Privatefirewall VERSION 7.0.20.47

Discussion in 'other firewalls' started by MasterTB, Jun 25, 2010.

Thread Status:
Not open for further replies.
  1. MasterTB

    MasterTB Registered Member

    Joined:
    Jun 19, 2007
    Posts:
    547
    Location:
    Paran?, Argentina
    A new version of Privatefirewall is available at http://www.privacyware.com/PF_support.html

    The changelog says:
    RELEASE NOTES - 7.0.20.47, posted 06/24/2010
    - Modified default port-specific rules.
    - Enhanced connection detection capability.


    Perhaps an answer to the permissive rule-set I was posting about on another thread.
     
  2. NoIos

    NoIos Registered Member

    Joined:
    Mar 11, 2009
    Posts:
    607
    Thanks good to know. I hope someone can test the specific issue soon.
     
  3. MasterTB

    MasterTB Registered Member

    Joined:
    Jun 19, 2007
    Posts:
    547
    Location:
    Paran?, Argentina
    Yes! I really like the firewall but the lack of support for Home Groups on Win7, IPv6 and the default rules made me switch to PC Tools for the time being.
    I was also getting a lot of open ports on GRC's Shields Up and I can't explain why.
    I'm not desperate for a stealth status but open ports is unacceptable, I'm not running a server at home :cool:

    Perhaps someone who's using it will update and post back some insights...
     
  4. drakhil

    drakhil Registered Member

    Joined:
    Jun 27, 2010
    Posts:
    15
    firewall tends to leave port 135 open any solutions
     
  5. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,786
    Get a router...
     
  6. MasterTB

    MasterTB Registered Member

    Joined:
    Jun 19, 2007
    Posts:
    547
    Location:
    Paran?, Argentina
    Go to System Services on the Applications list and disable Ports 135 and 139 on High Zone.
    For that reason and some other incompatibilities with Win7 I had to remove the firewall.
    Still waiting for a fix. Privatefirewall insists on Stealth out of the box but that is not happening on Win7, at least not to me.
     
  7. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    I suggest that you open a support ticket about this issue. I have found the Privacyware folks to be very friendly & helpful.
     
  8. MasterTB

    MasterTB Registered Member

    Joined:
    Jun 19, 2007
    Posts:
    547
    Location:
    Paran?, Argentina
    I did, and They are. I have been talking to Greg Salvato for almost two weeks now but the firewall lacks support (in full -HomeGroups and IPv6- for Win7) and the stealth issue still persists.
     
  9. drakhil

    drakhil Registered Member

    Joined:
    Jun 27, 2010
    Posts:
    15
    hi,
    i think there is some problem with automatic rules in new firewalls as port 135 seems to be open by many firewalls
    one thing can be tried
    which i tried successfully
    click file in main window >settings>select manual control>disable auto response
    then reset the firewall by clicking the blue button
    make sure the firewall is not in training mode
    then we start using computer normally
    the alerts will come for all the programs connecting to net
    click trust the publisher remember and allow for your antivirus,and other software
    any suspicious process just click block without clicking remember and if the system keeps functioning well let it be safely blocked
    later stage
    just temporarily allow browser to pass through the firewall
    opera tries to connect in may ways to net
    and all action except the first connection attempt i blocked
    and the thing seemed working fine
    all grc and ort scans succesfully passed:cool:
    let us see how long it remains so
    thanks
    ( i am no computer expert just manage to work my way around i posted in good faith the method which worked for me )
     
  10. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    I am very interested in PFW. Am following this thread closely. When received, PLEASE share the results of your request to privacyware support.
     
