TinyWall Firewall

Discussion in 'other firewalls' started by ultim, Oct 12, 2011.

  1. Orlok

    Orlok Registered Member

    Joined:
    May 4, 2017
    Posts:
    12
    Location:
    Nigeria
    Thanks for this.:)
     
  2. Sm3K3R

    Sm3K3R Registered Member

    Joined:
    Feb 29, 2008
    Posts:
    611
    Location:
    Wallachia
    @ultim

    As a user, I see the classical DNS thingy in this way, even though in Windows 10 you can not turn off the DNS Client service, as you could /can in Windows 7.
    I remember i could use this rule logic in Outpost Firewall and it could/can be done in Jetico as well.
    You could allow svchost.exe to call for udp port 53, for all apps, or you could block svchost.exe to not do the calls, and add rules for the apps to allow udp remote udp 53 on their own.
    You never know what uses the DNS client/ or the svchost.exe to do calls.

    So, thus the report on the Firefox on the Normal or Sanboxed usage.
    In my view :
    If the DNS Client is enabled, in the Recommended rules, then all App-s should call DNS thru that, and not only the Windows services, as such no UDP Out to 53 port should be needed in per app rule set..
    If the DNS Client is disabled, in the Recommneded rules, then all Apps should be able to call DNS ONLY if a custom UDP for DNS rule is add-ed to each or if a svchost.exe (DNS rule/allow all) is added..

    And a request :Maybe an option for a remote IP adres/range could be added in the custom rules window ? ! :)

    Using the new release as of now.Let s see how it goes.
     
  3. Jarmo P

    Jarmo P Registered Member

    Joined:
    Aug 27, 2005
    Posts:
    1,207
    New version seems working fine. I needed to put the TinyWall icon back from hidden ones under popup to see it. Might be just my old computer, who knows.

    The only thing I have never really liked too much about your TW Karoly, is just that the tray popup does not show traffic speeds in Mbits/second (Mb/s), instead it all is in megabytes and the unit kilobytes that are not really wanted maybe. To most of us anyways. Regarding internet speeds the common unit is megabits/s from operators and also from sites like speedtest or fast.com.

    Thank you for your good firewall and now better in 3 versions with being independent from Windows firewall. I understood it had the "Secure Rules" even before. But now the Windows updates seem not able to upset it.
     
  4. Radish

    Radish Registered Member

    Joined:
    Jun 16, 2020
    Posts:
    10
    Location:
    Scotland
    General question: Is it okay to import TW settings from TW version 2.1.15 to TW version 3.x ? Or does the user have to build up settings anew from scratch?
     
  5. mroek

    mroek Registered Member

    Joined:
    Mar 11, 2020
    Posts:
    11
    Location:
    Norway
    First, thanks for the new version, got the update notice today. It seems that I have some improvements when booting, with the old version it could take some time until I had network connectivity (red cross on the ethernet icon in the tray), and that apppears to have improved (but time will tell, for now I have only rebooted once with the new version).

    With regards to the Wireshark rule, there is possibly an improvement that can be made. In the exceptions list, I typically remove all entries that has a red cross on them, because usually that means the referenced application/executable has been deleted or moved. However, the "System" rule that must be present for Wireshark/npcap to work, also has no explicit executable associated with it, so it is shown with a red cross. It would have been better if it actually had an icon, could be any suitable generic process icon, just not that red cross.
     
  6. ultim

    ultim Developer

    Joined:
    Oct 12, 2011
    Posts:
    703
    Location:
    Hungary
    That's not possible unless you do deep-packet inspection. DNS packets are just like any and every other form of IP communication. There is not much I can do if a process still decides not to use the DNS client in Widows even though it is enabled.

    This is something I'd lile to do in the long run, but you'll probably have to wait a lot for it. Simply because it needs a complete UI overhaul.

    That's an interesting view. It is true that tools that specifically measure your internet speed use bits/s not bytes/s. But everything else that reports traffic rate uses bytes/s. Browsers, download managers, torrent clients etc. all use bytes not bits. Since TinyWall is not measuring internet speed but actual traffic, I always thought using byte/s is more logical since then it is easier to cross reference with the current traffic stats of other programs. What do others think?

    You can import settings from 2.1.x into 3.0.0 - 3.0.5. In the very near future I might remove this compatibility code so I don't guarantee this will always be the case for 3.0.x (I have actually thought about already removing it from the next release), but at least up to and including 3.0.5, yes it works.

    You are right, thanks for the suggestion. I should not list the System process as one that is missing its executable.
     
  7. tcarrbrion

    tcarrbrion Registered Member

    Joined:
    Dec 15, 2007
    Posts:
    105
    I prefer bytes. I think bits/s is for internet service providers and equipment manufacturers who want the numbers to look bigger.
     
  8. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    BTW, isn't it true that TW only tries to add these rules to Win Firewall during install? Because this would mean that you simply need to disable Secure Rules during install, because AFAIK it only monitors newly added rules, not ones that are already made. Or is TW constantly trying to add these rules?

