Serious Discussion Fort Firewall

tnodir

Level 3
Thread author
Well-known
Apr 19, 2022
128
Hi how is this compared to portmasterfirewall,never tried portmaster firewall.
Portmaster looks very user friendly. Domain names filtering per app and SPN features are cool.

But I need the following features in Fort Firewall:
- app groups to easily enable/disable group of programs
- wildcards in program path names
- IP addresses blocking, as in PeerBlock
- speed limiting
- auto-apply program's rules to its child processes

Also I'm concerned about CPU usage when torrenting.
 

Shadowra

Level 33
Verified
Top Poster
Content Creator
Malware Tester
Well-known
Sep 2, 2021
2,246
This firewall is weird...
Let me explain...

I just tested it quickly with a RAT that I built with a fake Wisevector signature (but I went as far as modifying a few parts to make it look like Microsoft) .
The RAT used is Venom5, a fork of AsyncRAT.

I left the firewall by default, and launched the Trojan in administrator mode.
I noticed that Fort Firewall create a rule automatically and allow the connection without warning me....
Why doesn't it ask if it doesn't know?

Capture d’écran 2023-03-13 104726.png

Capture d’écran 2023-03-13 104802.png
 

tnodir

Level 3
Thread author
Well-known
Apr 19, 2022
128
Why doesn't it ask if it doesn't know?
Thanks for checking it out.

Fort Firewall (FFw) is in a "learning" mode after installation.

It indicates about alerts in the tray system icon.

So you have to turn off the "Auto-Allow New Programs" flag.
And review the auto-allowed apps in the Programs window.

(This initial behavior is for case, when you install it on remote computer. So the connection will not be auto-blocked.)

And please test the latest version: v3.7.9 for now.
 

Shadowra

Level 33
Verified
Top Poster
Content Creator
Malware Tester
Well-known
Sep 2, 2021
2,246
Thanks for checking it out.

Fort Firewall (FFw) is in a "learning" mode after installation.

It indicates about alerts in the tray system icon.

So you have to turn off the "Auto-Allow New Programs" flag.
And review the auto-allowed apps in the Programs window.

(This initial behavior is for case, when you install it on remote computer. So the connection will not be auto-blocked.)

And please test the latest version: v3.7.9 for now.

Thanks for your answer :)
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top