PrivateFirewall V7.0.28.1 Released Today

Discussion in 'other firewalls' started by kdcdq, Jun 1, 2012.

Thread Status:
Not open for further replies.
  1. siketa

    siketa Registered Member

    Joined:
    Oct 25, 2012
    Posts:
    2,718
    Location:
    Gaia
    Try it with this settings:

    1) turn off Training mode
    2) turn on "Manual Control" and check both options (Display alerts... and Disable Auto-Response) under Basic Settings
    3) turn on "Always display alerts for new outgoing connections" under Basic Settings
    4) turn on "Enable Process Detection" under Advanced Settings
    5) raise "Process monitor" setting from Medium to High in main GUI
     
  2. kupo

    kupo Registered Member

    Joined:
    Jan 25, 2011
    Posts:
    1,121
    Have you reported this to Privacyware?
     
  3. Scoobs72

    Scoobs72 Registered Member

    Joined:
    Jul 16, 2007
    Posts:
    1,113
    Location:
    Sofa (left side)
    From memory, PFW fails the PCFlank Leaktest because it doesn't protect COM Interfaces....or at least it doesn't protect the relevant one here.
     
  4. JoeBlack40

    JoeBlack40 Registered Member

    Joined:
    Apr 1, 2009
    Posts:
    1,579
    Location:
    Romania
    All these settings doesn't help,the word string is still sent to the PcFlank site without a beep from Privatefirewall.

    I guess i will as i don't like at all this behavior.
     
  5. Scoobs72

    Scoobs72 Registered Member

    Joined:
    Jul 16, 2007
    Posts:
    1,113
    Location:
    Sofa (left side)
    Real-world scenario time - if you've already clicked "Allow" for the first two alerts that PFW gave you, why do you think you're possibly going to click "Block" for an alert that tells you that a protected COM interface is about to be accessed?
     
  6. arran

    arran Registered Member

    Joined:
    Feb 5, 2008
    Posts:
    1,154
    no he clicked block on the second alert he didn't click allow on both alerts only the first one.
     
  7. JoeBlack40

    JoeBlack40 Registered Member

    Joined:
    Apr 1, 2009
    Posts:
    1,579
    Location:
    Romania
    Please read again my post.I allowed only the first alert.
     
  8. Scoobs72

    Scoobs72 Registered Member

    Joined:
    Jul 16, 2007
    Posts:
    1,113
    Location:
    Sofa (left side)
    So you blocked the second alert, but you didn't terminate the process? Why would you possibly do that in a real-world scenario? Sorry, but I see this as just another daft leak-test. If the user is going to allow the execution in the first place, then block the next alert but not think to terminate the process, then how are they possibly going to understand what to do with a COM interface alert that has relevance to Internet Explorer only?
     
  9. arran

    arran Registered Member

    Joined:
    Feb 5, 2008
    Posts:
    1,154
    Scoobs you are missing the point. the main purpose of having a firewall with HIPS is to not only block execution of unknown programs but to also "Control the Behaviour" of programs that you regularly use. for example in a real life scenario if you like VLC and you choose to use VLC as your preferred video player how are you going to be able use it if you block the first warning and deny it to execute and run?? A decent out bound firewall should be able to block it from accessing internet if you don't want it to on the second warning.
     
  10. JoeBlack40

    JoeBlack40 Registered Member

    Joined:
    Apr 1, 2009
    Posts:
    1,579
    Location:
    Romania
    I wanted to see this with Privatefirewall's default actions.So when it says BLOCK,i expect it to block the action,not fooling around and have me click on "Details...Terminate" bla bla bla.First action allow to execute,second action block connection to internet.This is how it suppose to work,for me at least in real-world scenarios.
     
  11. ichito

    ichito Registered Member

    Joined:
    Jan 14, 2011
    Posts:
    1,963
    Location:
    Poland - Cracow
    I will try to more complicate such situation:
    - first...alert during installation and we enable installation mode
    - second...alert after installation when we try to run first time the new apps - so we set "allow"
    - and next when tne new app try to connect to the internet for example to check update...we can deny that action because we want to updating app only manualy by running installer of new version.
    It's real scenario for example to media palyer, image browser, movie/music converter, some system conservation tools, etc.
     
  12. Scoobs72

    Scoobs72 Registered Member

    Joined:
    Jul 16, 2007
    Posts:
    1,113
    Location:
    Sofa (left side)
    That's a false analogy. Non-malware applications do not use the PC Flank firewall bypass method, so in reality you have full control over VLC and any other applications requiring outbound internet access.

    What we're talking about here is malware, and it's my assertion that anyone that has allowed the execution of malware, but then blocks the next (rather innocuous) alert because they have now become suspicious, wouldn't sit there letting the application run in the background. They'd terminate it.
     
  13. vojta

    vojta Registered Member

    Joined:
    Feb 26, 2010
    Posts:
    830
    Totally agree.
     
  14. arran

    arran Registered Member

    Joined:
    Feb 5, 2008
    Posts:
    1,154
    Actually I have seen non malware applications piggy backing on my browser to call home, you never know if say for example the VLC developer or any other software developer decides to release an update causing VLC to piggy back on the browser so as it can call home. by your analogy we might as well not bother using a firewall with hips and instead just use an anti executable.
     
  15. lllbob

    lllbob Registered Member

    Joined:
    Dec 31, 2007
    Posts:
    5
    Location:
    usa
    This firewall seems ok. Using v7.0.29.1 on vista 32 bit. Runs smooth.
    Passed shields up, but my isp is behind a nat anyway.. so it would pass with no firewall I'm sure.
    Nice. No blue screen crashes. Another good firewall. Only had to add a few rules for ICS.
    They should include a default ics rule in future updates. or maybe it was just my setup.
    It's kinda rigged. lol. pc1 shares usb 3G modem to wifi router. It works lol.

    Although I used jetico2 at first. A real tight firewall. Good. but a little too good.
    I could never get ics to work. internet connection sharing. without disabling the firewall.
    Also the drivers didn't uninstall either. had to manually disable them.
    It was still a good firewall.. it was as close to Sygate firewall that I could find for vista.

    Had to get rid of outpost security suite free firewall.. it started giving bsod's.
    Op uninstalled nicely though. no drivers left behind.
    It was mostly this: driver_irql_not_less_or_equal tcpip.sys
    And a few of these: page_fault_in_nonpaged_area ntkrnlpa.exe
    and windbg never pointed to any op drivers. just tcpip.sys and ntkrnlpa.exe
    and it always happened when a browser was running. not when playing a game.
    OP worked great for a while though. then it was crash after crash.
    All crashes stopped immediately after uninstalling outpost.. and installing PrivateFirewall.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.