Windows 10 Firewall Control (Sphinx-Soft) Discussion Thread

Discussion in 'other firewalls' started by Brummelchen, Feb 14, 2015.

  1. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    4,063
    Location:
    Canada
    I notice after installing v8.x..., Windows Defender firewall was still enabled, even after re-boot. Isn't it supposed to be disabled?

    EDIT

    it looks like Sphinx works whether the Windows Defender firewall is enabled or disabled, but if it's disabled, I get Windows Security warning that firewall is not active. If I do enable it, I have to allow all outbound by default, otherwise my built-in Defender rules seem to take precedence over those of Sphinx.

    Furthermore, the point I made a few years ago - that some people persisted in disputing - in this post: https://www.wilderssecurity.com/thr...-discussion-thread.373420/page-3#post-2566851 is correct.
     
    Last edited: Jan 5, 2019
  2. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    5,858
    i had sphinx installed on my win10 ltsb in the beginning - no defender. on another computer ltsb (no defender again) and pro are running but not sphinx.
    running sphinx on win8 do not register either as a firewall, i think is supposed not to be registered but i had no issues on win10 with both firewalls. so i need to test sphinx on my pro 1809 where defender and firewall is active.

    pointing to my answer - i think i spoke about the preset rules for system apps. the windows firewall can be granular but the way to it is not easy thats why i prefer sphinx and it zones and default/deny rules and no breakout in normal mode.
     
  3. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    4,063
    Location:
    Canada
    I agree, it's time consuming and painstaking to set up Win Defender manually, even though it can be done. I like Sphinx so far, and if no further issues, I'll purchase the Plus version.

    Also the problem with Defender is that program paths for rules will not accept wild cards. Some programs have rather "messy" paths, and these paths will often change when the program updates, so that just adds to the misery of having to modify those rules.
     
  4. act8192

    act8192 Registered Member

    Joined:
    Nov 9, 2006
    Posts:
    1,789
    @wat0114,
    I use the plus version (8.4.0.60). Their release candidates are totally stable.
    I turn off Windows firewall client, and yes I do get nags.
    Basically, any block rule takes precedence.
    Allow rules - here, whoever is first will rule, so IMO creates confusion.
    Sphinx can definitely run with it on, but what's the point(unless one likes to maintain two sets of rules)?
    WFPlatform continues to run, of course.
     
  5. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    4,063
    Location:
    Canada
    Thank you for your feedback, @act8192! I will then disable the win defender fw client. Btw, I ended up purchasing the Plus version of Sphinx (I had allowed all outbound by default and I got alerts from Sphinx). I'm very impressed with it, although it's a fairly steep learning curve on how all the rules and zones work, I think I've got a pretty good handle on things now.
     
  6. Circuit

    Circuit Registered Member

    Joined:
    Oct 7, 2014
    Posts:
    939
    Location:
    Land o fruits and nuts, and more crime.
    A nice review comparing WFC (binisoft) to WFC10
    https://chefkochblog.wordpress.com/2018/04/06/windows-10-firewall-control-review/
     
  7. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,408
    Location:
    Romania
    I think this review compares apples with carrots. W10FC from Sphinx uses Windows Filtering Platform for filtering purposes and has its own firewall rules, while WFC from Binisoft is just a front-end for Windows Firewall itself. WFC does not do any packet filtering at all. The feature comparison should be made between W10FC from Sphinx and WFwAS (Windows Firewall with Advanced Security) which is Microsoft own implementation of a firewall based on Windows Filtering Platform.
     
  8. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    5,858
    WFP ist the "hotline" for events. anyhow i prefer programs like W10FC and this is not because my first attempts with WFC caused the complete desaster ^^
    (Outpost, Atguard, LnS, Jetico,...)

    about the blog - this is what i NOT like
    well - he is using a very outdated version that way...
    purchase has benefit :p
     
  9. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    The reason why I like WFC is because of its simplicity. If you need advanced firewall features than other solutions are better, but alexandrud already explained why.
     
  10. Circuit

    Circuit Registered Member

    Joined:
    Oct 7, 2014
    Posts:
    939
    Location:
    Land o fruits and nuts, and more crime.
    The review said it all. Really did not need his explanation or yours.:)
     
  11. max2

    max2 Registered Member

    Joined:
    Sep 22, 2011
    Posts:
    374
    Is there any tutorial anywhere to learn to use this firewall? It seems confusing sorry or should I stick with WFC ?
     
