar 1, 2009
    Posts:
    1,039
    Location:
    A l a b a m a
    This is interesting, I launch Comodo Time Machine to take a snapshot, it wants to phone home for whatever reason and I deny it with Malware Defender. Then it tries to use WFC for doing it. I'll be the first to admit that I'm not that bright when it comes to this kind of thing and have to ask, how is it that this is possible? I'm sure it's nothing sneaky going on but don't understand Comodo's approach here.

    Untitled.jpg
     
  11. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,412
    Location:
    Romania
    It is strange. I have already added <generatePublisherEvidence enabled="false"/> in app.config. In this way we'll make sure that wfc.exe won't try to connect to Verisign to check the digital signature.

    Other news.
    1. I have found a way to read all the rules, inbound and outbound. From the next version WFC will work with WFwAS. I have resolved the compatibility problems between the WFC rules and the WFwAS rules, so when you make a modification in WFwAS it will be seen in realtime in WFC as well, and viceversa.
    2. I have added support for multiple notifications for the same program.

    The new version will be out at the end of this week, or the next one. Here is a screenshot from the new version.

    preview3100.png
     
  12. Broadway

    Broadway Registered Member

    Joined:
    Aug 16, 2011
    Posts:
    211
    That's phantastic! Great news!
    Looking forward to the next version :)
     
  13. Greg S

    Greg S Registered Member

    Joined:
    Mar 1, 2009
    Posts:
    1,039
    Location:
    A l a b a m a
    Me too!
     
  14. pabrate

    pabrate Registered Member

    Joined:
    Jan 21, 2010
    Posts:
    685
    Can you instead do that automatically so that hostname would appear in the alert window ?
    It can be in the same line as the IP address with the hostname in the brackets, or with the hostname bellow the IP address.
     
  15. Rilla927

    Rilla927 Registered Member

    Joined:
    May 12, 2005
    Posts:
    1,742
    It's been a while since I followed this thread...just a few questions.

    I donated and from what I remember I had to copy the install string in order to get activation key, correct. I will be installing it in a few days.

    Filtering should be at medium. Can rules be made through both WFC & WFwAS with out wiping anything out on either end?

    Is there anything else I should know before the installation?
     
  16. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,412
    Location:
    Romania
    It seems that the method used by .NET Framework (Dns.GetHostEntry("IP")) can use up to 5 seconds to find the host name, which in my opinion is too much and will block the notifications until it gets a response. Instead of this, I have already added the posibility to click on the remote address and the default browser will start a WHOIS query using that IP address using the website networktools.nl.

    Yes, wait a few more days until the next version is out. The new version will have full support for WFwAS rules. I have found a way to overcome the limitations from the old versions where I had to store WFC rules differently than those from WFwAS. From the next version you can make your rules either with WFC or WFwAS, and you will see the changes in realtime in both programs.
     
  17. Greg S

    Greg S Registered Member

    Joined:
    Mar 1, 2009
    Posts:
    1,039
    Location:
    A l a b a m a
    Will the next version be able to populate the Manage Rules dialog with existing WFwAS rules?
     
  18. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,412
    Location:
    Romania
    YES :argh: Finally.
     
  19. Greg S

    Greg S Registered Member

    Joined:
    Mar 1, 2009
    Posts:
    1,039
    Location:
    A l a b a m a
    Thanks!
     
  20. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,412
    Location:
    Romania
    Version 3.1.0.0 - Preview

    This version is available only here for Wilders Security Forums users, until the final version is out:

