Using third party firewall instead of Windows Firewall

Discussion in 'other firewalls' started by Melita, Nov 21, 2020.

  1. Floyd 57

    Floyd 57 Registered Member

    Joined:
    Mar 17, 2017
    Posts:
    1,234
    Location:
    Europe
    Its simple. He showed Cruelsister settings. He launched some malware to confirm its working as intended. Then he cleaned sandbox. As he launched the final malware (the one he was trying to show), comodo did not contain it for whatever reason and everything got infected. Bam. Also, Restricted is the 2nd lowest elevation allowed. Unrestricted is the lowest, with literally nothing allowed, but then almost nothing works, so I think Restricted is fine for sandboxing.
     
  2. Floyd 57

    Floyd 57 Registered Member

    Joined:
    Mar 17, 2017
    Posts:
    1,234
    Location:
    Europe
  3. Floyd 57

    Floyd 57 Registered Member

    Joined:
    Mar 17, 2017
    Posts:
    1,234
    Location:
    Europe
    Paging @cruelsister
     
  4. Chuck57

    Chuck57 Registered Member

    Joined:
    Sep 2, 2002
    Posts:
    1,709
    Location:
    New Mexico, USA
    Now I wonder how Spyshelter free firewall would perform against it.

    Uh, oh. Now I feel the neuroticism and paranoia building.
     
  5. Floyd 57

    Floyd 57 Registered Member

    Joined:
    Mar 17, 2017
    Posts:
    1,234
    Location:
    Europe
    Hehe that was my goal ;d
     
  6. Floyd 57

    Floyd 57 Registered Member

    Joined:
    Mar 17, 2017
    Posts:
    1,234
    Location:
    Europe
    Yo guys can someone message cruelsister on malware tips or wherever, she might not come to wilders for weeks or who knows how long
     
  7. Chuck57

    Chuck57 Registered Member

    Joined:
    Sep 2, 2002
    Posts:
    1,709
    Location:
    New Mexico, USA
    LOL.......Won't happen. Paranoia and the Internet are not compatible. You can see it here and on MalwareTips. People have their computers so loaded with security software, trying to plug every tiny hole, I'm surprised the machines work.
     
  8. Chuck57

    Chuck57 Registered Member

    Joined:
    Sep 2, 2002
    Posts:
    1,709
    Location:
    New Mexico, USA
    I tried messaging her over there. Wouldn't let me. Either something screwed up on my end, or she has messages turned off.
     
  9. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    4,081
  10. cruelsister

    cruelsister Registered Member

    Joined:
    Nov 6, 2007
    Posts:
    1,519
    Location:
    Paris
    Hi Guys! I am familiar with the video in question and confirmed at that time that what occurred was not reproducible. CF will contain such unsigned executable trivia like this trojan downloader quite readily at any containment level, so why it was not contained immediately in the Authors video one can only speculate.

    But for those venturesome enough to confirm/deny what was done in the video the malware used is well known and available from the usual sources:
    (MD5 8d01c393b5663644f7c787ca03662cd7).

    I certainly have nothing against valid videos demonstrating security products being breached, but I assure you this was not one.
     
  11. porkpiehat

    porkpiehat Registered Member

    Joined:
    Jul 18, 2015
    Posts:
    45
    yep, sometimes, **** happens.. :oops:
     
    Last edited: Jan 24, 2021
  12. cruelsister

    cruelsister Registered Member

    Joined:
    Nov 6, 2007
    Posts:
    1,519
    Location:
    Paris
    When this file is run it will spawn a daughter into AppData/Local, set up a startup entry pointing to the daughter, delete itself, and then the daughter will connect out initially to Paris, then other nastier places (like California).

    The firewall of CF blocks outbound connections, the daughter is contained in Local as is the Startup link in Roaming; these will be deleted on Containment flush or on reboot. Nothing real special here.
     
  13. Floyd 57

    Floyd 57 Registered Member

    Joined:
    Mar 17, 2017
    Posts:
    1,234
    Location:
    Europe
    Hey CS, do you still use comodo firewall? Any point of using the av with it? Asking for my grandma
     
  14. Chuck57

    Chuck57 Registered Member

    Joined:
    Sep 2, 2002
    Posts:
    1,709
    Location:
    New Mexico, USA
    The last place I want my laptop connecting is to California. I wasn't sure whether your video was in regards this one or the other alleged breach, or whether they were the same nuisance in two different videos. Thank you for clearing it up.
     
