Installed simple wall and just notice that my windows defender security is missing in my system tray icon?! Is that fine?
It doesn't necessarily have to do with his program. Why am I the only one who sees this? I'm not the only one looking, am I? When I block Simplewall in itself it stops spamming it's own log file. (And subsequently the connections.) Henry said it has to do with me using a VPN. I don't know why or what is even going on. (I'm not an expert or even good at this) But I doubt its malicious.
@Duotone @Cantos Your apps are from MS (WD and Word) so maybe the reason of your issue is that not only specific processes should be allowed but services also. Did you allowed some of them (list from RBM) to call out?
i dont have word but some program(not remember what was but after allow its work) wont work if you dont allow access to 127.0.0.1 so try it
I'm not using Windows Defender so I don't know what processes in fact there are in your system but - I think about such option (accesible from the list in SW window and from try menu) and services like this https://superuser.com/questions/494163/disabling-microsoft-antimalware-service - try to find such processes connected to WD...maybe they need to have internet access - point No 2 "Disable Real-Time Protection and reschedule your Windows Defender" https://www.drivereasy.com/knowledg...-exe-eating-up-too-much-cpu-in-windows-10/#F2
simplewall v2.3.4 (21 September 2018) https://www.henrypp.org/product/simplewall Download Changelog sha256 checksum
hi, does it have some self protection mechanisms, it runs very well but sometimes high CPU load with some windows services (if I find out which one I'll post). I use it for old laptops where I have to be careful about ram. Its also much simpler to use than any other software (the easiest one to date). However, there should be an informative window pop for new users on how to block all by default, first time I've run it I allowed all traffic without me realising it
simplewall v2.3.5 (14 October 2018) https://www.henrypp.org/product/simplewall Download Changelog sha256 checksum
I can not update with the program or reach your website when I use a VPN server in Luxembourg. Do you block VPNs for some reason? Also, do you know what those entries in the "blocked package log" mean? It is literally full of them. Many times per second. 14-Oct-18 23:29:28,<empty>,<empty>,[SOME EXTERNAL IP] (Remote),192.168.178.20 (Local),<empty>,<empty>,#0,IN,BLOCK Why are the places for the program name and some others empty?
simplewall v2.3.6 (16 October 2018) https://www.henrypp.org/product/simplewall Download Changelog sha256 checksum Spoiler: Changelog v2.3.6 v2.3.6 (16 October 2018) added purgen submenu into tray menu added more statusbar information set extra large icons view by default tray menu services counting bug fixed app with overdue timer still enabled on profile load fixed resetting some data on profile load fixed timer resetting on profie load fixed listview checkboxes cosmetic fixes fixed bugs
So as of today I switched to Simplewall (coming from Tinywall) and I'm loving it. I do have some questions / observations being a new user. * Leave windows firewall (wf) enabled on install or disable it. 1. With wf OFF, simplewall will save to it's own config? (I'm using this) 2. With wf ON, simplewall will configure the wf? Which of these 2 options is recommended and as I'm using the 1st option, how and when does simplewall activate during boot process? I'm asking this because I dont see a simplewall service and the default firewall is disabled by simplewall. (I have enabled boot-time filters) * Is there a way to allow us to expand the settings/rules window for a better viewing experience? * Is the blocklist automatically updated with simplewall updates? * of the default enabled system rules, which ones do you guys still disable (and why). * I'm working under user context, tried to use the skip UAC but that option doesn't seem to be working properly (as mentioned before). * I also vote for making the exit button close to the taskbar. * compared to tinywall the first thing I missed was having an option to quickly restrict a program to only acces the LAN. It's working now using the custom rules, but maybe it can be included as an build-in option in the future.
