Windows Firewall Control (WFC) by BiniSoft.org

Discussion in 'other firewalls' started by alexandrud, May 20, 2013.

  1. AmigaBoy

    AmigaBoy Registered Member

    Joined:
    Sep 12, 2015
    Posts:
    136
    Thank you for this excellent update! I'm not 100% sure of the differences between the new Secure Rules and Secure Profile. Is there a scenario where programs trying to add/modify rules, will not appear in the Rules Panel as before with the "U -"? Is there another means of notification in this case?
     
  2. aldist

    aldist Registered Member

    Joined:
    Nov 8, 2017
    Posts:
    915
    Location:
    Lunar module
    Big and good changes. Inaccuracies were observed.
    053 String must be moved down:
    ScreenShot_91.png
    In this field, it seems, was "Switch to... logs... or rules...", and it was better with him.
    ScreenShot_90.png
     
  3. Special

    Special Registered Member

    Joined:
    Mar 23, 2016
    Posts:
    454
    Location:
    .
    Thanks, was able to upgrade without a hitch, BTW, I did not check "Delete the activation status" did I lose out on an activation or something? Also when I tried to log into my account on your site, it said my password was incorrect, which is wrong, since I use a password manager, did you have them reset or something? I reset the password via e-mail so all is good, but I'm wondering why it was reset in the first place.
     
  4. AmigaBoy

    AmigaBoy Registered Member

    Joined:
    Sep 12, 2015
    Posts:
    136
    Read the post above, it's on this same page.
     
  5. Alpengreis

    Alpengreis Registered Member

    Joined:
    Oct 7, 2013
    Posts:
    577
    Location:
    Switzerland
    See here ...
    https://www.wilderssecurity.com/thr...-by-binisoft-org.347370/page-154#post-2741717
     
  6. JoWazzoo

    JoWazzoo Registered Member

    Joined:
    Nov 11, 2008
    Posts:
    241
    Location:
    Ether
    Not sure what to make of this. Uninstalled and saved my Rules. DLed and got this on install. I clicked OK and not sure what to do now. I turned Off security programs including OSA and ERP.
     

    Attached Files:

  7. Special

    Special Registered Member

    Joined:
    Mar 23, 2016
    Posts:
    454
    Location:
    .
    Not what I was asking...
     
  8. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,166
    Location:
    Romania
    Secure Rules

    In Windows, a software executed with administrative privileges can add, modify, remove Windows Firewall rules. Windows Firewall Control can prevent these external changes. When this feature is enabled, adding, modifying or importing firewall rules can be done only through the Windows Firewall Control user interface. This feature is automatically disabled when Windows Firewall Control is uninstalled.

    When this feature is enabled:
    • Windows Store will fail to install new apps because they will try register themselves in Windows Firewall, which will not be allowed.
    • Adding, modifying or removing firewall rules through Windows Firewall with Advanced Security or command line will not work.
    • If you see a notification from Windows Firewall when a new program tries to open a port, no matter what action you choose, "Allow access" or "Cancel", a new firewall rule will not be created.
    • If you try to enable/disable certain operating system features through Control Panel, like Network Discovery, File and Printer Sharing, etc, nothing will happen.

    The solution to the above scenarios is to define a global hot key for toggling Secure Rules in Options tab. Before performing any of the actions explained above, just quickly disable Secure Rules, perform your actions, then enable again Secure Rules by using the same global hot key. A confirmation dialog of the Secure Rules status will be displayed on screen.