    What's new
    - Added support to create multiple firewall rules for the same program using WFC.
    - Added support to show multiple notifications for the same program, until the user select in the notification window: "Don't ask me again for this program".
    - Added support to read all inbound and outbound rules from WFwAS, and show them in WFC.
    - Added new columns in Manage Rules for: Profile, Enabled, Action, Service Name.
    - Added new menu items in Manage Rules: Import Policy, Export Policy, Full Screen.
    - Added new shortcuts in Manage Rules: Command Prompt, Network Tools, Keyboard Shortcuts.
    - Added Manage Rules in taskbar when the window is active and madei it act like a normal window instead of beeing always on top.
    - Added support to specify multiple port range as remote address.
    - Added support to modify profiles for the firewall rules. Double click a rule in Manage Rules.
    - Added support to do the search of a rule by pressing Enter key.
    - Added several keyboard shortcuts in Manage Rules. Press on "Keyboard Shortcuts" in Manage Rules to see them.
    - By clicking on the remote address in the notification window, a WHOIS query for this IP address will begin in the default browser by using networktools.nl
    - By clicking on the program icon from the notification window, file properties dialog for this program will show up.
    - "Active Network Connections" was removed due to the slow performance. Instead of this, in that window you will find listed the programs for that you selected not to show more notifications.
    - Updated the optional firewall rules that are made at installation to create several rules for svchost.exe to block: Akamai Technologies, Microsoft Limited, VeriSign.
    - Updated the optional firewall rules that are made at installation to create rules to allow only: WFC Updater, ICMP, Window Update.
    - Shell Integration is now available for all users.
    - More, which I can't remember now :)

    Conclusions:
    1. I have finally added full support fo WFwAS rules. The list in WFC is populated with WFwAS rules.
    2. I am open to new improvements which you think that the final version should have.
    3. Only normal DPI version is available now.

    Installation notes:
    1. Export your policy from WFwAS.
    2. Uninstall old version of WFC and choose to restore to default Windows Firewall settings.
    3. Import your policy from WFwAS.
    4. Install version 3.1.0.0 of WFC.
    5. You will have all of your rules in WFwAS and also in WFC.
    6. Start using the new version of WFC and share your opinions here :) Thank you.

    Download link:
    http://binisoft.org/download/preview/wfc.exe

    Thank you for your support !
     
  21. Greg S

    Greg S Registered Member

    Joined:
    Mar 1, 2009
    Posts:
    1,039
    Location:
    A l a b a m a
    Wow, great job! One question though, does the Manage Rules dialog/window have an option for hiding Microsoft built in default rules such as Core Networking etc.. ? Also notice that in Manage Rules, "Any" is missing from ports and addresses when "Any" is specified.
     
    Last edited: Nov 12, 2011
  22. Broadway

    Broadway Registered Member

    Joined:
    Aug 16, 2011
    Posts:
    211
    Phew...this is awesome! Great job! Experiencing no problems so far...
    Thank you so much!
     
  23. Broadway

    Broadway Registered Member

    Joined:
    Aug 16, 2011
    Posts:
    211
    I like that, because the view is more clearly laid out this way.
    Maybe this is a feature, not a bug ;-)
     
  24. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,412
    Location:
    Romania
    Use those two combo boxes from the left top and choose to view only WFC rules, or all rules, or just allowed ones, blocked ones, disabled ones, inbound ones, outbound ones. I think they cover all the posibilities.
    Yes it is a feature. If no setting is specified, it means blank.

    Other things that are new and came into my mind now:
    - Reduced the file size of wfc.exe from 410KB to 333KB.
    - On installation the default profile is set to Low Filtering. This applies also when resetting to the default policy. In previous versions was an intermediate icon (the one with ? ) which asked the user to select a profile. Now the default profile is set to Low Filtering.
    - Removed some obsolete parts of code and improved the program's logic.
    - And others, but I forgot them. I must write them while I implement them :)

    I intend to change the website interface to a much simpler one. When it will be ready, I will publish the final version 3.1.0.0 with it. The final version will include more stuff, but now I'm busy with the web site.

    P.S. What do you think about keyboard shortcuts ? Also, I think the GUI is very explanatory by itself.
     
  25. Broadway

    Broadway Registered Member

    Joined:
    Aug 16, 2011
    Posts:
    211
    Alex, although there is a predefined rule for blocking svchost connecting to "Microsoft Limited" (IP range), WFC permanently asks me about connections of svchost to the defined portrange. Why are there popups when a rule already exists?

    Another question: Can the rules be sorted?
    For example I want to allow a certain program NOT to access to a special IP-Address but to all others. Now in the rules list the "all" Rule is before the "Block one"-rule. Can I change the priority of rules? How is this solved?

    Thank you!
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.