Windows Firewall Control (WFC) by BiniSoft.org

Discussion in 'other firewalls' started by alexandrud, May 20, 2013.

  1. Alpengreis

    Alpengreis Registered Member

    Joined:
    Oct 7, 2013
    Posts:
    535
    Location:
    Switzerland
    Well, THAT IS TRUE!
     
  2. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    2,832
    Location:
    Canada
    You're right, but I've used enough other firewalls with HIPS or HIPS + firewall combos to know that it's a lot of time and effort to protect against threats that never materialized in the first place.
     
  3. chrcol

    chrcol Registered Member

    Joined:
    Apr 19, 2006
    Posts:
    923
    Location:
    UK
    probe a local NTP server such as one running on your router, and have that allowed via a generic LAN allow rule.

    For MS updates I allow svchost access selectively as and when "only" when running windows update, its then disallowed again right after.
     
  4. popescu

    popescu Registered Member

    Joined:
    Sep 1, 2018
    Posts:
    254
    Location:
    Canada
    When do you have time to do all these o_O?
    Microsoft will get all necessary info's about your PC in order to deliver updates, so , whatever you are doing is a futile exercise.
     
    Last edited: Feb 2, 2020
  5. RioHN

    RioHN Registered Member

    Joined:
    Mar 14, 2017
    Posts:
    105
    Location:
    Here
    Updates can be installed offline in a number of ways.. Search "windows 10 updates offline" on google. As mentioned, you can pick any NTP server in the world and create specific rules for it, you don't need to use Microsoft's.

    The most pointless of arguments and I'm not sure why you keep bringing it up. We get it, you don't have the time... how is that relevant to people who do?
     
    Last edited: Feb 2, 2020
  6. popescu

    popescu Registered Member

    Joined:
    Sep 1, 2018
    Posts:
    254
    Location:
    Canada
    It is relevant because a PC is a tool which allows you to do certain tasks , including enjoying the internet.

    If you spend considerable amount of time "babysitting" the tool , the whole enjoyment is gone.
    Imagine that , instead of driving your car , you are permanently under the hood adjusting /repairing/tuning up....
     
  7. RioHN

    RioHN Registered Member

    Joined:
    Mar 14, 2017
    Posts:
    105
    Location:
    Here
    Your ideas of how a computer should be used are irrelevant to the discussion of whether something is possible or not. It's like me arguing that the 4 minute mile is impossible because it's too much effort for me to do it.

    I don't care if you don't have the time or don't feel it is a good use of time.. I care if it's possible.. and it is possible to prevent Win 10 telemetry. So if you must argue about it, move away from the time involved and focus on why you think it technically can't be done.
     
  8. aldist

    aldist Registered Member

    Joined:
    Nov 8, 2017
    Posts:
    576
    Location:
    Lunar module
  9. popescu

    popescu Registered Member

    Joined:
    Sep 1, 2018
    Posts:
    254
    Location:
    Canada
    The agency discovered that it is possible to deactivate the sending of Telemetry data on Windows 10 version 1909 Enterprise (and Education).

    The test results need to be verified in real-world scenarios according to the agency.

    The agency notes that the situation is different for Windows 10 Pro (and Home) systems as data collecting cannot be disabled completely in those editions of Windows 10.
     
  10. chrcol

    chrcol Registered Member

    Joined:
    Apr 19, 2006
    Posts:
    923
    Location:
    UK
    I dont do it all for privacy but also at the risk of compromised use of svchost.

    Its hardly difficult anyway, I just enable the rule just before checking and downloading updates, then disable again after.
     
  11. popescu

    popescu Registered Member

    Joined:
    Sep 1, 2018
    Posts:
    254
    Location:
    Canada
    I do not "check for updates", this is done automatically in Win10.

    Not a good practice.
    They may have an emergency security update / patch which must be installed immediately, not waiting for me 5-10 days to "manually" check for updates.
     
  12. aldist

    aldist Registered Member

    Joined:
    Nov 8, 2017
    Posts:
    576
    Location:
    Lunar module
    ...along with another beautiful BSOD :argh: Your comments suggest you are a lamer or... Microsoft spy :)
     
  13. chrcol

    chrcol Registered Member

    Joined:
    Apr 19, 2006
    Posts:
    923
    Location:
    UK
    Thats a matter of opinion, not all of us agree that security is all about 0 day patches. I have seen patches "add" security flaws as well as remove them , and if a patch breaks stuff, then it becomes meaningless at that point.

    I will never ever be a supporter of fully automated patches, it should always be an interactive process as far as I am concerned.

    The only truly dangerous security issues are drive by's on a desktop computer, and those are quite rare. Most exploits require a degree of stupidity to succeed. I remember the day's where one could install Windows XP, connect it to the internet and within seconds it was compromised simply from sitting idle on the desktop. The days when there was no default firewall and people didnt have nat'd, firewalled routers. Those were proper risks that required immediate patching and is what started my trend of making Windows OS install media which had updates pre applied.

    There is a reason enterprises commonly do not 0 day update machines, which is something Microsoft have been fighting as they are trying to get everyone on a rapid development model which is of course totally incompatible with how professionals manage updates. Its why we have the defer option now in windows 10 updates, as well as things like automatically download but not install option, and LTSB variants as well.
     