    The previous approach of Secure Rules could not detect if a rule was modified, deleted or when rules were imported from outside of WFC. It was only possible to detect if a new rule was added, and this, after it was already added. The new approach is different and can protect Windows Firewall better. Now, external programs, including Windows itself can't mess again with your firewall rules and profiles. The purpose of WFC is not to replicate all the functionality from WFwAS. There is already a solution for the rare occasions when a firewall rule must be created/modified from WFwAS.
    Very simple. Create your firewall rule and set for it in the remote IP property, the keyword LocalSubnet. Then, your rule will apply only for your local LAN.
    From now on, there will not be any "U -" rules anymore. Secure Rules will not allow creating new rules at all, so it won't disable or remove any rule anymore. Besides Secure Rules, programs with administrative privileges could just disable outbound filtering or disable Windows Firewall. Secure Profile makes sure that these changes are not possible from outside of WFC anymore.
    The order is not really important, but thank you for spotting this. Regarding the mentioned labels from Rules Panel and Connections Log, I removed them since the name of the window is displayed in the title bar.
    On the login page, there is a note about this:
    upload_2018-3-4_20-52-23.png
    This explains why you had to reset your password.
    Please check your email.
     
    Last edited: Mar 4, 2018
  9. DEFIANTx

    DEFIANTx Registered Member

    Joined:
    Sep 1, 2007
    Posts:
    2
    Location:
    Oregon, USA
    what happened to the option to remove all the rules except for the the ones wfc created?
     
  10. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,166
    Location:
    Romania
    It was removed. This is an easy task. WFC rules are created in "Windows Firewall Control" group. All others are not :)
     
  11. askmark

    askmark Registered Member

    Joined:
    Jul 7, 2016
    Posts:
    392
    Location:
    united kingdom
    @alexandrud
    Latest version of WFC all working great here. Thanks for updating and continuing to improve this already excellent and essential program.
     
  12. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,171
    Location:
    .
    5.1 Thanks
     
    Last edited: Mar 4, 2018
  13. yeL

    yeL Registered Member

    Joined:
    Aug 10, 2015
    Posts:
    188
    Thank you for the update
     
  14. Roberteyewhy

    Roberteyewhy Registered Member

    Joined:
    Mar 4, 2007
    Posts:
    595
    Location:
    US
    v5.1 working fine. Like the new Security additions. Glad you have never changed the interface of WFC.

    As always, thanks Alex.

    Robert

    P.S. Like WFC, your new website is simple elegance!
     
    Last edited: Mar 4, 2018
  15. Alpengreis

    Alpengreis Registered Member

    Joined:
    Oct 7, 2013
    Posts:
    577
    Location:
    Switzerland
    For the user of the german language file:

    The translation file is already sent to the developer and should be ready on binisoft.org very soon!

    //

    Für die Benutzer der deutschen Sprachdatei:

    Die Übersetzungs-Datei ist bereits an den Entwickler gesendet und sollte sehr bald auf binisoft.org bereitstehen!

    Alpengreis
    Maintainer of WFC DE-Translation file
     
  16. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    42,809
    Windows Firewall Control 5.1 with Security improvements
    March 05, 2018
    https://www.ghacks.net/2018/03/05/windows-firewall-control-5-1-with-security-improvements/
     
  17. sipertruk

    sipertruk Registered Member

    Joined:
    Oct 26, 2016
    Posts:
    10
    Location:
    Europe
    Thanks for the 5.1update, I have installed it, all went well, it resets notification settings no big deal.

    I have noticed that when "secure rules" is enabled, WPD https://getwpd.com/ crashes while trying to apply telemetry blocking rules. Manually disabling "secure rules" allows it to work. Maybe there's something to do here.

    Could this new system eases the implementation of a new feature that logs firewall modification attempts?
     
  18. Roberteyewhy

    Roberteyewhy Registered Member

    Joined:
    Mar 4, 2007
    Posts:
    595
    Location:
    US
    Yep. Just saw that mood.

    Congrats Alex.:thumb:

    Robert
     
  19. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,166
    Location:
    Romania
    I just installed WPD software and managed to remove Calculator from my Windows :) Now, why anyone would want to remove the calculator from his computer ? The thing to do is to disable Secure Rules while applying those block rules and contact WPD developers to handle the exception that is crashing their software. I guess you don't create those rules each day.

