Tinywall 2.0

Status
Not open for further replies.

jamescv7

Level 85
Thread author
Verified
Honorary Member
Mar 15, 2011
13,070
TinyWall 2.0 incorporates a wide range of new features, many which has been requested by the user community. All aspects of the application are improved, including security, user friendliness, compatibility, performance and stability. Enhancements and new features of TinyWall 2.0 include:

Easier first-time setup. The search for most recognized applications has become blazing-fast and TinyWall will automatically whitelist known and trusted applications when starting for the first time.

Added new learning mode. In this mode TinyWall will observe what applications use the internet and how, and remember them in normal mode. Setting up complex applications or a freshly installed system becomes a piece of cake. Just start learning mode, use the applications, then switch back to normal mode.

A greatly rewritten firewall exception dialog. No more confusing profiles, only a streamlined and simpler interface and a direct possibility to manually specify ports.

The ability to restrict applications, one by one separately, to the local network.

TinyWall 2.0 installs and uninstalls like any other application. By common request it can now be removed from the Control Panel.

Better support for built-in Windows features. TinyWall 2.0 can now be expected to work well and be compatible with Windows Networking, Remote Desktop, Remote Assistance and other network-related Windows features.

Easier whitelisting of complex applications by recognizing related files. If an executable needs additional files whitelisted to work correctly, TinyWall will automatically notify and offer you to whitelist those files when you try to unblock it.

Domain blocklist support. Implemented by installing a custom hosts file, this feature will keep you safe from many malicious websites and increase your browsing speed by blocking trackers and ads. This feature is disabled by default and needs to be turned on explicitly. TinyWall will keep the hosts file updated to ensure you always get the latest protection. (Currently the MVPS hosts file is used.)

Hosts file protection. A common web-related attack by malicious code is redirecting the user to fake sites to phish data or install further bad code. TinyWall will lock the hosts file to ensure its protection and prevent malicious redirection using the hosts file.

Mouse picking of windows with higher privileges. In v1 when TinyWall's controller was not running elevated, it was impossible to whitelist another application that is running with admin rights by mouse picking (by window). You either needed to use a different method or you needed to elevate TinyWall too. TinyWall 2.0 allows you to whitelist most admin applications by window without having to elevate TinyWall itself.

Saving of settings without breaking existing connections. TinyWall will no longer break existing TCP connections when applying firewall settings.

New updater system. The updater now supports updating not only the application, but also the data components separately. It will naglessly keep your hosts file (if enabled) and the recognition database up-to-date without you having to install new versions of TinyWall.

Traffic rate monitor. This is a feature in the form of a tray menu entry that will always tell you the current total download and upload rate of your computer.

Connections window shows blocked applications. The Connections window will now optionally show you what the firewall has blocked recently, and a right-click menu allows you to either unblock or close processes. Even multiple at once.

Increased performance. Reorganized code and a parallelized load process make TinyWall 2.0 start much faster than earlier versions and firewall settings take less time to apply.

Remember the last used firewall mode. TinyWall 2.0 saves the firewall mode between reboots (with the exception of the Disabled and Learning modes, which will not be remembered).

Digitally signed applications executables. All binaries shipped by TinyWall are signed using a recognized digital certificate. A digital certificate assures users that the author is no fictional person and it will identify all software releases coming from me. It means that as long as Windows is telling you that TinyWall has been published by "Károly Pados" and that it is valid certificate, you can be sure that the TinyWall you have downloaded really is from me and that it has not been compromised by others since its release.

Localizability. The interface in 2.0 can be translated to other languages, as of 2.0 a French translation is included in the distribution.

Improved support for accessability, keyboard navigation and screen readers.

Support for running in a virtualized environment.

Support for quickly filtering the list of application exceptions. Makes it a breeze to search for something in a long list.

From the Connections window, you can easily initiate searches for processes on VirusTotal, ProcessLibrary and Google.

Support for Windows 8 (tested on CTP) and .Net Framework 4.

Source from What's New

Main Page
 

bogdan

Level 1
Jan 7, 2011
1,362
I like TinyWall because I can use it under a non-admin Windows account. Of course you don't get the pop-ups available in other alternatives and you can't always use the "Whitelist by window" functionality without admin privileges but it still makes white-listing a lot easier by allowing you to select the white-listed application from a list of running processes, making the Windows Filtering Platform easier to manage. It also seems to have its own list of known good applications that it allows by default.
 