    Haven't tried it yet, because the current version works just fine on my system, but the new version does indeed sound like a big improvement, great job!
     
  9. polly77

    polly77 Registered Member

    Joined:
    Jan 13, 2014
    Posts:
    70
    Hi just interested if anyone has performed a firewall test for tinywall?Thks
     
  10. nadim

    nadim Registered Member

    Joined:
    Apr 17, 2020
    Posts:
    8
    Location:
    ufo
    @ultim
    question, i'm downloading files by using qbittorrent, but in "Show Connections" it does not appear any connections for qbittorrent, except 127.0.0.1
    is it bug?
     
  11. ultim

    ultim Developer

    Joined:
    Oct 12, 2011
    Posts:
    703
    Location:
    Hungary
    TinyWall passes online scanner (port scan) tests, and reports closed port as "stealth" which is the best. One should also run leak tests though, which means testing if blocked programs get out of your computer. I do not know of any working firewall leak testers aside from GRC's LeakTest. TinyWall passes that too, but to be honest that test is a bit too basic. There used to be Comodo's tester in old times, but it doesn't work on Win10 anymore, and also, almost all of the tests it used to conduct were not firewall but malware tests.

    If you meant reviews, there's a compilation of those here.

    In any case, TinyWall's blocking is a lot better then Windows Firewall, and as long as you don't want HIPS or other kinds of antivirus protections, it is on par with any other solution, even paid ones.
     
    Last edited: Jun 18, 2020
  12. ultim

    ultim Developer

    Joined:
    Oct 12, 2011
    Posts:
    703
    Location:
    Hungary
    Installed qbittorrent to test, seems to work fine.
    upload_2020-6-19_0-4-23.png

    If it's a bug then it is an unknown one yet.
     
  13. tcarrbrion

    tcarrbrion Registered Member

    Joined:
    Dec 15, 2007
    Posts:
    105
    With the new version 3.05 I am getting lots of blocks such as this:

    Untitled.png
    192.168.1.50 is my chromecast device and chrome.exe is allowed all outbound connections (* in rule). I don't know why this is blocked.
     
  14. nadim

    nadim Registered Member

    Joined:
    Apr 17, 2020
    Posts:
    8
    Location:
    ufo
    Thanks for the test : )
    it's strange, I tried torrent today, and got many active connections with ip.
     
  15. Orlok

    Orlok Registered Member

    Joined:
    May 4, 2017
    Posts:
    12
    Location:
    Nigeria
    I also prefer bytes. It makes more sense.
     
  16. polly77

    polly77 Registered Member

    Joined:
    Jan 13, 2014
    Posts:
    70
    Thks for reply ,great app but in my tests it fails the grc stuff,something i am doing wrong?
     
  17. ultim

    ultim Developer

    Joined:
    Oct 12, 2011
    Posts:
    703
    Location:
    Hungary
    Yes, you are doing something wrong then. Make sure that ...
    1) TinyWall is running in its "Normal" mode (eg. not Auto-learn, Allow outgoing, or anything else)
    2) LeakTest.exe is not whitelisted (if you open Manage in TinyWall, you should not see any rules added for GRC's executable)
    3) No other firewall is installed, maybe except for Windows Firewall which is allowed

    If GRC's leak test passes, you should see the following window after you click "Test For Leaks":
    upload_2020-6-19_19-41-13.png
     
  18. polly77

    polly77 Registered Member

    Joined:
    Jan 13, 2014
    Posts:
    70
    Ok Thks I did the test under common ports and all service ports in normal mode ,tests failed it says.
     
  19. ultim

    ultim Developer

    Joined:
    Oct 12, 2011
    Posts:
    703
    Location:
    Hungary
    Oh, wait, now you're doing the port scan test. Ok.
    So all you have to do is make sure not to whitelist the apps whose ports failed. Also, if you have a router, say, between your computer and internet connection, then you're basically just testing the router config not your computer/TinyWall. So make sure to clear that up first.
     
  20. polly77

    polly77 Registered Member

    Joined:
    Jan 13, 2014
    Posts:
    70
    Thks I do have a router which should not fail ,any advice on that?
     
  21. g17

    g17 Registered Member

    Joined:
    Sep 30, 2017
    Posts:
    101
    Location:
    MI
    Hi, just upgraded from 3.03 to 3.05 and am getting an odd error. I did the upgrade by just running the executable, I did not delete the old version first. I'm running Win 10 Pro, version 2004, OS build 19041.329.

    When I click on the applications exceptions tab, this error immediately pops up.

    Capture.JPG

    If I click continue, the program works fine, but every time I click the tab it shows up again. Anyone have this issue?
    I will look into the windows error reporting service first.

    The details drop down menu has the following info.


    See the end of this message for details on invoking
    just-in-time (JIT) debugging instead of this dialog box.