    Regarding logging the applications with bad habits, open the user manual and read the following topic: Troubleshooting > The profile changes out of nowhere
    Anyway, following that log makes sense if you have Secure Rules disabled. If Secure Rules is enabled, then you won't get new entries since the actions are denied from start and they would not be performed. So, nothing will be logged.
     
  20. JoWazzoo

    JoWazzoo Registered Member

    Joined:
    Nov 11, 2008
    Posts:
    241
    Location:
    Ether
    Further update to my problems. Finally got them figured out a short time ago. CCAV was the culprit and really hosed my Install!
    I did not have CCAV running. But apparently it had some tentacle hooked deep in my system. I Uninstalled CCAV completely!

    Just be aware that if you install CCAV, it creates some weird directories buried here:

    C:\BOXRoot\HardDiskVolume2\Program Files\

    Under that is where mine was installed. And the Registry associated with it was ~ 20 levels deep.

    Worst part was it Borked my saved Rules so I get to start over again.

    @alexandrud

    Saving the BEST for last! The Developer, Alexandru Dicu of BiniSoft.org is awesome. He went above and beyond trying to help me. Sooper Support! Kudos
     
  21. ravenise

    ravenise Registered Member

    Joined:
    Jul 18, 2009
    Posts:
    92
    You'll probably fair quite well using OpenSource VPN software like OpenVPN, and Air VPN provides one they personally created, the only one I know of. The servers are typically leased by third parties who otherwise have no connection to the "VPN provider." "Middlemen" like Nord really just repackage what you could do going directly to the leased companies and applying for a personal VPN IP. Though as a benefit they do offer a multitude of servers from different VPN hosts around the globe. Thus you are only using the pre-shared keys and certificates granted to NordVPN through the given provider; Using openvpn they shouldn't have any access at all to your data: and even less so long as you are connecting directly to the IP (185.153.179.2:cool: and not ca151.nordvpn.com for example; by default this is the case with OpenVPN. If nord actually owned the servers and offered the potentially malicious software, one should be double worried. but they dont as far as i know.
     
  22. myk1

    myk1 Registered Member

    Joined:
    Sep 2, 2012
    Posts:
    138
    Location:
    Belgium
    Hello everybody,
    More than 40 years ago I was young, but it's finished now.
    I know that my question is a stupid one but if one of you could give me some explanations, then I wouldn't die stupid.
    When I open the connection log of WFC I can see and incredible amount of, blocked/allowed connections. I have attached here a very small part of the log of blocked connections: http://zupimages.net/viewer.php?id=18/10/osji.jpg
    Why all these blocked connections from my modem ??
    Thanks,
    M./Brussels/Belgium
     

    Attached Files:

    Last edited: Mar 6, 2018
  23. askmark

    askmark Registered Member

    Joined:
    Jul 7, 2016
    Posts:
    392
    Location:
    united kingdom
    To protect your system from malware, CCAV uses Sandboxing technology to virtualise untrusted applications. This means the application believes it is writing to the real folders and files on your PC's hard disk, but in fact all of the writes are being redirected to the root of the Sandbox folder: C:\BOXRoot.

    Perhaps when you installed WFC, it was Sandboxed by CCAV and that's why it ended up in C:\BOXRoot\HardDiskVolume2\Program Files and not the real C:\Program Files?
     
  24. aldist

    aldist Registered Member

    Joined:
    Nov 8, 2017
    Posts:
    915
    Location:
    Lunar module
    To myk1, from Brussels, Belgium :)
    It looks like you are using a router. 192.168 .... these are local addresses and traffic between the router and the computer, I think this is not a danger.
     
  25. myk1

    myk1 Registered Member

    Joined:
    Sep 2, 2012
    Posts:
    138
    Location:
    Belgium
    Thanks Aldist, no danger, OK.
    But: WHY these attempts coming from my modem? Attempts which do not seem to be essential, because they are constantly blocked!!
    In other words where is the reason for my modem to -nearly- constantly try to connect to my PC ??!!!
     
    Last edited: Mar 6, 2018
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.