McLovin

Level 78
Verified
Honorary Member
Malware Hunter
Apr 17, 2011
9,228
What are the advantages and disadvantages of TinyWall? never used it so that's why I'm asking. In your own experiences as well :p
 

bogdan

Level 1
Jan 7, 2011
1,362
TinyWall is a "front-end" for the Windows Filtering Platform (WFP), the built-in firewall solution in Windows 7. WFP allows you to enable outbound control but it is somewhat hard to manage without some sort of 3rd party front-end. If some application can't connect to the internet you have to run Windows Firewall with Advanced Security as admin and manually create a new Outbound rule for the program and this takes some time.

Some front-ends to WFP like Windows Firewall Notifier display a pop-up when a certain program can't acess the internet and when you click allow it automatically creates a rule in Windows Firewall with Advanced Security to allow the program.

Last time I checked, alternatives like Windows Firewall Notifier are functional under the default account running in administrator approval mode but I couldn't use them properly under a non admin account, it appears you can't have nice pop-ups asking to allow/deny a certain program to access the Internet without administrator privileges. Given this limitation I have't used them for too long.

In TinyWall you are not forced to run as admin, as a downside you also don't get pop-ups but if some application can't access the internet you can right click the tray icon, select Whitelist by Process and choose your application from a list of running processes. TinyWall automatically ads the rule to Windows Firewall for you. Since I don't believe in the security of the default account running in admin-approval mode in Windows 7 (personal opinion), I only feel safe using just the Windows 7 firewall (no HIPS) under a normal user account. And since TinyWall is usable under such conditions, that's why I prefer it.

It is not a full firewall however It doesn't have additional features that usually come with a firewall today, there are no HIPS/BB/etc. Sometimes it creates both outbound and inbound rules for apps that don't really need to act as a server so I have to check what rules it adds (possible within the interface), there are no predefined rules like in Comodo Firewall depending on the type of application you are allowing to connect to the Internet (honestly comparing tools like TinyWall and WFN to a full featured firewall like Comodo Fw seems unfair). It needs .NET to be installed. It does eat some RAM (2 processes, one of which starts as a service using each about 20MB) but besides this nothing gets added to the system, it only uses the technology provided by Microsoft without possibly slowing you like a third party firewall.
 
D

Deleted member 178

bogdan said:
It is not a full firewall however, there are no HIPS/BB/etc... I only feel safe using just the Windows 7 firewall (no HIPS) under a normal user account.

Just to clarify, HIPS and BB are not truly components of Firewalls, they are just components added to firewalls by some vendors for convenience, because of that many people assimilate HIPS/BB to firewalls and do HIPS leaktests (like CLT,etc...) with non-HIPS firewalls and wonder why they score low.

If an apps can manage outbound & inbound connection, it is a "true" firewall.
 

bogdan

Level 1
Jan 7, 2011
1,362
Yes it is, but can you fully trust it at this point? Without HIPS malware could easily bypass a software firewall (especially the one built-into Windows that the malware author expects to be there) without problems. So my personal opinion is that a software firewall can filter traffic without HIPS just fine... unless we are talking about malware. Microsoft certainly feels the same way given the fact that they don't activate outbound protection by default. My personal opinion is that the outbound protection that you can activate in the Win7 firewall won't prevent malware to act as a server or access the Internet if you are running under the default admin account since most malware will be smart enough to gain admin privileges without the user being aware of it and bypass the firewall.

Edit: OK, I understand your point: A firewall doesn't need HIPS to be called a "full firewall", all it needs is to filter packets.
 
D

Deleted member 178

bogdan said:
Yes it is, but can you fully trust it at this point? Without HIPS malware could easily bypass a software firewall (especially the one built-into Windows that the malware author expects to be there) without problems. So my personal opinion is that a software firewall can filter traffic without HIPS just fine... unless we are talking about malware. Microsoft certainly feels the same way given the fact that they don't activate outbound protection by default.

Of course, but originally Firewalls were just built to protect from hackers and others unwanted attempts to remotely connect to your system, the malwares were left to the Antivirus.
 

Malware Maniac

Level 1
May 14, 2012
673
I don't use tinywall anymore because it kept my browser and other applications from running and I couldn't get to my control panel to remove it. although that is my experience.
 

bogdan

Level 1
Jan 7, 2011
1,362
It probably failed to create some rules, it happened to me with an older version of Windows Firewall Control as well: on another PC it worked just fine but on mine I had to add rules for svchost.exe manually to be able to access the Internet with any program. All I can say is that this version of TinyWall (2.0.0) managed to install and allow me to access the Internet on my computer.
 
D

Deleted member 178

bogdan said:
Edit: OK, I understand your point: A firewall doesn't need HIPS to be called a "full firewall", all it needs is to filter packets.

