another Windows Firewall Control?

Read 2 posts behind. I have used a different certificate. Install the application and the certificate will be updated. Next time you start the application, it will appear again from BiniSoft.org.

 

I just ran the 3.7.3.0 install as an upgrade over 3.7.2.0, the service was stopped then restarted and everything is fine. There were no warnings about the certificate.
(W7-64 Pro.)

J

 

Everything's fine here, too!
Thank you for the update

 

Awesome update alexandrud; everything working as expected here

I don't use UAC; I'm self aware of what I download

 

UAC is useful if you are using a Standard User Account.

 

Please help!
Your firewall says:
"Adobeupdater.exe wants to connect ... "
If I answer: always block I suppose it is blocked for ever...
I I answer : block for now and ask later, the firewall pops-up every 5 seconds with the message (= adobeupdater.exe wants to connect etc..)
So I MUST block it for ever!
Is there another way?!!
Thanks

 

Hmm, that could be a handy new feature; temporarily block until program restart, instead of ask me again later

 

If you press on "Ask me later" you will be prompted again only if the programs still wants to connect and the last attempt logged by WFC is at least 30 seconds old. The solution is to allow it or to block it permanently.

The elegant solution:
Change the Adobe Updater preferences to not check automatically for updates. If your computer is connected to the internet, then you can change the Adobe Updater preferences to not check for updates. Who needs automatically updates for Adobe anyway ?

To Change the Adobe Updater preferences, do the following:
1. Start the AdobeUpdater.exe application.
2. When the update screen appears, click the Preferences button.
3. Uncheck the Automatically Check for updates checkbox and click OK.

Or you can disable Adobe Updater from executing at Windows startup.

Please let me know if this helps you.

 

Oh, in that case it is already implemented the right way.

 

How do you think it should work differently?

Adobe will keep trying 'every 5 seconds', that's an Adobe 'problem', not WFC/WF.

There's no way to set WF to 'Block for xx days then ask again'. But you should be able to change the settings in Adobe for frequency of update checks. I don't use Adobe but it should have a setting to automatically check daily, or weekly, or monthly (or never, which means you have to check manually).

You could use WFC to Block Permanently, then when you want to check for an Adobe update, you open WFC Manage Rules and delete the Block rule, then when Adobe checks the next time, click on the "T" to 'Allow once', etc. etc.

Do a bit of experimenting, get to know the apps and what they can do.

J

 

This is exactly my problem, glad that you have understood so quickly.
There are solutions: block until a new boot, or for x days. And there are many other possibilities...

Keep that advice for you, you do not know whether I experiment or not. I do not agree. The apps should adapt to us and we do not have to adapt to them.

 

This is ok for Adobe, and Adobe was just an example....There are other softwares asking and asking and you cannot control them easily. Thanks anyway.

 

This is the purpose of the notifications introduced by WFC, to notify you about the outgoing connection attempts. If you don't like the notifications, disable them. This is the purpose of notifications. I don't understand how would you like the notifications to behave.

 

Adobe Reader 9 and later uses armsvc.exe for updating.

Everything you want to know about Adobe updating: http://kb2.adobe.com/cps/837/cpsid_83709/attachments/Acrobat_Reader_Updater.pdf

 

How long is, what defines, "temporary"?
The way User switching works, I'd assume that switching User, then switching back would have revoked Temporary?
Is there, could there be a way in Rules to revoke Temporary or to otherwise mark a rule(s) as Temporary?

There is no way for a free user to utilize the Temporary feature, as it only comes with Notifications, a pay feature.
Perhaps a Shift+Browse program/Shift+Click window to effect Temporary?

 

So, let me try to explain.
I am working on my PC. Suddenly my firewall warns me:" thatsoft.exe wants to connect to the Net".
Shall I authorize? Shall I refuse? I don't have time to think about that at that moment: I am working.
If I block, it is blocked 'for ever', which is maybe not good. (I could of course write somewhere: "do not forget to check in the rules thatsoft.exe when you have time to do it").
If I authorize, it coud be a mistake.
So, if I could delay the blockage for a few days (or until a new reboot e.g.), maybe it could be an interesting feature.
It is just an idea....
English is not my mother tongue, so feel free to ask if I am not clear enough.