  11. MasterTB

    MasterTB Registered Member

    Joined:
    Jun 19, 2007
    Posts:
    547
    Location:
    Paran?, Argentina
    Hello:
    About the PFW support ticket:
    As I explained to them:
    Manual mode is good and granular if you disable auto response BUT: for trusted applications -like Svchost, System Services or the Infamous WMP Network Sharing services- being that they are trusted applications, the firewall will put the countdown for the alert on the allow! and when you click block the firewall will ask you again and then only give you the option to block BUT (AGAIN) if you block, you block for good and for both Trusted and Untrusted (High and Low) since as you say, the firewall at this time does not recognize between trusted or untrusted incoming, hence, not only you have to block twice but then you have to go to the rules and uncheck the Low settings if you wanted that Trusted traffic to occur, leaving the check to block only the untrusted -High-.

    Right now, when you enable manual mode and disable auto response, the firewall does not distinguish between trusted or untrusted incoming traffic, which is kinda silly since it overrides the need for either profiles or trusted-untrusted network settings, which BTW does not make sense at all, if the user set up a trusted network THAT THE FIREWALL IS AWARE OF, why confuse the traffic when alerting traffic that is coming from the untrusted networks block also the trusted ones!

    And I received this mail from Support "Manual mode should allow you to selectively enable ports (and other process, firewall, network, …attributes) as you see fit. PF, as you are aware, includes some default rules enabled for remote connections, including RDP, etc. This was intended to enhance usability, but we are currently devising some modifications (based on your and other customer feedback). For example, currently in Standard mode, PF prompts the user when a new incoming connection is detected, but enables both the LAN and internet connections when Allow is selected. We plan to modify this so that the alert is only displayed when the connections source is from the Untrusted zone (Internet). PF will silently allow connections from the trusted LAN, but nothing else unless there is user authorization. In addition, we may remove several problematic default rules for Standard Control mode as well."

    So, ATM I'm waiting on confirmation and keeping the firewall in manual mode with auto response disabled, correcting any faulty rules that may be created. I have to say that like this, the firewall is VERY CHATTY, not like on auto where you can hardly notice it..

    Will keep everyone posted.
     
  12. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    Please do! :)

    And thanks for the update on the support ticket. I am very impressed by privacyware's excellent support of a free product.
     
  13. pabrate

    pabrate Registered Member

    Joined:
    Jan 21, 2010
    Posts:
    685
  14. johncage

    johncage Registered Member

    Joined:
    Aug 11, 2008
    Posts:
    70
    @MasterTB,

    Does privacyware have plans to support IPv6?
     
  15. MasterTB

    MasterTB Registered Member

    Joined:
    Jun 19, 2007
    Posts:
    547
    Location:
    Paran?, Argentina
    After my corrections PCFlanks pass all stealth. With default settings you can see the results here: https://www.wilderssecurity.com/showpost.php?p=1704648&postcount=92

    @johncage Yes. IPv6 support is in their plans. Don't know when but as I've been told developers are working on it.

    I have to say that I'm just an user with no relation to PFW or Privacyware. Just in case anyone asks. I just like the product and their support is superb for a free product.
    Needles to say that they did 3 updates just in June, all related to user feedback and product improvement. A really serious company if you ask me.
     
  16. papasmurf

    papasmurf Registered Member

    Joined:
    Jul 4, 2010
    Posts:
    28
    Location:
    Pacific Northwest USA
    Ok, here are mine:

    Privatefirewal.jpg
     
  17. MasterTB

    MasterTB Registered Member

    Joined:
    Jun 19, 2007
    Posts:
    547
    Location:
    Paran?, Argentina
    @papasmurf What OS are you running? My results are with Win 7 x64. And as I understand, having a Home Group enabled will make the OS open more ports and enable more services than other OS like XP, Win2K or even Vista. That may be the difference.
    I'm still waiting on a revised version of the firewall with the updated logics to see how it behaves.
     
  18. pabrate

    pabrate Registered Member

    Joined:
    Jan 21, 2010
    Posts:
    685
    That's not Stealth test , I guess you have executed Advanced Port Scanner, but that's good too.
    Anyhow, not all ports are stealthed, maybe you should change some settings like MasterTB did.

    I'm interested in this firewall and I'm going to test it later today.
     
