Windows Firewall Control (WFC) by BiniSoft.org

Hi, Heard this mentioned on security now, tried it, liked it registered it
only thing I don't like is that the rules it creates are "Predefined" and un-editable, is there a away around this?
*EDIT*
**I didn't even see that, I like it even better now, thank you**

Thanks!

 

1. It is a small bug. Consider it as fixed.
2. I will see how it looks. The notification dialog is not resizable by design. I will see if this can be done without creating other problems.
3. There is no need to store such a path. You can browse for the location you wish with some extra mouse clicks. I will make it to remember the last path used. I think this will be better.

This is the idea. WFwAS already contains a long wizard which allows (force) the user to customize a rule before creating it. The idea of WFC was to simplify this. If you browse for a file, a generic rule will be created. To modify it, just double click on it in Manage Rules window and you will open a Properties dialog from which you can modify it. The other ways to create new rules from WFC contain the possiblity to customize the rule before creating it. From the Connections Log window, from the New Rules Wizard window or from the Notification dialog.

 

Thanks.

Would be great ...

Remember would be enough.

Thank you very much!

Alpengreis

 

Hi alexandrud,

A small suggestion:

In the default rule set ("Windows Firewall Control recommended rules"), it's a rule integrated for "Ping command, ICMPv4". IMHO it would make sense to add a rule for "Ping command, ICMPv6" too.

Greetings,
Alpengreis

 

Hi Alex - I just noticed the notification window on my admin account is now huge and covers 80 of the middle of the screen. Is there a way to reset its size and location? I have no clue how it got resize and moved in the first place... Thx

 

Are there users that use the ping command and input IPv6 addresses ? Just asking.

Execute wfc with the -reset parameter to restore the default settings. See below. Let me know if this was helpful.

 

Yes, I've confirmed that fixed my problem. Thx!

 

Regarding the mention in Security Now by Steve Gibson, I'd make a note of this on the home page if I were the author of WFC Here's a cut down version of the transcript from https://www.grc.com/sn/sn-441.txt

 

I already added this on the first page of the website. Check the Latest News column on the right.

Thank you for the transcript link.

 

I didn't even see that, thank you

 

Windows Firewall Control v.4.0.7.2 - New Update

What's new:
- Fixed: The Location check boxes and Direction radio buttons are set only for the first notification from the notification dialog. Any other notifications from the queue don't have these properties set.
- Improved: When exporting a full or a partial policy, the default path is always the root folder. Now, the last path used is saved and reused on opening the file browser dialog.
- Improved: Added better exception handling.

Installation notes: Just use the updater to update to the new version. That's all.

Later edit:
Download location: http://binisoft.org/download/wfc4setup.exe
SHA1: a4baea1da9c3e721586a048a4b42bf46da5b093e

Thank you for your support and your feedback.
Alexandru

 

This software just keeps getting more and more extraordinary with every update, it's no surprise top security experts are amazed by it Thank you very much for your outstanding efforts and customer service alexandrud!! Really appreciate it!

Have a little bug that was semi-squashed before in v4.0.6.2. Remember the "notification without network and/or internet connection" bug? It appears to still be there as shown in the following screen clip:



The software it's giving notification for is my wireless HP printer's "Scan to PC" software. It runs in the background keeping an eye out for my printer on the network; that way, it makes my PC (Surface Pro with Windows 8.0) available as a "Scan to PC" destination from my printer's panel. When disconnected from the home network (e.g. on the bus), I kept getting notifications for it while WFC was set to medium filtering. To stop the notification, had to switch to High Filtering progile.

FYI, I have these generic rules that are configured to allow such connections on Private/Domain networks and specific rules to block it on public networks. However, still getting that notification when there's no network.

Finally, was wondering if you were still going to implement this rules backup/restore feature I suggested earlier?

 

I also have a wireless multifunctional from HP but I don't have that hpnetworkcommunicator.exe installed on my machine. A new notification is created when a packet is dropped. This generates a new event log entry and WFC creates a new notification. When there is no network active there aren't dropped packets. If I disconnect my computers from the network there are no new notifications. This check is already implemented in code. If there is no network connection, then skip any notification.

Do you have any allow or block rule for this hpnetworkcommunicator.exe file ? If you create a rule for it, doesn't this stop the new notifications ? If you don't use the Scan to... functionality, you can try also to disable it, like described here:

http://h30434.www3.hp.com/t5/Wireless-Internet-Home-Networking/hp-network-communicator/m-p/1160329#M23620

Unfortunately, I can't reproduce this scenario. When you have this problem, if you go to Connections Log, there are also other recently blocked programs logged or this is the only one that creates this behavior ? The check is made in code and works as expected in my tests.

Does anyone else have this problem ? Seeing notifications when the network is not connected ?

I will think about it. Right now you can export the selected rules, but nothing stops you to select all by using Ctrl+A and export all.

