Private FW
- Thread starter LoneWolf
- Start date
- Dec 27, 2012
- 621
Firewalls prevent network packets from accessing the system's network interface.
If a request is made to a port that is blocked by a firewall, the request is ignored.
If a service is listening on one of these blocked ports, it does not receive the packets
and is effectively disabled. For this reason, total care should be taken when configuring a firewall to block access
to those ports not in use, while not blocking access to ports used by your configured services
If a request is made to a port that is blocked by a firewall, the request is ignored.
If a service is listening on one of these blocked ports, it does not receive the packets
and is effectively disabled. For this reason, total care should be taken when configuring a firewall to block access
to those ports not in use, while not blocking access to ports used by your configured services
Upvote
0
It is advisable to read the tour page and guide - like Littlebits has mention above, before proceeding to configure PF. This are my old settings, have not been using PF for quite sometime now so i'm not really sure if the layout of PF have change or any new functions have been added. You will likely have a good idea after reading those guide and you're free to edit any settings to your preferences.
Good luck.
-----------------------------------------------------------------------------------------------------------
MAIN MENU>
Main Menu>Internet Security>slider to High or Custom
Main Menu>Network Security>slider to High or Custom
APPLICATIONS>
Applications>Right Click any application.
On resultant drop-down menu, click "Advanced Application Settings">Processes tab>right click an internet facing process (e.g., firefox.exe).
On resultant drop-down menu click "Limited" (repeat this for ALL internet-facing processes)
(See *note (Important) below)
PROCESS MONITOR>
Process Monitor>slider to High
---------------------------
FILE>SETTINGS>BASIC
File>Settings>Basic tab>click boxes as follows:
Manual Control;
Disable auto-response (*optional);
Always display alerts for new outgoing connections;
Disable trusted publisher feature (*optional);
Disable startup splash screen.
FILE>SETTINGS>ADVANCED
File>Settings>Advanced tab>click boxes as follows:
(Under Firewall & Process) -
Enable Process Detection,
Enable Training,
Training 7 days;
(Under Email Anomaly) -
Enable detection,
Training 7;
(Under System Anomaly) -
Enable Detection,
Sensitivity 60,
Training 7.
*OPTIONAL
In addition to "Manual Control" I also have "disable auto-response" and "disable trusted publisher feature" ticked so as to have the most control over PF's responses. This will gives more alerts but are not advisable for beginers and less experience firewall user.
-----------------------------------------------------------------------------------------------------------
*Note (Important)
------------------------------------------------------------
APPLICATIONS>
Application firewall control: (Set All rules to Filter Traffic)
The only thing I allow is my AV real time application. Remember that when you set an application entry to allow, it overrides any PF generated firewall rules and allows everything. Obviously you only want to do that with an app you fully trust.
(Right-click any Application) --> Advanced application settings --> Processes tab
Process settings are different. They control access rights within your system. You only want to fool with those if you know what you are doing or if you have a problem with any application.
(Right-click any process) to see Limited
Limited Rights in Privatefirewall is similar to the User Account Control (UAC) provided in Windows 7 (and Vista). It drops Windows process privileges to minimum and disables administrators and power users group memberships in the process token (if current user is a member of one of these groups).
“The primary difference between a standard user and an administrator is the level of access that the user has over core, protected areas of the computer. Administrators can change the system state, turn off the firewall, configure security policies, install a service or a driver that affects every user on the computer, and install software for the entire computer. Standard users cannot perform these tasks, and they can only install per-user software.”
-----------------------------------------------------------------------------------------------------------
USING PRIVATE FIREWALL AS A PURE FIREWALL
------------------------------------------------------------
Those options needs to be turned off if you just wants to use Private Firewall as purely a firewall.
PROCESS MONITOR>
Turn off the Process Monitor.
The slide for Process Monitor controls PFW's HIPS.
I set it to "Off" when running MD (Malware Defender) for example or when i want the firewall only.