    Last edited: Feb 4, 2020
  14. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    2,832
    Location:
    Canada
    Agreed!

    Oh yes, the Blaster worm. That one hit me many years ago mere moments after a re-install of XP before I had a NAT router and the built-in firewall wasn't yet enabled by default.
     
  15. popescu

    popescu Registered Member

    Joined:
    Sep 1, 2018
    Posts:
    254
    Location:
    Canada
    May be "irrelevant" , however I do not see myself (and any of the regular users) going every week through my PC, wife's PC, daughter's PC enabling and disabling rules for svchost , deleting rules created by Windows...in order to just perform Windows updates and to get some hypothetical "privacy"
    Has to be a balance between effort and benefits , sanity and insanity...
     
  16. RioHN

    RioHN Registered Member

    Joined:
    Mar 14, 2017
    Posts:
    105
    Location:
    Here
    o_O It seems you either didn't understand my post or chose to ignore it. Especially this bit:

    I don't care if you don't have the time or don't feel it is a good use of time.. I care if it's possible.. and it is possible to prevent Win 10 telemetry.


    I wasn't arguing that you or anyone else should do it. I was arguing with your assertions that it couldn't be done.

    But on the subject of effort involved:

    • Almost all of this is 'scriptable' and can be as simple as having a scheduled task or double clicking an icon.

    • You need to try to understand and accept that other people may have a different opinion to you on what is 'too much effort' and where a good balance is to be found between security/privacy/ease of use.
     
  17. hayc59

    hayc59 Updates Team

    Joined:
    Feb 9, 2002
    Posts:
    2,769
    Location:
    USA Trump Town
    where does one 'register to get pop ups'
    Windows Firewall Control (WFC) by BiniSoft.org

    If you set the profile to Medium Filtering, all programs without an allow rule will be blocked. If you enable the notifications for outbound blocked connections you will be prompted with a notification dialog about the program that was blocked and you can easily continue to block it, allow it, customize the rule before create it, etc. However, the notifications are available only for registered users. To find out how to become a registered user click here
     
  18. Special

    Special Registered Member

    Joined:
    Mar 23, 2016
    Posts:
    334
    Location:
    Canada
    If you bought WFC in the past and have a valid license then probably here. https://www.biniware.com/login

    If you don't already have a license then you cannot get one now, you just grab the latest version by Malwarebytes which is free and unrestricted.
     
  19. popescu

    popescu Registered Member

    Joined:
    Sep 1, 2018
    Posts:
    254
    Location:
    Canada
    What's ta point in providing erroneous / outdated info about WFCo_O

    Since acquisition by Malwarebytes , WFC is free , with notifications, and you cannot register anymore.
     
  20. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    12,790
    Location:
    The Netherlands
    Actually, most apps shouldn't be performing stuff like code injection, so you won't get lots of alerts in practice. And on my system, only about 15 apps are allowed to connect out, so malware would need to inject code in one of them. So it's pretty obvious whether some app is trying to bypass the firewall or not.

    For example, a banking trojan will usually try to inject code into the browser, in order to connect out and perform a MITB attack. It's unlikely that malware will try to inject code into notepad.exe, because it knows that it probably hasn't got any outbound access. In other words, simply pay close attention to certain processes being modified in memory.
     
  21. popescu

    popescu Registered Member

    Joined:
    Sep 1, 2018
    Posts:
    254
    Location:
    Canada
    I am not talking about a banking trojan which may be detected by your antivirus .I am talking about a legit software which may have an undesirable behaviour, like injecting into another app in order to connect to internet.
     
  22. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    1,935
    Location:
    Romania
    This is not a behavior of a legit software.
     
  23. popescu

    popescu Registered Member

    Joined:
    Sep 1, 2018
    Posts:
    254
    Location:
    Canada
    More and more posts about "this is not" and "that is not"

    Point is , Windows firewall , with or without WFC interface CANNOT CONTROL or RESTRICT applications to connect to the internet, if the application was designed to inject into another.
    WFC can control simple, legit applications to allow/deny access to internet but this is not an additional layer of protection against malicious items.
     
    Last edited: Feb 8, 2020
  24. LockBox

    LockBox Registered Member

    Joined:
    Nov 20, 2004
    Posts:
    2,320
    Location:
    Here, There and Everywhere
    popescu — Color me confused by this logic. Seat belts and air bags are not an additional layer of protection against injury because the seatbelts might puncture the airbag? Or, maybe the airbags have been hacked by way of hacking the brake system to hack the airbag? In all seriousness here, I’m trying to understand your logic.
     
  25. popescu

    popescu Registered Member

    Joined:
    Sep 1, 2018
    Posts:
    254
    Location:
    Canada
    What I was trying to say is that Windows Firewall was strictly design to be part of Windows OS and protect against unsolicited INCOMING connections, while allowing unrestricted OUTGOING connections.
    Meanwhile, some developers created nice interfaces (WFC, TinyWall) to "manipulate" this "firewall" and induce the idea in the user's mind that "you are in control".
    In reality all these will just create an illusion of security , because Windows firewall is not a firewall in reality and will never be able to restrict a malicious software to connect to internet.
     
Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.