TinyWall Firewall

Discussion in 'other firewalls' started by ultim, Oct 12, 2011.

  1. ultim

    ultim Developer

    Joined:
    Oct 12, 2011
    Posts:
    703
    Location:
    Hungary
    Yes, it is intentional. 99% percent of the the time svchost.exe is used by service. Because Autolearn is unable to differentiate between services, and we want to avoid suddenly whitelisting all Windows services just because you made a DNS request ;)
     
  2. spocko

    spocko Registered Member

    Joined:
    Apr 23, 2012
    Posts:
    11
    Location:
    USA
    Makes sense, thanks!
     
  3. ultim

    ultim Developer

    Joined:
    Oct 12, 2011
    Posts:
    703
    Location:
    Hungary
    Yeay, I just released TinyWall 2.1.6! Among other things, it finally fixes the bug that occasionally caused TinyWall to reset its settings. Therefore, this is a really-really recommended update :) As always, download from here. And of course, what is a TinyWall release post without the changelog:

    2.1.6 - Maintenance release (06.01.2015.)
    - Windows 10 (TP) compatibility
    - Add color-coding to Application Exceptions list
    - Faster loading of Manage and Processes windows
    - Fix: GUI crashes when process list is cancelled
    - Fix: Printer sharing doesn't create rule for spoolsv.exe
    - Fix: Two rules can get incorrectly merged
    - Fix: TinyWall loses its settings under specific circumstances
    - Updated Brazilian Portuguese translation
    - Add Chinese translation

    In other news, here is something new I stumbled upon a few days ago:
    "Many Operating Systems (OS’s) offer a fully functional firewall but these may not be as full featured as commercially available products. There are a limited number of free firewall applications as well with varying degrees of effectiveness. These include ZoneAlarm, Comodo, and TinyWall. INB does not endorse any specific product."
     
  4. Jarmo P

    Jarmo P Registered Member

    Joined:
    Aug 27, 2005
    Posts:
    1,207
    Thank you for the update!

    The new version seems working fine. I installed it on top of 2.1.5. A small glitch though on the install:

    There came a popup: 'Did you initiate the uninstall of TinyWall?'
    I was not sure what to do, so I responded 'No' and the install did not go through. So I did a second installation attempt and replied 'Yes' to the prompt after which install proceeded.

    I like having blocked application rules shown with red background in the Application Exceptions window. To me they are mostly blocked program updaters or then some programs I don't use, but have not deleted from the app list yet. So TinyWall 2.1.6 will show what is not currently active very clearly.

    Karoly, are the special exceptions and other TW GUI options rules the same as in 2.1.5 version?
     
  5. ultim

    ultim Developer

    Joined:
    Oct 12, 2011
    Posts:
    703
    Location:
    Hungary
    That is perfectly normal. The popup is part of the "uninstall protection" feature added in the last release. The upgrade is very similar to a streamlined sequence of uninstall+reinstall, which is why you get this message. This message already changed in this new 2.1.6, so on your next update, you will get the message 'Did you initiate the uninstall/update of TinyWall?'

    There are two colors actually. Blocking rules that have a valid executable will be red, and any kind of rule whose executable does not exist will be grey.

    For file and printer sharing, a new allow rule has been added for spoolsv.exe, but restricted to the LAN. There are no changes otherwise to the built-in special exceptions.
     
  6. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
  7. ultim

    ultim Developer

    Joined:
    Oct 12, 2011
    Posts:
    703
    Location:
    Hungary
  8. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    Can you perhaps tell me why Download Ninja does open a listening port? To clarify, I'm not an expert, but I thought it was strange that SpyShelter alerted me about some apps wanting to "accept incoming connections", or wanting to access the network.

    But I guess TinyWall just silently blocks them? I think TinyWall is cool, but what bugs me is that you don't know what is being blocked.

    EDIT: My bad, you need to check and uncheck "show active connections", to see what is being blocked. Why no auto-refresh? And why no ability to block an IP address or IP range?

    Also, if some app needs outbound access, you need to make rules manually, or you will go into "auto-learn" or "allow outgoing" mode, which is a risk in theory. BTW, it would also be nice if the "connection manager" could remember column-sorting and column-size.

    http://www.snapfiles.com/get/downloadninja.html
     
    Last edited: Jan 13, 2015
  9. ultim

    ultim Developer

    Joined:
    Oct 12, 2011
    Posts:
    703
    Location:
    Hungary
    Yes, you mean, you have to select "Show blocked apps".


    There is no auto-refresh because it annoys me when I am looking at a specific list-item (or list items), and the items that I am looking at suddenly change or get deleted, and I cannot have the information anymore. Filtering based on IP-address is primarily an issue of GUI-design, and actually I was just about to address (see the pun? :D ) this topic here on the forums in the upcoming days. I will soon.



    Noted for future version.
     
  10. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    Well, because there is no auto-refresh, things can become confusing. And why not keep showing all blocked apps from the whole day for example? It would make it easier to unblock them.

    And I must say that the current approach (no outbound connection alerts) is a double-edged sword. It's kinda nice when you install software that you won't be bothered, but when they really DO need access it can be a bit annoying.
     