Exactly, also allows you to close opened ports and make you "invisible" to ports scans. The best example is the old good Zone Alarm Firewall.
 

malbky

Level 1
Jun 23, 2011
1,011
A Hips or an program gaurd is put into firewalls to prevent applications from betraying the system, so only good apps get access to internet resources. This is in a way selective filtering of internet data which is what a firewall does, so we can also call an HIPS/BB the concious of the firewall helping it to decide from whats wrong and whats not.
 

McLovin

Level 78
Verified
Honorary Member
Malware Hunter
Apr 17, 2011
9,228
Right will have to give this ago in the VM :) The other one I used a while ago which was OutPost Firewall, that wasn't that bad, but looking at this this might have to be better.
 
D

Deleted member 178

malbky said:
A Hips or an program guard is put into firewalls to prevent applications from betraying the system, so only good apps get access to internet resources.

The job of a firewall originally

This is in a way selective filtering of internet data which is what a firewall does, so we can also call an HIPS/BB the conscious of the firewall helping it to decide from whats wrong and whats not.

It is not the conscious, HIPS/BB forbid unknown/malicious/non-whitelisted processes to execute, they have nothing to do with Firewalls and filtering packets, HIPS/BB dont filters packets or close open ports.

I insist on this because many people i met a bit concerned by security mistakenly assimilate HIPS/BB to be natural components of FW, which is not and discard efficient pure firewalls because they think they lack the HIPS features so they are not protected enough.
I admit than vendors bundle HIPS/BB with Firewalls , but it is more for convenience, because now malwares now often phone home and have remote control features.
Defense+ is also part of Comodo AV (that is not a firewall), Threatfire is a BB standalone, Mamutu (BB) is on EAM, Windows Firewall doesn't have HIPS or any BB.
Also OA/Comodo HIPS can be disabled permanently so it is clearly not a vital part of a FW
 

malbky

Level 1
Jun 23, 2011
1,011
In better words firewall is a regulated for internet acess. The HIPS and BB would be a sort of gaurd by checking whether they have genuine rights to pass. A firewall only rely on rules to do filtering while the HIPS makes it independent of rules by allowing it curtail access or allowing access when the firewall does not have present rules. ITs like 6th sense for it. Umbra whatever, the fact remains unchanged that the HIPS/bb will act as the firewalls brain. Today the definition has changed for a firewall. Now a days a firewall also has abilities to detect intrusions. Formerly firewalls were only filtering inbound data but now even outbound data gets filtered.
 
D

Deleted member 178

It is what i said , FW are made to allow/block outbound/inbound connections, not monitoring the execution of processes (role of HIPS/BB/anti-exec and other applications guards).

"it is not because an hunter possess a sniper rifle that he become a real military sniper"
 

Littlebits

Retired Staff
May 3, 2011
3,893
A true stand-alone firewall only has one function- Control network connectivity, nothing else.

Many users fail to understand this, products like Comodo, Online Armor, Malware Defender, etc. are really HIPS products not firewalls. Of coarse you can manually disable the HIPS features and only use the network control components but it is not the same as using a stand-alone firewall since on most HIPS applications the boot drivers load even when the HIPS features are disabled. The boot drivers can cause compatibility issues with other security products.

Products like Tinywall, fireBwall, Windows Firewall Notifier, BiniSoft Windows Firewall Control and Sphinx Windows 7 Firewall Control will become the future network control products since most stand-alone firewalls are gone or integrated into security suite and HIPS products.

Thanks.:D
 
P

Plexx

I am curious to see if the old Sygate would run on Windows 7 64 bit.

Anyone know where I can still grab a copy of that firewall?

Tried googling without much luck :(
 

Ink

Administrator
Verified
Jan 8, 2011
22,490
Biozfear said:
I am curious to see if the old Sygate would run on Windows 7 64 bit.

Anyone know where I can still grab a copy of that firewall?

Tried googling without much luck :(

How old, 2005?
http://www.filehippo.com/download_sygate_personal_firewall/history/
 

Littlebits

Retired Staff
May 3, 2011
3,893
Biozfear said:
I am curious to see if the old Sygate would run on Windows 7 64 bit.

Anyone know where I can still grab a copy of that firewall?

Tried googling without much luck :(

You can get the last version at FileHippo but I seriously doubt it would run on Windows 7 since it was discontinued way before SP2 for WinXP was even released.

I don't even think it supports WinXP SP3 since network settings were change with the service pack.

Sygate Firewall was the best firewall that I ever used, none of the others could even touch it. Too Symantec bought them out and discontinued it.

The only other firewall to ever come close is ZoneAlarm. (I'm talking about pure firewalls with no bloat).

Symantec could have made money off of Sygate Firewall, many users would have bought it.

Thanks.:D
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top