How to Configure Private Firewall for Optimal Protection ?
Thanks for Helping
Have Nice Day
Thanks for Helping
Have Nice Day
Please provide comments and solutions that are helpful to the author of this topic.
- Status
It's been many years since I have used PrivateFirewall, but have a look at the program settings and help guides. I would assume default settings should be good for most part.
Recommended (it has a lot of detailed information!):
Page 3 of the Product Tour explains the Process Monitor setting.
According to (PrivateFirewall - Need Help | Wilders Security Forums), turning off Process Monitor will only show Alerts for applications wanting Internet access.
See post by @bitbizket. Check before applying any settings.
(Solved) - Private FW
Recommended (it has a lot of detailed information!):
Page 3 of the Product Tour explains the Process Monitor setting.
According to (PrivateFirewall - Need Help | Wilders Security Forums), turning off Process Monitor will only show Alerts for applications wanting Internet access.
See post by @bitbizket. Check before applying any settings.
(Solved) - Private FW
- Mar 15, 2011
- 13,070
Like other Firewall software, in a clean system or full of legitimate programs better set to learning mode for at least a week to registered all the rules as possible and that's the time to undergone interactive mode. Still watch from every alerts and make sure that it will not sacrifice your other tasks. 
- Dec 29, 2014
- 1,716
Been using Private Firewall for over 3 years, and the only thing I can think to say is that much depends on how you choose to use a firewall. When I first started using PF, I set it up for Manual Control and I turned off Auto-Response. I also have "Always display alerts for new outgoing connections" and "Disable Trusted Publisher feature" both selected.
This means that every single low level operation generates a pop up. From there, I get the option to Allow or Block once or to Allow or Block always. Internet connections generate pop ups, too, and the same options apply.
Over the years, I have learned to live with the pop ups. I choose NOT to "Remember" a large number of choices, so I have to see alot of the same pop ups over and over, but that's because enabling a particular type of behavior for a program means allowing the program to use this type of behavior later in another way that I may not intend.
I like having the control, and it's possible to do alot with PF. If you go into Applications and right click on a program, you will see "Advanced Application Settings". This gives you the option to blanket shut down a program or process from using the internet. I don't use IE, so I have it completely shut down this way, along with a number of programs that would otherwise try to connect to the internet. This area is a good place to double check what has or doesn't have internet rights.
The logs can be a big help if you ever wonder about some activity. Right ciick on an entry and select "Advanced Reports" to see what processes have run over a time period and much other information.
I have been aching to run PF by its default settings, but I can't think of a way to do it that allows me the control I want to have. I can't know what PF is doing without the large block pop ups, so I run the myself with the large pop ups that don't time out or auto choose. At any rate, if you focus on anti-keylogging, anti-clipboard monitoring, Anti-simulated input, and Anti-Adjust Privilege, you will be on your way to solid security just being sure to set those to block or at least to ask. Copy screen content is another one to focus on when it comes to alerts. Also, be as aggressive as you possibly can against programs attempting to use the internet. Once allowed, the program can use the net for anything.
The behaviors that can be regulated from the double click menu of each process in the Process Monitor section are tricky. Most of the alerts about them are for legit features of Windows or a program, but for me it's a matter of being comfortable with the behavior in question being allowed. Allow and "Remember" means no alert in the future and that means a blanket approval. So I live with the alerts for alot of things, choosing to allow or block just the once, especially when I don't know why Explorer.exe wants to monitor the clipboard or why Calculator.exe wants to contact the internet or this kind of thing. It's crazy what PF turns up, sometimes. I tend to just block once or allow once frequently because of all of this.
This way does generate the pop ups, so I am sure it's not for most who use a firewall. However, I have seen some of the wisest on MalwareTips say that they live with 80 pop ups a day from UAC, who have it set to the highest setting. I have it turned off, so I have chosen to go all the way with PF, and I think of it as like UAC for me with the exception that I get more information for making decisions, even though I do get a large number of pop ups...
This means that every single low level operation generates a pop up. From there, I get the option to Allow or Block once or to Allow or Block always. Internet connections generate pop ups, too, and the same options apply.
Over the years, I have learned to live with the pop ups. I choose NOT to "Remember" a large number of choices, so I have to see alot of the same pop ups over and over, but that's because enabling a particular type of behavior for a program means allowing the program to use this type of behavior later in another way that I may not intend.
I like having the control, and it's possible to do alot with PF. If you go into Applications and right click on a program, you will see "Advanced Application Settings". This gives you the option to blanket shut down a program or process from using the internet. I don't use IE, so I have it completely shut down this way, along with a number of programs that would otherwise try to connect to the internet. This area is a good place to double check what has or doesn't have internet rights.
The logs can be a big help if you ever wonder about some activity. Right ciick on an entry and select "Advanced Reports" to see what processes have run over a time period and much other information.
I have been aching to run PF by its default settings, but I can't think of a way to do it that allows me the control I want to have. I can't know what PF is doing without the large block pop ups, so I run the myself with the large pop ups that don't time out or auto choose. At any rate, if you focus on anti-keylogging, anti-clipboard monitoring, Anti-simulated input, and Anti-Adjust Privilege, you will be on your way to solid security just being sure to set those to block or at least to ask. Copy screen content is another one to focus on when it comes to alerts. Also, be as aggressive as you possibly can against programs attempting to use the internet. Once allowed, the program can use the net for anything.
The behaviors that can be regulated from the double click menu of each process in the Process Monitor section are tricky. Most of the alerts about them are for legit features of Windows or a program, but for me it's a matter of being comfortable with the behavior in question being allowed. Allow and "Remember" means no alert in the future and that means a blanket approval. So I live with the alerts for alot of things, choosing to allow or block just the once, especially when I don't know why Explorer.exe wants to monitor the clipboard or why Calculator.exe wants to contact the internet or this kind of thing. It's crazy what PF turns up, sometimes. I tend to just block once or allow once frequently because of all of this.
This way does generate the pop ups, so I am sure it's not for most who use a firewall. However, I have seen some of the wisest on MalwareTips say that they live with 80 pop ups a day from UAC, who have it set to the highest setting. I have it turned off, so I have chosen to go all the way with PF, and I think of it as like UAC for me with the exception that I get more information for making decisions, even though I do get a large number of pop ups...
- Status
Similar threads