  11. Circuit

    Circuit Registered Member

    Joined:
    Oct 7, 2014
    Posts:
    939
    Location:
    Land o fruits and nuts, and more crime.
    I have no problems installing software, as I can see what is blocked in the connections window, yes you might have to refresh once or twice for windows to catch up. If there is a problem I just "allow all outgoing" for a minute. If you have programs you know you don't want to connect put them in "block all" rules in the application window, that way when you "allow outgoing" those programs will be blocked. At least that was what I was told by Károly.
    Keep it simple and secure.
     
  12. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    That is indeed not a bad idea, but it won't help against malware that is secretly running in memory. I must admit, I like TinyWall more than I initially expected, ultim did a nice job. But I will still check out some other tools with outbound connections alerts, to see if I like them better. Back in the days I used ZoneAlarm, it's still mind boggling to me, how they allowed some idiots to completely ruin the GUI.
     
  13. Herberta

    Herberta Registered Member

    Joined:
    Aug 26, 2014
    Posts:
    30
    Tried out TineWall and now I do not want to change to any other software FW even thou I need more functionality.

    I am looking for a way to restrict a program and/or the system to only communicate through a VPN connection. I used to do this by restriction to a IP range. Any plan to add this function? Really useful if VPN goes down and you do not want traffic through the normal internet connection.
     
  14. ultim

    ultim Developer

    Joined:
    Oct 12, 2011
    Posts:
    703
    Location:
    Hungary
    Hello Herberta, yes, but the current things I am working on for TinyWall right now still have a long way to go, such that it is unsure if and when they will bear fruition in a public version. Filtering based on IP is a (small) part of it though.
     
  15. Herberta

    Herberta Registered Member

    Joined:
    Aug 26, 2014
    Posts:
    30
    Great, I´ll do without this functionality for now and hope it will be included in the future. You are doing great work!

    I do have a problem with my VPN tunnel even today. It will establish and say connected for about 3 s. Then it disconnects. If I set the firewall to off it works. How can I debug this?

    Thanks
     
  16. ultim

    ultim Developer

    Joined:
    Oct 12, 2011
    Posts:
    703
    Location:
    Hungary
    Open the Connections window of TinyWall first, and select the option to show blocked connections. Then try to dial in to your vpn, and wait until it disconnects after 3s as in your case. Hit Refresh in the Connections window and check what was blocked.
     
  17. questions

    questions Registered Member

    Joined:
    May 25, 2014
    Posts:
    55
    Hi,
    Quick question:
    The rules created by TW have strange names in Windows Firewall; example :

    [TWc2kZLwQDXthi] TCP Outbound Ports for C:\Program Files (x86)\Internet Explorer\iexplore.exe

    Why is that? (what I mean is why is "TWc2kZLwQDXthi" when could have been "iexplore.exe")

    Thanks!
     
  18. ultim

    ultim Developer

    Joined:
    Oct 12, 2011
    Posts:
    703
    Location:
    Hungary
    It is an implementation detail, to let TinyWall uniquely identify firewall rules faster.
     
  19. Herberta

    Herberta Registered Member

    Joined:
    Aug 26, 2014
    Posts:
    30
    I get a lot of stuff. Nothing that is obviously connected to VPN for me. This is the list:

    http://i61.tinypic.com/334n7vc.jpg

    Thanks,
     
  20. ultim

    ultim Developer

    Joined:
    Oct 12, 2011
    Posts:
    703
    Location:
    Hungary
    Are you using the built-in VPN capabilities of Windows? Then you need to allow that under the Special Exceptions tab in TinyWall. Otherwise, you should be able to determine which from that list corresponds to your VPN by the remote address.
     
  21. Herberta

    Herberta Registered Member

    Joined:
    Aug 26, 2014
    Posts:
    30
    Hi,

    yes it is the built in VPN. Simple PPTP with CHAP/MS-CHAP v2. Special Exceptions is checked.

    The only thing I see is a System(4) TCP 56883 Dest 1723 that goes to a IP on the VPN out range.
    Unblock says it might be part of Printer sharing and points to system32/spoolsv.exe

    I am getting a lot of hex adresses and port 0 that I am unable to understand.

    Also have a lot of svhost.exe blocked.

    Thanks
     
  22. Herberta

    Herberta Registered Member

    Joined:
    Aug 26, 2014
    Posts:
    30
    Might add that I have a feeling this has to do with the operating system. It´s win 8.1 64 bit. I might be able to test it on a win 7 32 bit and report back.
     
  23. ultim

    ultim Developer

    Joined:
    Oct 12, 2011
    Posts:
    703
    Location:
    Hungary
    The special exception for VPN should be enough on Win7 (no need to whitelist anything else), I have tested it there personally when the feature was developed. No experience with VPNs on 8.1, but it wouldn't be the first thing that MS change in Win8.1 regarding what service access the internet and how.
     
  24. th3m

    th3m Registered Member

    Joined:
    Jan 28, 2013
    Posts:
    11
    @ultim I would respect this program more if it was open source.
     
  25. ron spencer

    ron spencer Registered Member

    Joined:
    Nov 17, 2007
    Posts:
    9
    I am having issues with network discovery and file sharing being disabled. If tinywall is running and I restart my machine, I lose network discovery and file sharing. If I disable the tinywall service and re-enable network discovery and file sharing and restart all is fine. Can anyone lend a hand?
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.