FILE>ADVANCED
File>Settings>Advanced tab>click boxes as follows:
Turn off System Anomaly Detection.
FILE>BASIC
File>Settings>Basic tab>click boxes as follows:
Switch off the; Manual Control: User Input for All Alerts setting (in favor of the)
Standard Control: Alert and Auto-Respond setting.
Enjoy!
Good luck.
-----------------------------------------------------------------------------------------------------------
MAIN MENU>
Main Menu>Internet Security>slider to High or Custom
Main Menu>Network Security>slider to High or Custom
APPLICATIONS>
Applications>Right Click any application.
On resultant drop-down menu, click "Advanced Application Settings">Processes tab>right click an internet facing process (e.g., firefox.exe).
On resultant drop-down menu click "Limited" (repeat this for ALL internet-facing processes)
(See *note (Important) below)
PROCESS MONITOR>
Process Monitor>slider to High
---------------------------
FILE>SETTINGS>BASIC
File>Settings>Basic tab>click boxes as follows:
Manual Control;
Disable auto-response (*optional);
Always display alerts for new outgoing connections;
Disable trusted publisher feature (*optional);
Disable startup splash screen.
FILE>SETTINGS>ADVANCED
File>Settings>Advanced tab>click boxes as follows:
(Under Firewall & Process) -
Enable Process Detection,
Enable Training,
Training 7 days;
(Under Email Anomaly) -
Enable detection,
Training 7;
(Under System Anomaly) -
Enable Detection,
Sensitivity 60,
Training 7.
*OPTIONAL
In addition to "Manual Control" I also have "disable auto-response" and "disable trusted publisher feature" ticked so as to have the most control over PF's responses. This will gives more alerts but are not advisable for beginers and less experience firewall user.
-----------------------------------------------------------------------------------------------------------
*Note (Important)
------------------------------------------------------------
APPLICATIONS>
Application firewall control: (Set All rules to Filter Traffic)
The only thing I allow is my AV real time application. Remember that when you set an application entry to allow, it overrides any PF generated firewall rules and allows everything. Obviously you only want to do that with an app you fully trust.
(Right-click any Application) --> Advanced application settings --> Processes tab
Process settings are different. They control access rights within your system. You only want to fool with those if you know what you are doing or if you have a problem with any application.
(Right-click any process) to see Limited
Limited Rights in Privatefirewall is similar to the User Account Control (UAC) provided in Windows 7 (and Vista). It drops Windows process privileges to minimum and disables administrators and power users group memberships in the process token (if current user is a member of one of these groups).
“The primary difference between a standard user and an administrator is the level of access that the user has over core, protected areas of the computer. Administrators can change the system state, turn off the firewall, configure security policies, install a service or a driver that affects every user on the computer, and install software for the entire computer. Standard users cannot perform these tasks, and they can only install per-user software.”
-----------------------------------------------------------------------------------------------------------
USING PRIVATE FIREWALL AS A PURE FIREWALL
------------------------------------------------------------
Those options needs to be turned off if you just wants to use Private Firewall as purely a firewall.
PROCESS MONITOR>
Turn off the Process Monitor.
The slide for Process Monitor controls PFW's HIPS.
I set it to "Off" when running MD (Malware Defender) for example or when i want the firewall only.
FILE>ADVANCED
File>Settings>Advanced tab>click boxes as follows:
Turn off System Anomaly Detection.
FILE>BASIC
File>Settings>Basic tab>click boxes as follows:
Switch off the; Manual Control: User Input for All Alerts setting (in favor of the)
Standard Control: Alert and Auto-Respond setting.
Enjoy!
Upvote
0
LoneGeek810
New Member
- Jul 25, 2012
- 46
Should I allow all my programs that I know are safe in process monitor or leave it on filter including other security?
Is it safe to allow utorrent? if left on filter will seeding be blocked?
Is it safe to allow utorrent? if left on filter will seeding be blocked?
Upvote
0
- Status
Similar threads