  12. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    4,063
    Location:
    Canada
    Everything is on the website here:

    -http://sphinx-soft.com/Vista/using.html

    Look in the left hand column and start at "Manual", then work your way down the column for the rest of the documentation.

    One important thing, amongst others, to remember is that in the firewall "Zones" it processes the individual rules in order from bottom to top (increased priority -> decreased priority).
     
  13. act8192

    act8192 Registered Member

    Joined:
    Nov 9, 2006
    Posts:
    1,789
    Help is also on the right-click menu of the Sphinx taskbar icon, but it's a bit less convenient to use unless you're searching.
     
  14. act8192

    act8192 Registered Member

    Joined:
    Nov 9, 2006
    Posts:
    1,789
    Right. Thanks for emphasizing this.
    Microsoft's description of WFP and firewalls, a picture worth looking at
    https://docs.microsoft.com/en-us/wi...dows-filtering-platform-architecture-overview
     
  15. act8192

    act8192 Registered Member

    Joined:
    Nov 9, 2006
    Posts:
    1,789
    Remember, zones are a repository. When you use a zone for an application it makes a copy. When you edit said copy, edits apply just to that application and zones remain intact. Unless you make your own zone copies for further use. When I edit a set of rules for a program for which I've selected a reasonable zone, I prefix the name with something to tell me that it's an edited version of what was in the repository. Useful for further updates and my maintenance.

    You probably got all of it figured out by now, but if not, or for other people, I'm sharing my list of various hints that were useful to me.

    A neat writeup about, then, new v8 by Noel Carboni was here
    https://www.askwoody.com/2016/sphinx-windows-firewall-control/
    There have been changes since, changelog is just below the downloads list
    https://www.tapatalk.com/groups/vistafirewallcontrol/the-latest-betas-releases-t6.html

    Few memorable threads (ignore all that tapatalk nuisance, the forum is great):
    Multiple firewalls - post 2 point 1b
    https://www.tapatalk.com/groups/vis...with-security-suites-wfp-dependency-t625.html
    Windows firewall and sphinx - post 2
    https://www.tapatalk.com/groups/vistafirewallcontrol/wfc10-windows-firewall-on-windows-10-t475.html

    Very tight ruleset making via right click on event line
    https://www.tapatalk.com/groups/vistafirewallcontrol/manage-access-for-in-events-log-t639.html
    Some details about the Domains tab
    https://www.tapatalk.com/groups/vistafirewallcontrol/learning-about-domain-by-name-rules-t549.html
     
  16. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    To clarify, it wasn't really directed to you personally and I didn't even read most of the review. I just wanted to say that WFC is for people who want to keep things simple.
     
  17. Circuit

    Circuit Registered Member

    Joined:
    Oct 7, 2014
    Posts:
    939
    Location:
    Land o fruits and nuts, and more crime.
    Cool ;)
     
  18. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    4,063
    Location:
    Canada
    Thanks act8192. Yeah it took some days to figure out the zones being repositories, and especially the ability to create "Manage access for the remote..." rules from event entries. I especially like this latter feature for creating granular program rules on-the-fly.
     
  19. Less

    Less Registered Member

    Joined:
    Dec 24, 2008
    Posts:
    288
    any coupon code available?
     
  20. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    5,858
    i dont know any while using.
     
  21. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    4,063
    Location:
    Canada
    I don't know of one either, but imho it's an excellent deal for an excellent firewall even without a code.
     
  22. Circuit

    Circuit Registered Member

    Joined:
    Oct 7, 2014
    Posts:
    939
    Location:
    Land o fruits and nuts, and more crime.
    I like the Domain Protection, added *google.com* Priority: Above apps Low.
    Can see it blocking the monster on a lot of sites. Very nice!
    Don't need google.
     
  23. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    5,858
    you should block it in your browser, thats more efficient. in fact you dont need to block google, more google-analytics or similar. blocking google makes you dont use captachas if needed, locked out. anyhow i cannot confirm that google is so much involved as would like to tell us.
     
  24. Circuit

    Circuit Registered Member

    Joined:
    Oct 7, 2014
    Posts:
    939
    Location:
    Land o fruits and nuts, and more crime.
    How do you do that (block in browser firefox)?
     
  25. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    4,063
    Location:
    Canada
    What I've done is block using wildcards. For example:

    Code:
    *.rubiconproject.*
    this will block domains with "rubiconproject" in the string such as "fastlane.rubiconproject.com"
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.