what is your favorite windows firewall controller?

1. I changed this behaviour. The next version will not allow anymore full rights for Everyone in the installation folder.

2. There is no connection window. It was in the past, but the performance was slow and I removed that view. Instead, from the Shortcuts tab, the user can launch Resource Monitor which has a dedicated tab for Network connections. It is better and more powerfull than anything that I could implement in WFC.

W7FC from Sphinx was not in this list because it uses a different list of rules than Windows Firewall. Even if it uses Windows Filtering Platform, it is not an firewall controller because it works independently of Windows Firewall.

Regarding Windows Firewall Control I can say that:
a) Is not intrusive. It doesn't even filter network packets. It works passively with data provided by Windows Firewall. Regarding the pop-ups, they can be disabled anytime. I think this applies to any firewall.
b) It uses a Windows service to maintain compatibility with standard user accounts without generating troubles with UAC. At uninstallation, WFC can:
- Keep all existing rules intact
- Restore the rules that the user had before installing WFC
- Restore the default rules of Windows Firewall

Thank you for sharing your opinions. It helps me a lot to improve Windows Firewall Control. Based on your feedback, I already changed many aspects of the program and how it is used.

Have a nice weekend.

 

Yes, but it does not offer a way to view the active connections or a log of blocked connections where a user could right click a program and make an allow rule. Unless you added such a feature in recent versions.
Instead of describing this, better take a look at tcpblock for mac.
http://tcpblock.wordpress.com/2011/04/17/tcpblock/
or the current connections window of tinywall.
http://www.softpedia.com/progScreenshots/TinyWall-Screenshot-203544.html

I would also prefer a portable version that would not need installation at all or to become inactive when closed.

You are welcome.
You too.

regards,
Panagiotis

 

I find it bizarre that members are being critical about the network connections window being absent when the new comodo firewall suffers the same thing.
You have to open another application to view network connections in that firewall.
If network connections viewing is so essential then i suggest installing something like process hacker which has a network window and various tools to control the connections.

 

Why not just run use "netstat" from a command prompt for active connections?

ie:
netstat -a
netstat -b

 

Neither of these windows firewall contollers support windows xp what a shame.

 

The winxp firewall doesn't block outbound connections (only inbound), therefore it is almost useless.

 

Great

I see. The connection window isn't a big deal but having a log of blocked connections within the program (as pandlouk mentions) makes it easier. I understand if you don't wish to implement it though.

If you don't mind, I wish to make another suggestion.

There's the slider to control the filtering levels. Maybe it's just me but I find that the slider makes it too easy to turn WF off (accidentally) without any warnings. The way I see it is that people that use WF controllers would also be the ones that won't turn WF off or at least know how to turn it off from within Windows itself. Consider removing the option or place it on another tab within the UI perhaps?

Same goes for you. It's good to see a developer asking/taking feedback positively and work on suggestions.

 

Why should I care about comodo?

I don't want to view the active open connections.
I want to view a log of recent connections, select a program from the list and create an allow or deny rule.

Panagiotis

 

What is your problem with comodo please.?
I was only making a simple comparison in terms of useability.

 

No problem, I simple don't use it...

Panagiotis

 

- There was such a view with active connections but the performance was very poor and I removed it. There are more sophisticated tools for this purpose.
- I had several attempts in the past to create a log view to display the blocked connections but it remained in a beta stage because the performance of filtering the Windows Firewall log was also poor. Instead of this, there are notifications. I think this is better than a log view. The log of Windows Firewall can be read through Event Viewer but there are thousands of items and it is very hard to follow.
- Something similar to TCPBlock can't be implemented because WFC does not filter network packets.
- The settings that you make in WFC are active even if you close WFC because the settings are applied to Windows Firewall itself.
- I didn't create a portable version of WFC as to avoid obscure usage of it. It can be converted very easily to a portable version, but not.

Windows XP Firewall does not support outbound filtering. These are controllers, not stand alone firewalls with their own network filter drivers. This is the reason why Windows XP Firewall is not supported.