    ************** Exception Text **************
    System.InvalidOperationException: When in VirtualMode the ListView RetrieveVirtualListItem event needs a list view SubItem for each ListView column.
    at System.Windows.Forms.ListView.WmReflectNotify(Message& m)
    at System.Windows.Forms.ListView.WndProc(Message& m)
    at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)


    ************** Loaded Assemblies **************
    mscorlib
    Assembly Version: 4.0.0.0
    Win32 Version: 4.8.4180.0 built by: NET48REL1LAST_B
    CodeBase: file:///C:/Windows/Microsoft.NET/Framework64/v4.0.30319/mscorlib.dll
    ----------------------------------------
    TinyWall
    Assembly Version: 3.0.5.0
    Win32 Version: 3.0.5
    CodeBase: file:///C:/Program%20Files%20(x86)/TinyWall/TinyWall.exe
    ----------------------------------------
    System.ServiceProcess
    Assembly Version: 4.0.0.0
    Win32 Version: 4.8.4084.0 built by: NET48REL1
    CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.ServiceProcess/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.ServiceProcess.dll
    ----------------------------------------
    System
    Assembly Version: 4.0.0.0
    Win32 Version: 4.8.4084.0 built by: NET48REL1
    CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll
    ----------------------------------------
    TinyWall.Interface
    Assembly Version: 1.0.0.0
    Win32 Version: 1.0.0.0
    CodeBase: file:///C:/Program%20Files%20(x86)/TinyWall/TinyWall.Interface.DLL
    ----------------------------------------
    System.Configuration
    Assembly Version: 4.0.0.0
    Win32 Version: 4.8.4084.0 built by: NET48REL1
    CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll
    ----------------------------------------
    System.Core
    Assembly Version: 4.0.0.0
    Win32 Version: 4.8.4180.0 built by: NET48REL1LAST_B
    CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll
    ----------------------------------------
    System.Xml
    Assembly Version: 4.0.0.0
    Win32 Version: 4.8.4084.0 built by: NET48REL1
    CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll
    ----------------------------------------
    System.Windows.Forms
    Assembly Version: 4.0.0.0
    Win32 Version: 4.8.4084.0 built by: NET48REL1
    CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll
    ----------------------------------------
    System.Drawing
    Assembly Version: 4.0.0.0
    Win32 Version: 4.8.4084.0 built by: NET48REL1
    CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll
    ----------------------------------------
    System.Runtime.Serialization
    Assembly Version: 4.0.0.0
    Win32 Version: 4.8.4180.0 built by: NET48REL1LAST_B
    CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Serialization/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Serialization.dll
    ----------------------------------------
    SMDiagnostics
    Assembly Version: 4.0.0.0
    Win32 Version: 4.8.4180.0 built by: NET48REL1LAST_B
    CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/SMDiagnostics/v4.0_4.0.0.0__b77a5c561934e089/SMDiagnostics.dll
    ----------------------------------------
    System.ServiceModel.Internals
    Assembly Version: 4.0.0.0
    Win32 Version: 4.8.4180.0 built by: NET48REL1LAST_B
    CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.ServiceModel.Internals/v4.0_4.0.0.0__31bf3856ad364e35/System.ServiceModel.Internals.dll
    ----------------------------------------

    ************** JIT Debugging **************
    To enable just-in-time (JIT) debugging, the .config file for this
    application or computer (machine.config) must have the
    jitDebugging value set in the system.windows.forms section.
    The application must also be compiled with debugging
    enabled.

    For example:

    <configuration>
    <system.windows.forms jitDebugging="true" />
    </configuration>

    When JIT debugging is enabled, any unhandled exception
    will be sent to the JIT debugger registered on the computer
    rather than be handled by this dialog box.
     

    Attached Files:

  22. ultim

    ultim Developer

    Joined:
    Oct 12, 2011
    Posts:
    703
    Location:
    Hungary
    Here are some general pointers, but this is not a thread about configuring specific routers, so if you need more detailed advice, please ask for help in a suitable forum.
    • Update to the latest firmware. Vendors often close leaks and security issues in newer router firmware
    • If you don't use it, disable UPnP
    • Disable remote management / WAN-side login access
    • Evaluate which port forwarding rules you need and keep only that which is necessary for you, ideally zero
    • Disable DMZ-host feature (even if needed, use the finer-grained port forwarding feature instead)
    • ... depending on your router's features other points not mentioned here may also apply.
     
  23. ultim

    ultim Developer

    Joined:
    Oct 12, 2011
    Posts:
    703
    Location:
    Hungary
    Thanks, I'm looking into it.
     
  24. g17

    g17 Registered Member

    Joined:
    Sep 30, 2017
    Posts:
    101
    Location:
    MI
    Thanks.

    I ran a system file check and a DISM job and found some corruptions that were fixed, but the same error persists.

    I think it may be my system and not the software, but I don't know where to look anymore.

    I use sandboxie, but no other AV software or firewalls.

    I'll check the event logs also.
     
  25. ultim

    ultim Developer

    Joined:
    Oct 12, 2011
    Posts:
    703
    Location:
    Hungary
    I analyzed it. It's a not a problem with your computer or installation. It happens in TinyWall when you have a machine-wide rule. Fix in next release.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.