Windows Firewall Control (WFC) by BiniSoft.org

Take your time man, we all understand you have more important work to do for a living.

It may look better to you, but it's just not intuitive. A checkbox is usually used (all over the internet and in every other software I use) when the user can select any combination of any number of options. On the contrary, a radio button is usually used (again, all over the internet and in every other software I use) when the user can select only 1 of any number of options.

Couldn't you just create a row of them with shorter names? Like:

Location: ☑ Dom. ☑ Pri. ☑ Pub.

All that will change is when the user clicks the customize button, the notification window expands upwards to contain the new row and vise versa. Besides, any power user that has the guts to click the "customize this rule before creating it" link in the first place, will most likely know what a location is and which checkbox is for Domain, Private and Public.

Hmmm, aren't you able to access both the network location type (NLT) and the Windows Firewall rules list (WFRL) on every connection block? Also, isn't MBAM sitting in front of Windows Firewall, as-in, a connection attempt goes through MBAM then through Windows Firewall?

If what I'm thinking is correct, a logic like the following should work fine in accommodating both features:

- When a connection is blocked, say by MBAM, WFC reads it from the logs (as every connection block by MBAM is also logged)
- WFC checks if a rule exists for the executable in the WFRL with the current NLT
- If say it didn't exist in the first place,

WFC could display a notification to allow/block it​

- If say an allow rule existed in the WFRL for the current NLT,

WFC could reasonably assume its another program blocking the connection (MBAM in this case) and ignore the connection block​

- If say an allow/block rule existed in the WFRL but not for the current NLT,

WFC could then display the notification to allow/block the NLT, keeping track of it using the group credential of Windows Firewall rules (just like I suggested here)​

- If say a block rule existed in the WFRL for the current NLT,

WFC doesn't need to change its behaviour in this case, it just ignores the connection block as usual.​

Awesome, looking forward to the update

 

There is any difference in security between the security options that you can find in more advanced firewalls and WFC?

https://help.comodo.com/topic-72-1-451-4770-Firewall-Behavior-Settings.html#fw_advanced_settings

Could this option be added to WFC?

 

A small request please:
To post on the forum the SHA-1 hash of the download file.

Reason:
Based on my request in the past, you have been posting the MD5 hash of the WFC download. I was aware at the time of some collision reports of MD5, but thought that those applied only to some manually crafted academic proof of concept.
Apparently it is very easy to craft an evil executible to have the same MD5 hash as a good exe. My concern is that this security software can be changed by a hacker to your binisoft site without us noticing.
SHA-1 is resistant to this.

For a reference on crafting an evil exe (the "evilize library"):
http://www.mscs.dal.ca/~selinger/md5collision/
(note: to test out the 2 demo exe, you need to append the exe extension to the file name upon execution)

 

@alexandrud

Behaviour with "Create duplicate" ...

It's not a real duplicate because the Location is always "All" in the copy. Also, an existing OWN (added) ICMP type (for example: Type 3, Code 4) is NOT duplicated.


Freezing after use of Remote addresses sorting ...

The rule manager window was gray and without any text. The control panel was white. Restart of WFC was necessary.


Freezing after use of Location sorting ...

The rule manager window was freezed. The Control Panel was white. Restart of WFC was necessary.


Greetings,
SwissBIT

 

The answer is no. If Windows Firewall does not support such features WFC can't add them.

Ok, I will do this.

I can fix the Location problem. For advanced options (ICMP Type) that are not part of WFC customization, they are indeed lost because those properties that are not supported (loaded) can't be copied to the newly created rule.

I can't reproduce these two. Please provide some extra info about this scenario.