 

It comes with the "HP Printer Assistant" software (a.k.a. "HP Officejet Full Feature Software and Driver"), which enables me to take full advantage of what the Printer has to offer. The default Windows driver works for the basic printing functions, but this "Scan to PC..." function really helps in saving time and a little bit of energy; can have my Surface Pro sitting in my room while I scan multiple doc/pic to it from the main floor (just used it again today for digitizing a hand-full of certificates).

I'm starting to think it has something to do with my network card's driver or the way Windows 8 automatically handles networks. When I manually disconnect from my home network (i.e. open the network charms menu, click home network and click disconnect), I don't get any notifications for it. However, when I'm out of range of my home network (like when on the bus), that's when I start getting the notifications. I tried disabling the WiFi adapter to see if that could reproduce it, no luck.

Will experiment with it this morning when the sun rises

Yes, I have the following block rule in place for public networks. The generic rules were configured to allow the connections on private and domain networks.

 

Alexandru i have a great respect for your skills and your product , but browsing with wfc is too heavy , too stiff .Please test for ex Norton firewall , very light , very nice in browsing . Is just a personal opinion , thanks

 

@teodor12

WFC is a GREAT GUI for the Win Firewall!

- You can self define the columns!
- You have a search function for rules (not possible in Win FW itself)!
- You can define group names (not possible in Win FW itself)!
- You have colors for blocked and allowed rules (not possible in Win FW itself)!
- You have a very good notification-system for unknown outgoing connections (not possible in Win FW itself)!

Maybe I have forgotten much more sensful things ...

Even in other products it's often too complicated to browse through rules, here this is very easy.

For example I have defined <Ctrl>+F12 and the rule-window is open ...

And you have no additional firewall with possible unstable firewall driver and BSODs!

And all this is (very) easy to handle with the GUI!

WHAT is here heavy or stiff?

Sorry, but I can not understand at all your opinion.

Greetings,
Alpengreis

PS: My last "external" FW WAS Norton ...

 

Alex,

thank you very much for new version!

Could you add also the SHA1 hash on your webpage please?

then, once again a suggestion:

We have the possibility to create TEMP rules. So far so good ...

For testing, installing procedures, etc - it's sometimes necessary to change the PROFILE - for ex from Medium to Low.

Here would be good if the following would be possible:

Profiles changeable temporarily (e.g. 5 min or until the next (PC/WFC) restart) - then auto-back to the default profile.

So would be prevented from being forgotten to activate the default profile again.

Would this be feasible and what do you think of it?

Greetings and have a good week,
Alpengreis

 

Good idea !!!

Another good idea, maybe you can do it like EAM does (see screenshot)

 

Do you have defined some ports or some IP addresses for the last 3 rules from the screenshot ? If not, then these rules are applied to all programs and they can connect through these rules. The UDP inbound rule allows all packets from the Internet to your computer. They are more customized or they are only what we saw in the screenshot ?

What seems to be stiff ? WFC is very customizable and easy to use. The aim of it is not to be like Norton. Have you tried to configure Windows Firewall without WFC ? Now, that can be called heavy and stiff.

There is MD5 available on the WFC page. I will see where to insert the SHA1 because it is larger and does not fit well in that column.

I don't see yet how this can be done without adding too many new menu items.

 

Just a suggestion, what about under Options create a Drop Down Box with some values (1 Minute 5 Minutes etc etc) and name it something like restore Last profile after .. Minutes ?

 

Is the popup delay fixed?
I tested WFC a long time a go and It gave me problems with the popup delay so the connection was cancelled and then the popup is shown.

I don't have it installed anymore but probably you can experiencce the same bug if you try to execute (portable app) Avast GrimeFighter
https://www.wilderssecurity.com/showthread.php?t=360261
It will create a temp file different every time which needs internet access, so even if you add the rule and you execute it again it will be useless.

I guess other firewalls fix this by placing the connection on hold instead of cancelling it. Maybe this isn't possible with windows firewall

 

WFC is not a firewall by itself, so it can't pause connections and resume them after user interaction. The notification dialog is displayed to the user after a packet was dropped, so the connection was already blocked. This works for the programs that are able to retry to connect. In your scenario, the notifications implemented in WFC will not help because you create a rule but the temp file will not attempt to connect again. The solution to this problem is to switch off the filtering for outbound connections (Low Filtering profile in WFC) when you run such programs.

 

There is an advantage not to list the SHA1 hash on the same site that provides the software, since if a hacker penetrates the vendor's site, in addition to implanting a malware in the code he can also change the hash to match.

Right now the hacker needs to hack both Binisoft and Wilderssecurity to pass under the radar.

 

Yes they're very customized. I uploaded them earlier here. After a bit of experimenting, it appears some recent WFC or Windows update fixed it, 'cause I was out of range of my WiFi and no notifications came up. Whatever did it, glad it's fixed

Ps: Regarding the rules export/import suggestion, remember that's only exporting the rules, to import, I still have to open the main panel even though I have the "Manage Rules" window open.

 

@Kob

Yes, that's true!

Unfortunately we have no SHA1 Hash for the actual version here ...

@alexandrud

Please post the SHA1 Hash yet ...

Alpengreis