 

A temporary rule is left untouched until WFC is restarted. On the startup of WFC, all the rules that are in the Temporary Rules group are deleted automatically. You can manually create a rule and you can modify the group of the rule. Just rename the Group of the rule to Temporary Rules. When you use the FastUserSwitching, the program is closed and restarted on the other user account. So, yes, in this scenario, the temporary rules are deleted on startup of WFC. To convert a temporary rule to a permanent one, you can change the group to a different name. I will try to find a solution to create temporary rules also manually.

I understand what you are saying. This is why you can disable the notifications. They can be annoying sometimes. They are good if you set up your computer or install a new software. After that, you can disable them and forget about creating rules. If some program can't connect, you can activate the notifications back and you know what to do.

 

Works just as I had hoped, thanks.

 

I take a screenshot of the Notification and move it to a folder for followup later. If the same program keeps trying every 5 seconds then I Block it.

Later, I review the screenshots and make up my mind and Manage the Rules if I decide I want to Allow it, otherwise it stays Blocked. An example is jusched.exe

 

Why not donate $10 and get all the features? $10 is not very much for this excellent, useful app.

 

ok- so you agree that a small improvement could be done, don't you?!>
why not (I say again! it's just an suggestion) a triple choice:
-block
-allow
-remind me in [3] days?

 

No, I don't agree with this small improvement. To do this, I would have to store all the programs that have been blocked in this way (remind in 3 days) into an external file. This file should be read then on every startup of the application and saved on every modification of the list. Also, this list should be maintained and new fault scenarios can be created. There are multiple choices in your scenario:
1. Disable the notifications.
2. Block the programs and from time to time review them on the Manage Rules window.
3. Use Low Filtering.

Sorry, but this feature will not be implemented. Early versions of WFC stored the rules in Windows Registry (external source) and it was very hard to maintain the compatibility between versions. I don't want to start over with the same mistakes.

 

JW Clements was supposed to agree..not you
But if I disable the notifications and if I use a low filtering, do I still have a functional firewall?!

 

If you use Low Filtering profile, the inbound control is enabled and only the programs that you blocked with a rule are blocked to make outbound connections. Also, if you disable notifications, only the notifications are skipped, but you are still protected by Windows Firewall. This does not change the protection level. Remember that Windows Firewall does not even provide such notifications. This doesn't mean that the firewall is not working.

But, I have an idea which can fit your needs better and this may also be good for other users too. When the user presses on the "Ask me later" button, WFC will ignore the notification for the same program until the next restart of WFC. This could be in 5 minutes, 8 hours or in 3 days.

If more users will agree with this, I will change the default behavior of the "Ask Me Later" button.

What do you think ?

 

Hi Alexandru and myk1 and anybody else,

After reading the latest posts on Wilders I think I understand where I was wrong before.
Before, I thought that it was WF that deleted the Temporary Rule once the app had been Allowed by WF.

Now I see that it's deleted by WFC whenever WFC starts up.

First, We have various reasons for using an Outbound firewall.

1) We want to permanently Allow our browser and some other known & valid apps to
connect. Therefore we want to create an Allow+Enabled rule and forget it.

2) We want to permanently Block some known & valid apps that like to 'phone
home' and possibly pass info that we don't want to be passed. Therefore we want to create a Block+Enabled rule and forget it.

3) We want to Block some known & valid apps 'most of the time' but Allow them
'sometimes'. These could be apps that like to auto-update and we'd prefer to be able to
make a system backup before manually allowing an update. Therefore we want to create a Block+Enabled rule and Manage it manually when we want to Allow the app.