 

Windows Firewall Control 4.0.0.6 - New version

What's new:
- New: When creating a new rule from the Recently Blocked connections data grid, the user can customize the rule before creating it. Just use double click on a row or the context menu.
- Updated: The search box text box from Manage Rules has now a clear button in it.
- Updated: Manage Rules data grid supports now Ctrl+Home and Ctrl+End key combinations to quick scroll to top or bottom.
- Updated: The text boxes length was increased from 254 to 2048 characters.
- Updated: The radio buttons template was reverted from the checkbox template.
- Fixed: The Location is not set correctly on the duplicated rule when the user creates a duplicate rule from the context menu in Manage Rules data grid.
- Removed: Due to the duplicate notifications that have been reported, the validation for the Locations was removed.

Installation notes: Just use the updater to update to the new files. That's all.

Download location: http://binisoft.org/download/wfc4setup.exe
SHA1: 68fefb0fdb686853ed58be0e32420cc60820be84

Thank you for your support and your feedback,
The developer

@SwissBIT : The changes to the Lock feature are not done yet. In a future version I will revise it and I will try another approach. Right now, I can't change it because it breaks a lot of logic. I was thinking to a list with the local users in which the user can check to which users should apply the lock. In this way, you, as admin, you will not be bothered about this anymore.

@MrElectrifyer : I know that by removing the Locations check is a downgrade, but this is causing a lot of troubles and duplicate notifications. I will try a different approach for this and I will find a different solution in the future (a fully working solution).

 

Hi

I think I don't use this app the way I should , could you help me?
Basically , I would like to get a notification each time I start a program for the first time (isn't it what it is supposed to do ?)
But it is not what happens.
I just installed WFC , restared my computer , and started Chrome , no question Allow/Deny.
I've launched VLC , checked for an update , and it told me an update was available without asking me if I wanted VLC to call home...
Then I've downloaded the tool "leaktest" and it told me "firewall penetrated...still no notification to allow or deny.

So , to make it simple , what are the setting to get a question Allow/Deny each time I start a new application?

Thanks

PS I use the registered version.

 

1. What Profile do you use in WFC ? In Profiles page ?
2. What Notification level have you set in Notifications page ?
3. What set of rules do you have ? Please check if you don't have an allow rule that applies to all programs. In this situation all programs are allowed and there is no notification.
4. Do you use Avira WebGuard or Avast WebShield ?
5. What is your operating system ? Vista, 7, 8 ? x86, x64 ?
6. Have you tried to restore the default policy and start over ?

Notifications work only on Medium Filtering profile.

Looking forward to hear from you.

 

Awesome Just FYI, you missed the "Play default sound"/"Play custom sound" checkboxes in the "Notifications" section

Take your time man, Windows Firewall Control is already functioning as an awesome everyday extension to Windows Firewall. These extraordinary enhancements can wait till they are well developed Thanks for your continuous efforts in improving Windows Firewall Control

 

Yes. Micro bug. Next version.

 

1 : I use medium filtering.
2 : Medium too.
3 : I don't see such a rule , I've tried to restore Windows firewall recommended rules , but still the same.
4 : I use Kaspersky AV.
5 : Windows 7 X64.
6 : Yes.

I've reseted the defaut rules , and still I've started Firefox it didn't ask me to allow it.
In the rules table , there is nothing about Firefox , VLC .
Strangely enought , the notification appeared for AVP.exe (Kaspersky).
Thanks

 

Marshall39 has an incompatibility with Kaspersky AV. It seems to be an incompatibility between some modules of the antivirus and Windows Firewall. Does anyone else having these kind of problems with Kaspersky ?

 

Yes , like you mentionned in your email , I've tried to disable Kaspersky NDIS filter (some kind of filter I guess) but still no luck.
I've tried to exclude WFC in KAV protection , but no way.
It seems that only if you kill Kaspersky WFC works like expected.

 

@Marshall39 - Kaspersky Anti-Virus NDIS Filter is a driver for intercepting network packets. This will redirect the network traffic to this driver and it will not be redirected back to Windows Firewall. This acts like the other software proxies (Avira WebGuard, Avast WebShield) with which Windows Firewall (not WFC) is incompatible. You would have had the same problems as you described, even if you didn't install WFC, but try to enable manually outbound filtering in Windows Firewall.

