HAWKI

Can Windows Firewall be configured to block/ask for outgoing connections by unknown/not-digitally-signed programs/apps?

Recommended Posts

Can Windows Firewall be configured to block/ask for outgoing connections by unknown/not-digitally-signed programs/apps?

Share this post


Link to post
Share on other sites

On Windows 7 it sounds like the Windows Firewall does not support asking for permission for outbound connections (unless they added it in the last few years). I'm also not seeing anything that says whether or not the Windows Firewall in newer versions of Windows has this feature, but there are a ton of posts on help forums (ranging from 2014 and older) that say that this sort of functionality is impossible in Windows 7 without a third-party application to manage the Windows Firewall settings.

Here's a list of some of the third-party Windows Firewall management tools I have seen recommended by people on SuperUser.com (in the order that I found them):

I'm sure there are plenty more tools out there which can also be used to manage the Windows firewall, so feel free to do some searching of your own as well. Also note that I did not actually test the above software, so I can't verify if any of them actually do what you're looking for.

Note that I've heard that GlassWire is also a third-party manager for the Windows Firewall, however it appears to come with its own firewall drivers, so I'm not certain whether or not GlassWire includes its own firewall engine.

Share this post


Link to post
Share on other sites

At the risk of asking a "duh" question, I'll ask:

Will the outgoing connection rules set using EMIS have any effect after the changeover to EAM?

Say I have blocked outgoing connections for Microsoft Photos in EMIS. I may in the future want to allow such connection. Do I need to change the rule I have set in EMIS before the changeoever to EAM to allow that connection in the future?

Share this post


Link to post
Share on other sites
19 minutes ago, HAWKI said:

Will the outgoing connection rules set using EMIS have any effect after the changeover to EAM?

Say I have blocked outgoing connections for Microsoft Photos in EMIS. I may in the future want to allow such connection. Do I need to change the rule I have set in EMIS before the changeoever to EAM to allow that connection in the future?

Those rules will not be processed by EAM, as it will have no firewall engine of its own, so they will no longer apply once EIS gets converted to EAM.

Share this post


Link to post
Share on other sites
23 hours ago, HAWKI said:

Can Windows Firewall be configured to block/ask for outgoing connections by unknown/not-digitally-signed programs/apps?

You can configure the Windows Firewall to block outgoing connections from applications you didn't specifically allow. I don't think there is an interactive mode. However, there are a whole bunch of free additions like Windows Firewall Notifier for example, who attempt to "reskin" the normal Windows Firewall dialogs and they do include asking for new applications for example.

Share this post


Link to post
Share on other sites
25 minutes ago, Fabian Wosar said:

You can configure the Windows Firewall to block outgoing connections from applications you didn't specifically allow. I don't think there is an interactive mode. However, there are a whole bunch of free additions like Windows Firewall Notifier for example, who attempt to "reskin" the normal Windows Firewall dialogs and they do include asking for new applications for example.

Thanks for the tip Fabian :-)

 

 

Share this post


Link to post
Share on other sites

Obviously a firewall l with another suite wouldn't do,  But Zonealarm Pro is about the only commercial firewall only product.   Would it work?   it seems to.

Share this post


Link to post
Share on other sites
1 hour ago, Peter2150 said:

Obviously a firewall l with another suite wouldn't do,  But Zonealarm Pro is about the only commercial firewall only product.   Would it work?   it seems to.

FWIW:

At the bottom of The ZoneAlarm Firewall Pro 2017 Chckpoint states:

"Compatibility Requirements


ZoneAlarm 2017 is only compatible with MS Windows Defender, and is not compatible with any other antimalware software.
To install ZoneAlarm 2017, you must first uninstall other antimalware software. Otherwise, you may experience OS stability and computer performance issues."

https://www.zonealarm.com/software/firewall/

Note that there is no CheckPoint product named "ZoneAlarm 2017" so it is fair to assume these compatability requirements on the page cut across the entire ZoneAlarm paid product line and are aimed at/inclede ZA FW Pro 2017. Whether or not this really means anything - your guess is as good as mine. Would need someone from Emsisoft Support to theorize or debunk why ZA FW Pro 2107 would be OK with WD but not with other AV/AM products.

On Wilders Security Forum at least one highy respected member stated that he was running EAM with ZA FW Pro 2017 with no issues. But for me the issue really is not whether or not the two can run together smoothly, the main question is whether or nor one would interfere with the others' protection capability in an attempted malware event.

The compatability requirements for Zone Alarm Free Firewall 2017 are different:

"ZoneAlarm Free Firewall 2017 is compatible with MS Windows Defender, and is also compatible with all other antivirus solutions."

https://www.zonealarm.com/software/free-firewall/

Finding an alternative, simple-to-configure, EAM compatible FW with all the features of EMIS' "Kick-Ass" Firewall has for me been a confusing and frustrating business.

 

 

Share this post


Link to post
Share on other sites
1 hour ago, Peter2150 said:

Yeah I read that also...

Hi Peter2150

Not surprised to hear that :-)

Thanks for the info.

After the "conflicting" modules were turned off, did you still have the same alert/block/block once/allow control over all outgoing connections by "Unknown programs"  that you had with EMIS ?

Did you have to pre-whitelist ?

Have you tried the free firewall? Wondering if what you wound up with after the modules were turned off was ZA Free FW.

Share this post


Link to post
Share on other sites

Interesting list but it confirms what I've found.   Only  ZoneAlarm Pro is not part of a security suite.  The suites  would be a problem for EAM, but ZAP doesn't seem to be.

Share this post


Link to post
Share on other sites

Converting all systems to EAM.   Will add ZAP to my test box and beat on it.  Also in the VM I will test the combo and throw some malware at it.   Stay tuned

Share this post


Link to post
Share on other sites
17 hours ago, HAWKI said:

FWIW:

At the bottom of The ZoneAlarm Firewall Pro 2017 Chckpoint states:

"Compatibility Requirements


ZoneAlarm 2017 is only compatible with MS Windows Defender, and is not compatible with any other antimalware software.
To install ZoneAlarm 2017, you must first uninstall other antimalware software. Otherwise, you may experience OS stability and computer performance issues."

 

 

Explained here:

https://www.wilderssecurity.com/threads/zonealarm-firewall-release-is-15-159-17147.392124/#post-2655799

Quote

No sorry, wrong. Lazy marketing people just copy the same requirements for all ZA versions. BUT it applies only for ZA with AV, not for the firewall only version! :)

:D

Main difference with ZAPRO: With ZAfree you can't open specific ports or create ad-hoc rules for apps.

Share this post


Link to post
Share on other sites

I am actually ceases to play with any  3rd party firewalls.  I was convinced I don't need it based on my  total setup.   All my systems are now happily puring on EAM

Share this post


Link to post
Share on other sites
On 8/14/2017 at 6:47 PM, Peter2150 said:

Interesting list but it confirms what I've found.   Only  ZoneAlarm Pro is not part of a security suite.  The suites  would be a problem for EAM, but ZAP doesn't seem to be.

It's not quite a complete list. For instance, GlassWire isn't mentioned.

That being said, most dedicated firewall applications have been discontinued over the years. A dedicated advanced firewall application is a very niche sort of product, so you will always have a limited customer base. I imagine that after a while most companies that made those products weren't making enough to justify continuing to produce such software.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.