4) We want to Block an unknown app until we determine whether we want it to Always connect or Never connect or Sometimes connect. Therefore we want to initially create a Block+Enabled rule and later Manage it manually if we want to Allow the app. (This is really the same as 3)

We have various ways to create and maintain the rules using WFC:
We can Add rules 'in advance' by Browsing, if we know the name of the app and where it resides.
We can Add rules using Notifications.
We can Manage existing rules.
We can Delete rules.

If we have donated and have Notifications and:
- we've set Notifications to Medium (or High) and
- we've set our profile to Medium Filtering and
- we get a Notification
We can just ignore the Notification or click to close it or
We can use WFC to create an Allow+Enabled or a Block+Enabled rule.

When/if we want to, we can Manage the Rule, changing a Blocked+Enabled to Allow+Enabled and if this is temporary, run the app manually, then Manage the Rule back to Blocked+Enabled.

We can also create a rule in the "Temporary Rules" group as Allowed+Enabled, via Notifications, where that rule only exists while WFC continues to run, because all rules in the "Temporary Rules" group are deleted the next time WFC starts (because we stopped/started WFC or switched users or rebooted). We can't create a temporary Blocked rule but that doesn't make sense anyway.

If the user never stops/starts WFC or never switches users or never reboots, the rules in the "TR" group 'continue to exist' just as if they were permanent, ie. same as those in the "Windows Firewall Control" group. Note that the app may be Allowed multiple times while the rule exists, not just once.

**-or-**

If we haven't donated, we never know, unless/until
- we are trying to manually connect and can't, but then creating a rule is a bit more difficult, i.e. identifying and browsing to the executable, etc.

Better to donate and have Notifications!

------------------------------------------------------

There's an interesting user request (myk1) that WFC extend the Temporary function of Notifications to include a means to defer the 'next' Notification for an extended period of time, say "xx" days, effectively Blocking the app for that period and since a Rule exists, there's no pestering Notifications.
Note: This would affect points 3) and 4) above.

The Notification would have to have a "T" field beside the Block button and at least one more field to allow input of the value "xx".
The "days" value "XX" would be used to calculate an Expiry Date for the rule.
The UI would have to have an additional "Expires on" column to display the Expiry Date and Time.

But we all know that someone will then ask for another alternative to "Days". Let's assume that Alexandru has lots of time and provides "Weeks, Days, Hours and Minutes" as options.

**** and****

the same approach could be used to time limit an Allow Rule, i.e. Allow for "xx" "W/D/H/M".

WFC could use a new database file to 'remember' this policy but that would make the app much more complex and we don't want that.

**** But ****

If the Group field is free text and not used by WF for anything but sorting & grouping rules, WFC could eliminate the need for a new file and additional UI columns and simply generate a value for the Group name consisting of a Date and Time that the rule expires and should be deleted by WFC.

For example, on Nov. 19th 2012 at 11:23 a Notification pops up:
User wants to Block for "5" "days",
WFC creates a Block rule for the app with a Group name of "2012-11-24 @ 11:23"
User wants to Allow for "20" "minutes",
WFC creates an Allow rule for the app with a Group name of "2012-11-20 @ 07:23"

WFC would not delete these rules each time it starts, instead it would have to check for 'Expired' rules on a regular basis, perhaps every 5 minutes and delete any that were older than the current date and time. This wouldn't stop the app from connecting multiple times during the Allowed period.
Since it's Alexandru's UI, the column title could be changed to "Group or Rule Expires on"
------------------------------------------------------
Other notes:

Allow+Disabled is equivalent to Block+Enabled so WFC could always Allow and just vary the Enabled/Disabled field. The list could be filtered by Display = "User created rules" and Filter = "Enabled/Disabled" and sorted by Group / Rule Expires on.

But, a rule added by WFC right now to the Temporary Rules group is not considered a "User created rule". Therefore we can't use the Display > "User created rules" to limit the list. Of course the list can be sorted on by Group. It would be nice if it could be flagged as user created.


J