I have created a new presentation video for Windows Firewall Control version 4.

http://www.youtube.com/watch?v=Wpsnf_pbGMM

No subtitles, no captions, etc. The program is pretty much self explanatory. For who is interested. Just in case you don't know already what WFC is all about.

Have a nice day,
Alexandru

 

Okay, allright!

That's not easy ... it seems to happen randomly. I stay tuned ...

Thank you very much for your work!

Greetings,
SwissBIT

 

So, if i understand a browser like Firefox will have no real protection, since it has "loopback"?

 

A loopback connection, to IP 127.0.0.1, can be made by Firefox to communicate to itself. Why do you think this affects the protection and how ?

 

If you mean the "problem" with AV-proxies (avast webguard and such things for scanning http(s) traffic), then you have right, such "loopback" connections are not blockable. But this is by Windows Firewall Design - and it's not a problem of WFC.

Greetings,
SwissBIT

 

I use Win 7 FW. I'm looking to enhance my firewall. What is Win FW Control? Is it good? Is it free?

Best Wishes,
Amit

 

Windows Firewall Control (WFC) is just that, a user friendly control for every function offered by Win FW. For enhancing your Windows 7 Firewall, it offers the following features (FREE, PAID):

- Easy switch between 4 Firewall Profiles: The default Windows (7) Firewall profile allows unknown connections (i.e. connections that don't have a rule blocking/allowing them). WFC offers a 2-Click solution for switching between "Disabled", "Allow Unknown Connections", "Block Unknown Connections" and "Block All Connections" firewall profiles

- Easy Firewall Rule Management: WFC offers an simpler-to-understand layout for your Firewall Rules, in comparison to the "Windows Firewall with Advanced Security" layout. Also, it offers new (and simpler) ways of creating Firewall Rules; via Windows Explorer's context menu or by clicking the window of the application. On top of that, it has a section for viewing recently blocked connections (through which you can easily create a new Firewall Rule) and offers the ability to search your firewall rules and filter them by inbound/outbound/User Created/Enabled/Disabled/Invalid.

- Notifications of blocked outgoing connections: Although Windows Firewall claims to (and does) notify you on blocked outgoing connections, you're limited on the number of functions you can do with such notification; you can either permanently allow the connection OR permanently block it. WFC offers those options along with the option to:

- Temporarily allow/block the connection until next restart
- Block the connection attempt until it's attempted again
- Customize the rule before creating it
- Lookup details on the file attempting the connection and/or the IP it's attempting to connect to​

All in a less-obtrusive notification Window:

http://i814.photobucket.com/albums/zz63/MrElectrifyer/Software%20Related%20Stuff/Software%20Screenshots/Windows%20Firewall%20Control/WindowsFirewallControlScreenshot.png​

IMO, it's a very handy extension to Windows Firewall and it just keeps getting better with every update from the dev (alexandrud). I used to rely on AVG's system-hogging Anti-Virus because its firewall offered similar functions. However, now that I've discovered WFC, I've switched to Microsoft's Anti-Expensive, Anti-system-hogging, Anti-Annoying Anti-Virus (Microsoft Security Essentials) and now use Windows Firewall with WFC to get the same benefits without the system-hogging.

 

One correction here. Windows Firewall offers notifications for blocked inbound connections and only for digitally signed applications. WFC offers notifications for blocked outbound connections.

More about the features of the program can be found on the website:
http://binisoft.org/wfc.php

There is also a video on Youtube for the latest version which shows how it works.

 

What is the approximate resource usage of this application please.?

Nice app by the way.

 

On my Computer (Running now for 1 week straight 24/7)

The service is at 21mb and the Gui at around 65mb

 

Read post 11 from the first page of this topic. You will find there the memory consumption.