Advice Request Firewall strengthing

Please provide comments and solutions that are helpful to the author of this topic.

cryogent

Level 7
Thread author
Verified
Well-known
Oct 1, 2016
307
Hi,
I thought it was time to clean up the rules created by Windows firewall in Outbound and according to what I read "here" it says that the vast majority of the rules created for Microsoft services/ Apps can be disabled without any problems or affecting the stability of the OS.... or at least that's my understanding from what I read.
At one point someone said they installed SysHardener just to save the rules they created but I saw that between what SysH and Configure defender (included in H_C) has rules for, Configure defender has more rules applied, especially when LoLbins are enabled as well.
In the past I've used Binisoft's WFC but didn't get on too well with it and the browsers I was using (even though I'd put them on the exclude list) plus I wouldn't be helped by a firewall that was too chatty (I want to use it on my daughter's pc too).
- Is there a dedicated site where I could be guided to do them manually?
- Is that tutorial above ok?
- Is the firewall in WVSX ok? Although it would be overkill to run it on the configuration I have now ( H_C + KSCF) but it tempts me.
- The firewall in Symantec unmanged is ok? I found it a bit "weird" - feeling it doesn't give me much choice ( I'll install it again to see if it still feels the same).
- is there a firewall router with IDS/IPS that has a built-in wifi and a throupout of at least 1.5 Gb?
 
Last edited:

Back3

Level 14
Verified
Top Poster
Apr 14, 2019
654
Try the portable app Firewall App Blocker to create outbound firewall rules in the Windows Firewall.
Take one rule created with H_C ( FirewallHardening) and use FAB to integrate it in the Windows Firewall. It's a good start!
 
Last edited:

Back3

Level 14
Verified
Top Poster
Apr 14, 2019
654
Not sure what you meant by this, since rules created by FirewallHardening are also Windows Firewall's rules.
Yeah, but they disappear when you uninstall H_C... I have outbound rules from H_C, SysHardener, security geeks , my own rules all integrated in Windows Firewall. No duplicates...
 
Last edited:

show-Zi

Level 36
Verified
Top Poster
Well-known
Jan 28, 2018
2,463
FAB list is very easy to read when managing rules. I use bini's wfc and fab together.
If you're focused on blocking, Tinywall might be a good choice. Continues to block without warning unless explicitly allowed.
 

Brahman

Level 16
Verified
Top Poster
Well-known
Aug 22, 2013
799
Hi,
I thought it was time to clean up the rules created by Windows firewall in Outbound and according to what I read "here" it says that the vast majority of the rules created for Microsoft services/ Apps can be disabled without any problems or affecting the stability of the OS.... or at least that's my understanding from what I read.
At one point someone said they installed SysHardener just to save the rules they created but I saw that between what SysH and Configure defender (included in H_C) has rules for, Configure defender has more rules applied, especially when LoLbins are enabled as well.
In the past I've used Binisoft's WFC but didn't get on too well with it and the browsers I was using (even though I'd put them on the exclude list) plus I wouldn't be helped by a firewall that was too chatty (I want to use it on my daughter's pc too).
- Is there a dedicated site where I could be guided to do them manually?
- Is that tutorial above ok?
- Is the firewall in WVSX ok? Although it would be overkill to run it on the configuration I have now ( H_C + KSCF) but it tempts me.
- The firewall in Symantec unmanged is ok? I found it a bit "weird" - feeling it doesn't give me much choice ( I'll install it again to see if it still feels the same).
- is there a firewall router with IDS/IPS that has a built-in wifi and a throupout of at least 1.5 Gb?
you can test Safing Portmaster
its an alpha software, so don't use on a production machine.
 

cryogent

Level 7
Thread author
Verified
Well-known
Oct 1, 2016
307
@Back3 - H_C always will be my 1st app that is installed so no need to backup his rules.
...... security geeks.....
Forum or persons?

@JoyousBudweiser - looks interesting, I will test it in a few days.

Maybe I don't know where to look but there doesn't seem to be much of a site to help you learn which Microsoft applications and services can be blocked in Outbound / Inbound....
 
Last edited:

SeriousHoax

Level 47
Well-known
Mar 16, 2019
3,630
Yeah, but they disappear when you uninstall H_C... I have outbound rules from H_C, SysHardener, security geeks , my own rules all integrated in Windows Firewall. No duplicates...
You can use Firewall Hardening separately from Hard Configurator as a portable app.
All rules set by Hard Configurator can be found at this registry location:
"HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\FirewallRules"
You can simply export the reg file to save it and use it in the future.
Also, rules created by Firewall Hardening are permanent and won't get removed. Sometimes after a system update/feature update, manually created rules may get deleted. But this rules created by Firewall Hardening will always remain intact.
 

cryogent

Level 7
Thread author
Verified
Well-known
Oct 1, 2016
307
You can use Firewall Hardening separately from Hard Configurator as a portable app.
I always have Hard Configurator installed and firewall strenghten with Firewall Hardening module, what i want is a complementary software for windows firewall that knows how to stop outbound traffic for microsoft/other applications and possibly malware/ransomware connections to their servers by itself or with predefined rules.
So far i tried in a VM:
-TinyWall - block multiple apps/connections by default and block my internet in the end - IMHO to much digging for proper working on novice user.
-SimpleWall - block multiple apps/connections by default but, UI a little bit confused, to much chatty - i will give a longer utilisation when i have time to let him learn.
-Comodo FW - really like his sandbox browsing, i used @cruelsister settings - i will install along KSCF to view is there a compatibily isssue - it will definitely be overkill on KSCF + H_C combo
-WVSX - is on to do list - it will definitely be overkill on KSCF + H_C combo
-WFC Binisoft - bad experience with him blocking internet by it self ( i don't know why)
-Glasswire - is on to do list
I need an easy to understand and ready to work firewall, ideal for a children's computer or for someone older (like parents).

What do you think of this Unifi Dream Router?
I didn't find max throughput on the lan ports....only wifi.
 
Last edited:
  • Like
Reactions: Nevi and Kongo

Freki123

Level 15
Verified
Top Poster
Aug 10, 2013
737
I used Tinywall, WFC Binisoft and Glasswire (paid) and for me Glasswire was the one where I had to contact support a lot. Starting from that it was the only firewall I ever used that couldn't recognize the ingame shop exe of an popular MMORPG to the famous Win32/WBBlockFirewallRule.P.
Edit: Not sure if glasswire free let's you really block or if it's more like an connection viewer (only used the paid version).

 

franz

Level 8
Verified
Well-known
May 29, 2021
383
I used Tinywall, WFC Binisoft and Glasswire (paid) and for me Glasswire was the one where I had to contact support a lot. Starting from that it was the only firewall I ever used that couldn't recognize the ingame shop exe of an popular MMORPG to the famous Win32/WBBlockFirewallRule.P.
Edit: Not sure if glasswire free let's you really block or if it's more like an connection viewer (only used the paid version).

So far, I decide what to block. Every time a file wants to go out, I am warned, can block it or say yes. If I later want to block it or say yes, I can. I can also check the file and send it to VirusTotal, but I have to do it manually.;)
 
  • Like
Reactions: Nevi and cryogent

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top