* Simplewall always configures the Windows Filtering Platform (WFP) if enabled. (As does Windows Firewall) But leaving the Windows Firewall on together with Simplewall, leaves your device open to changes to it outside the scope of Simplewall. And any program can simple add filters to the Windows Firewall which practically negates protection. Recommended is option 1: to let Simplewall turn the Windows Firewall off. (You can ignore the screams from Windows Security Center about it.) I don't know when Simplewall activates itself if boot-time filters are enabled. But I guess it doesn't and this is some functionality of WFP. Simplewall does not need a service because it uses WFP. (Like pretty much ALL other firewalls for windows) * You can drag the borders and embiggen the window. Or did you mean something else? * The blocklist gets separate updates. (More often) * None except DNS and Windows Update. (You may need DHCP) Why? Do you have servers running? If not: They are potentially detrimental to network security if allowed. * Exit button close to the taskbar? * You can right-click anywhere and add a custom rule or a program, if that helps and isn't obvious. I forgot what they tell you when you install it first time. * have not used TinyWall
* Simplewall always configures the Windows Filtering Platform (WFP) if enabled. (As does Windows Firewall) But leaving the Windows Firewall on together with Simplewall, leaves your device open to changes to it outside the scope of Simplewall. And any program can simple add filters to the Windows Firewall which practically negates protection. Recommended is option 1: to let Simplewall turn the Windows Firewall off. (You can ignore the screams from Windows Security Center about it.) I don't know when Simplewall activates itself if boot-time filters are enabled. But I guess it doesn't and this is some functionality of WFP. Simplewall does not need a service because it uses WFP. (Like pretty much ALL other firewalls for windows) Excellent answer thank you. Any reason why the boot-time filters aren't enabled by default? * You can drag the borders and embiggen the window. Or did you mean something else? The main window yes, but once you open the settings window, that window can't be resized. Allowing the settings window to be resized to get an overview of all (available/enabled/disabled) system rules in one overview would be useful imo. * The blocklist gets separate updates. (More often) How is this updated? through the same update mechanic? * None except DNS and Windows Update. (You may need DHCP) Why? Do you have servers running? If not: They are potentially detrimental to network security if allowed. I'm just asking because I had LLNMR/mDNS/NetBios(in/out)/SNMP/SSDP(in/out)/UPnP enabled. Wondering if that's default or if more was enabled on my end compared to a default windows install. I did find out that turning off WS-Discovery does some stuff with the indexing service (got an index error message on top of the startmenu when I started to type/search something in the startmenu), so I put that back on. I also had to switch on NTP to have windows time get the current time from pool.ntp.org. Speaking of Windows Update, having "Windows Update" option enabled under system rules didn't seem to be enough. I had to allow "svchost.exe", which does alot more than just getting windows updates (also sends telemetry). I've "restricted" svchost.exe to port 80;443, but I still feel akward about that executable... I guess there's nothing you can do about it if you want Windows Updates (unless I start using WSUS Offline Updates or something similar) * Exit button close to the taskbar? I think I was a bit unclear/wrong here, I mean on the main simplewall window on the bottom there's the "Exit" button that closes the the simplewall program. I think it would be better/safer to have that button funtion as a "close to system tray" (and leave it running) option. I think having an true exit program option by right-clicking on the fire icon on the system tray would be a better solution. * You can right-click anywhere and add a custom rule or a program, if that helps and isn't obvious. I forgot what they tell you when you install it first time. Yeah after some tinkering I got that to work. Ok, would it be possible to have Simplewall have a default option called "restrict to local network" pre-configured as a custom rule, so novice users can simply right-click on the program and link the "restrict to local network" custom rule? I think it would add to the "simplicity" idea of simplewall. * have not used TinyWall It was pretty good actually, but I think this is getting better and better
cool since when u use simplewall alongside eset firewall you receive double alerts first from simple wall then eset, might not be like much but if one fails (gets compromised, corrupted, bugs out or when re-installing one of them) another picks up connections. Tinywall doesn't work with eset but with simple wall there are no spotted issues yet. I am trying both at same time (simple wall + eset) since simple wall gives more intuitive control over some eset settings and they don't clash they seam to seamlessly upgrade one another and eset will tell you with hips if simpewall got modified and now tries to connect (hips missing in simplewall) like from virut infection, hacker activity and alike
bitpixl Sorry, your answer slipped through my notifications. Haven't seen it until now. Sorry I don't know. The dev sometimes come on here, you can ask if he doesn't sees this. @henrypp He's the developer. Yes. You can search for it manually or it will just pop up. It is default. I have all these deactivated and they are still listed. You don't usually need them I don't use indexing. Actually, in Simplewall I have NTP deactivated, but I still get updates. I just checked. Maybe if the NTP protocoll fails, windows falls back to something else. Thanks for mentioning it. I totally forgot NTP and had it still configured to use microsofts server. Yea that's right. Unfortunately Henrypp hasn't yet done something in this regard. Maybe it is hard or impossible to get all or any relevant windows update server IPs. You seem to think that the firewall is disabled when you close Simplewall. (I think. Because you said "safer") Simplewall works even when the program is not running. As it uses WFP to enforce blocking; as long as you activated Simplewall the protection never ends. It tells you about this when you close it unless you set the flag to never tell you again the first time you saw it. The only thing that isn't working is the pop-up windows that ask you about new programs that want more internet. I think it's best if you make a list with your ideas to improve the program. I don't think Henrypp takes enough time to read all the posts in this thread. If you write @henrypp you can send him a notification about your post. EDIT: Henrypp, FYI, some Luxembourger VPN-IP are blocked on your website. No issue though.
I wish this firewall had some kind of Connections Log where every program that tries to access the internet gets logged and we can customize them to allow/deny, etc, i prefer that over the notification system