No Filtering profile is used to quickly disable Windows Firewall to debug network problems. There is a notification from Security Center if you disable Windows Firewall. Also, there is the tray icon of WFC which changes to red. This will remain as it is right now.

 

Correct me if im wrong but isnt it a fundamental aspect of a firewall to actually see what connections are being made.
The irony is that with most of these firewalls i have to use process hacker to actually see connections and the comodo firewall is a real pain as they removed the connections tab so now another application has to be opened to get to a important section.
I gave up with it as it was too much of a pain and connections could not even be terminated with it.
The best free firewall i have ever used is online armor and the firewall window is everything a firewall should be with an option to kill a suspicious connection.
We shouldnt have to be opening other applications to get to basic firewall options.

 

Ok, well then enable the windows firewall logging feature and you can review the logs manually.

By the way, this is exactly what WFN does automatically.

 

Actually only tinywall offers this. (display connection + ability to directly insert a rule in windows firewall).

Panagiotis

 

No it does not.
What exactly you did not get in my previous post? I think that it was crystal clear.

ps.https://www.wilderssecurity.com/showthread.php?p=2156222#post2156222

Panagiotis

 

Apparently only crystal clear to you.

You stated you want to view recent connections and then create an allow or deny rules?!!
Well, recent connection implies an actual "connection"...how can you then allow it if it is already connected?

Maybe stop being an such a d***** bag and be more precise in your statements.

 

I think he meant, recent blocked connections , all here.

 

You do know that windows firewall has 2 modes to operate,correct?

How?
Create the rule and then change the status from allow all, to deny all but allowed. Unless you believe that everybody uses the firewall the same way you do.

Panagiotis

 

Now you're kneaded a little more than before. What the hell do you think with this?!

 

I think it can means similar problem like in this thread
https://www.wilderssecurity.com/showthread.php?t=300700&highlight=filseclab
Such feature sometime can be quite useful...

 

With advanced security you can create multiple allow and deny rules for the same application and assign those rules in different profiles (Private,Public,Domain) and for different protocols.

An simple example:
Let's say I want an app to connect with https from Private/Public and http through vpn, but block the UDP Protocol.
The Private Profile is in allow all mode and the Public and the Domain profiles are in Deny all mode.
For the Private Profile I must create
a block rule for TCP (except port 443)
a block rule for UDP

For the Public Profile I must create
an allow Rule for HTTPS

For Domain Profile I must create
an allow for HTTP

And I want to easily create at least 1 allow and/or 1 deny rule, from a log window while using my Private profile without having to search for the application.

Maybe you never used the Advance Security Interface, or if you did, you created a rule for all Profiles and this is the reason, why you cannot understand what I am saying...

And yes it can help in situations as the one linked by Ichito.

Panagiotis

 

Dude, are you serious...this is your explanation for your less than "crystal clear" statement that I quoted you on originally!

I realize you were backed up into a wall and had no out...nice try though.

It seems that you just discovered how to setup a firewall...yes all properly designed firewalls allow tweaking and setting up inbound/outbound connections to specific protocols, IPs, etc.

I am quite well aware of how to set up server and workstation firewalls in both Windows and *NIX systems.

 

Yes, I'm sure you are.
Especially, when the frase "log of recent connections", means for you "recent connections established"...
But no... the firewalls do not log the syn bits.

Panagiotis

 

Do not worry about me, I take very good very long WF, and I understand what you mean, but your way I see it a bit complicated without any need.

Best practices are to create your rules in all three profiles, but only enable the firewall rule group on the profiles that suit your scenarios. For example, if you have application that is only used on a private network then it would be best to create firewall rules in all three profiles, but only enable the firewall rule group containing your rules on the private profile.


PS: Question for you, are you still seeing bogeymen (babau) in the dark depths of the internet ??

I wish you a nice day...

 

I may as well be misunderstanding you, so be gentle when replying. But, why all the hassle of creating a rule for the three profiles (Domain, Private, Public)?

Using your example, if one has an application required to connect only within the private network, then all the user has to do is to create one rule and choose which profile they want it for, which would be Private. The profiles can be chosen under Advanced tab. No need for three rules...