  15. cruelsister

    cruelsister Registered Member

    Joined:
    Nov 6, 2007
    Posts:
    1,519
    Location:
    Paris
    Floyd- Yes, I do. Still haven't been able to bypass it and God Knows it is not for the lack of trying. But for those that want a nice complement to CF, WVSX provides protection that is additive and will result in a combo less confusing for newbies (and Grandma).
     
  16. porkpiehat

    porkpiehat Registered Member

    Joined:
    Jul 18, 2015
    Posts:
    45
    indeed! :thumb:
     
  17. Chuck57

    Chuck57 Registered Member

    Joined:
    Sep 2, 2002
    Posts:
    1,709
    Location:
    New Mexico, USA
    I've got WiseVector on this thing. Right now, fooling with Spyshelter free Firewall/HIPS but no doubt will be back with Comodo. I keep the latest offline install version on an external drive. I like the containment feature, which is also nice for trying out new software as well as providing protection.
     
  18. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    14,789
    Location:
    The Netherlands
    LOL, this does indeed remind of the good old days. :p

    Don't you find the alerts annoying in SS Free? It's a pity you can't disable them.
     
  19. Chuck57

    Chuck57 Registered Member

    Joined:
    Sep 2, 2002
    Posts:
    1,709
    Location:
    New Mexico, USA
    The first day was very annoying. They've settled down since. Still get them, of course, when I open a program I haven't used since installing SS. At least it shows me SS is working.
     
  20. n8chavez

    n8chavez Registered Member

    Joined:
    Jul 19, 2003
    Posts:
    2,986
    Location:
    Location Unknown
    Yeah, no. You've just lost A LOT of credibility here @ wilders.
     
  21. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    3,382
    Location:
    Canada
    Thank for for confirming, cruelsister :thumb:
     
  22. TerryWood

    TerryWood Registered Member

    Joined:
    Jan 14, 2006
    Posts:
    961
    Hi @ Wilders

    Just installed TinyWall 3 in Win 10.

    I am wanting to find out whether Windows Firewall is better switched off or left on with TinyWall.?

    The only thing I can find from their web site is this:-

    "With the exception of Windows Firewall, no other firewall software should be active while TinyWall is installed. This includes standalone"

    For me, this doesn't answer my question, any help would be appreciated.

    Thanks

    Terry
     
  23. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    14,789
    Location:
    The Netherlands
    Yes, that's why I decided to go for SS Firewall because you can disable certain stuff, to minimize alerts. On the other hand, if you put it in "medium mode" it may allow too much, it's a pity that you can't manage the whitelist.

    I believed this was already explained in the TW thread, you know in the little discussion that I had with Ultim? Basically he said that it's best to leave the Win Firewall enabled. What this means is that incoming connections will be blocked by both TW and WF and outgoing connections will be managed by TW. And in order to avoid any problems it's best not to install Win Firewall Control (from Malwarebytes), unless you know what you're doing.
     
  24. TerryWood

    TerryWood Registered Member

    Joined:
    Jan 14, 2006
    Posts:
    961
    Hi Rasheed187

    Thanks for that, I'd missed it.
    It was, after all, a pretty verbose section of the thread.

    Terry
     
  25. Ming33

    Ming33 Registered Member

    Joined:
    Apr 23, 2021
    Posts:
    4
    Location:
    Aus
    G'day ; just wondering if windows firewall hardening tools have been compared and tried vs the comodo firewall setup you use @ cruelsister. Personally that is what I use but I have found it blocks allot of native windows updates etc. I have uninstalled it for grandma because there seems to be issues every time windows auto updates or the antivirus updates. So the question is does simplewall, tinywall or the malwarebytes binisoft make a good alternative to the comodo wall setup and is it effective enough. I have not seen any in depth reviews on this other than people showing the different levels of firewall profile settings of "low", "medium" and "high" on these windows firewall configuration tools.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.