  19. pabrate

    pabrate Registered Member

    Joined:
    Jan 21, 2010
    Posts:
    685
    OK, I downloaded latest version and installed it in windows 7 (not a VM) , default settings, NOTHING was changed.

    Then I opened IE and did two tests with pcflank.com
    One was Stealth Test and the other was Advanced Port Scanner.
    It's ALL Stealthed.
    So, I don't know what problems you guys have.
    Here are the pictures :
     

    Attached Files:

    • s1.JPG
      s1.JPG
      File size:
      174 KB
      Views:
      49
    • s2.JPG
      s2.JPG
      File size:
      149.8 KB
      Views:
      38
    Last edited: Jul 6, 2010
  20. MasterTB

    MasterTB Registered Member

    Joined:
    Jun 19, 2007
    Posts:
    547
    Location:
    Paran?, Argentina
    To compare:

    Do you have a Home Group enabled like I do?
    Is your network set to home and the router (internal IP's) to Trusted?

    If so... then I don't know what's the difference, if not, then there's the answer.
    I have a home network with all Win7 PC's and I have set up a Home Group, which enables a lot more services on 7 that are not enabled by default.
     
  21. pabrate

    pabrate Registered Member

    Joined:
    Jan 21, 2010
    Posts:
    685
    You are right, that machine was not in Home Group, so I guess that's why ports were stealthed because they were not opened in the first place.
    However, when I find some time later I'll try it, but I guess that ports 135-139 are probably not going to be stealthed.
    I let you know.
     
  22. pabrate

    pabrate Registered Member

    Joined:
    Jan 21, 2010
    Posts:
    685

    Well, I can't enable Home Group since it's a single PC and it would be a pain for me now to connect it to other machines in the house.
    I didn't changed anything in options for Privatefirewall.

    If you have any idea what I can do in order to test it and help you, please do tell.
     

    Attached Files:

    • hgr.JPG
      hgr.JPG
      File size:
      29.1 KB
      Views:
      10
    • hgr2.JPG
      hgr2.JPG
      File size:
      82.2 KB
      Views:
      1,678
  23. papasmurf

    papasmurf Registered Member

    Joined:
    Jul 4, 2010
    Posts:
    28
    Location:
    Pacific Northwest USA
    Sorry, I forget not everyone has signatures enabled.
    I am running winxp pro, I connect thru a router, (hard wired),
    and I have 2 other laptop systems that connect thru the wifi.
    My system is the admin.
    To be honest, any of the port tests are pretty much reading my router, not my system.

    It has been told to me by others that the "stealth" thing really is not necessary.
    Closed is closed. nothing in it, nothing outta it unless I allow it.
    However, as I mentioned above, you are not seeing my system...you are seeing
    my router. The shields up test doesn't see my systems IP, only the routers.
    I use the firewall more or less to control applications from accessing the net without
    my permission...that just really annoys me.
     
  24. MasterTB

    MasterTB Registered Member

    Joined:
    Jun 19, 2007
    Posts:
    547
    Location:
    Paran?, Argentina
    Unfortunately your settings are far too different than mine.
    If you have a single PC there is no way to enable Home Group and enabling file sharing on that setup would be a huge mistake since the only thing you could share with is the WWW and that is never a good idea.

    Don't worry though I believe that PFW is on the good path and changes are coming.

    In the mean time, with the help of Privacyware support I have closed all the loops on my end so I'm pretty sure my pc is secure.

    Thanks anyway, you have gone far enough to help.
    And believe it or not, doing your tests can prove that the firewall is stealth out of the box and the problem lays within it's interpretation of windows shares, which could help developers narrow the problem.

    I will share this thread with them, perhaps it can help.

    Martin.-
     
  25. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    Hi Martin,


    If your reply is to papasmurf (which it appears to be) I am not sure as to how you have arrived at that conclusion, as papasmurf is behind a router.


    - Stem
     
Loading...
Thread Status:
Not open for further replies.