Windows Firewall - How to block?

Discussion in 'PC' started by Dalmation, May 11, 2015.

  1. Dalmation

    Dalmation Ultrasonic

    Joined:
    Jun 7, 2011
    Messages:
    395
    Likes Received:
    35
    Windows Firewall?

    Greetings all ^_^

    My experience with firewalls on Windows XP / 7 has been with COMODO Firewall and ESET - NOD32.
    Now I only use the pre-installed Windows Firewall and am looking for a simple way to control it, to disallow by default - internet access for new installed software.

    I had a quick look at: Control Panel > System and Security > Windows Firewall > Allow a program through Windows Firewall. I can see a list of ticked and un-ticked applications. Even though I did not manually set the ticks for certain apps, how did they get there?

    How do I make it so new apps get barred from internet access by default, unless I grant them access?
    Do I need to change something in: Control Panel > System and Security > Windows Firewall > Advanced Settings ?

    I have thought of this simple solution:
    1. Turn Windows Firewall > Off
    2. Install and register software with KG or serial
    3. Go to: Control Panel > System and Security > Windows Firewall > Allow a program through Windows Firewall
    4. Click 'Allow another program' and add the new software (.dll, .exe etc.)
    5. In 'Allowed programs and features - un-tick next to the software name
    6. Turn Windows Firewall > On

    Is my solution adequate or need something else?

    Thanks all.
     
  2.  
  3. SillySausage

    SillySausage Producer

    Joined:
    Jul 7, 2012
    Messages:
    2,559
    Likes Received:
    106
    Location:
    where ever
    control panel / system and security / windows firewall / advanced settings / inbound rules and outbound rules

    create a new (same) rule using both inbound and outbound

    locate the program (exe) file / block all connections / save

    software is automatically added to the allow through windows firewall list when installed
     
  4. Guitarmaniac64

    Guitarmaniac64 Producer

    Joined:
    Jun 5, 2011
    Messages:
    958
    Likes Received:
    117
    My guess is you have to choose a third party firewall comodo or whatever you choose many of the free ones is said to be better then windows own firewall.
    I dont think you have the option to control win firewall the same way you control a third party app
     
  5. SillySausage

    SillySausage Producer

    Joined:
    Jul 7, 2012
    Messages:
    2,559
    Likes Received:
    106
    Location:
    where ever
    windows firewall is perfectly adequate at blocking connections if set up correctly (see above), you don't need to use any other software
     
  6. Guitarmaniac64

    Guitarmaniac64 Producer

    Joined:
    Jun 5, 2011
    Messages:
    958
    Likes Received:
    117
    Thats NOT what i wrote i wrote CONTROL the firewall.
    The thing i like most with third party apps is that after installing the firewall you often got a question to choose the option "let me choose if the software that wants to connect to internet"
    So everytime a software and that almost always means EVERY software wants to connect to internet you got a pop-up box that let you choose "if you want to allow for now until quit" or aloud forever or block.
    That is more user friendly than the built in win firewall i dont even think you got that option in wins own firewall..
    B.t.w if you install windows (i just did that on one machine) my bet is that almost every app got access to internet atleast surfing did not required any alouds from me i just open internet explorer and started to surf the net.
     
  7. m5g

    m5g Member

    Joined:
    Jul 19, 2011
    Messages:
    29
    Likes Received:
    7
    I highly recommend using this FREE software for CONTROL native Windows Firewall.

    http://www.sphinx-soft.com/Vista/order.html

    just download FREE version ;)

    Using it since Windows 7, now 8.1 - no problems - it intercept all software connections
     
  8. Dalmation

    Dalmation Ultrasonic

    Joined:
    Jun 7, 2011
    Messages:
    395
    Likes Received:
    35
    SirSillySausage - Thanks.
    I see I can add an application in both Allow a program through Windows Firewall and Advanced Settings
    The fist being the simplest. Which is the correct method?

    Guitamaniac64 - Thanks.
    "let me choose if the software that wants to connect to internet"
    So everytime a software and that almost always means EVERY software wants to connect to internet you got a pop-up box that let you choose "if you want to allow for now until quit" or aloud forever or block."

    Yeah I liked that level of control as well.
     
  9. Dalmation

    Dalmation Ultrasonic

    Joined:
    Jun 7, 2011
    Messages:
    395
    Likes Received:
    35
    If a VST does not have an '.exe' file to block, how do we block it's .dll ?

    And - do we have to block individual VST's AND the host-DAW, or only the DAW?
     
  10. Mykal

    Mykal AudioP2P

    Joined:
    Jun 20, 2011
    Messages:
    1,158
    Likes Received:
    303
    Location:
    I'm Right Behind You
    I block my DAW and if I have any stand alones effects or synths installed I also block the exe but for the most part I only use the plugin versions and blocking the Host DAW is all I need
     
  11. Mostwest

    Mostwest Platinum Record

    Joined:
    Dec 25, 2012
    Messages:
    1,364
    Likes Received:
    204
    -i can confirm that Windows 7 Firewall is the best. Bought this PC 3 years ago (i don't use any antivirus): no virus, no spyware or shit like that.

    -if you want to stop a plugin connection block your DAW connections if you don't need it for activation stuff

    -when block app/.exe i usually create the rule for incoming & outcoming connection for my pc: i block IN and OUT connection for my daw and everything is ok.
     
  12. One Reason

    One Reason Audiosexual

    Joined:
    Jun 11, 2011
    Messages:
    2,646
    Likes Received:
    717
    Location:
    Up shit creek without a paddle...

    this ^
     
  13. Catalyst

    Catalyst Audiosexual

    Joined:
    May 28, 2012
    Messages:
    5,703
    Likes Received:
    638
    No no no no no no no. *no*

    ESET Smart Security interactive mode. *yes*
     
  14. Resonance

    Resonance Newbie

    Joined:
    Apr 15, 2014
    Messages:
    165
    Likes Received:
    1
    Location:
    Europe
    Team Atom released Windows Firewall Control v4.0.9.7 a while back which does just that. I use that on my pad as only read a few things off the net on it, you can remove a lot of the windows firewall defaults permissions as you only need a few to be working online. so I only have updates and system going through and not all the other MS stuff and allow a browser of course.
    For newbies Comodo is easy for beginners. it avoids techy languange as much as possible and has options to choose from depending how paranoid your feeling :) it will protect your registry so if you like visiting sites that your not sure about, it will pop up with anything trying to modify your system. always best to try a few and see what you get on with, there's little point struggling with one and not really knowing what it's doing if it doesn't suit your present abilities, you can always work towards improving your knowledge but get safe first with something you feel comfortable with straight off.
     
  15. MozartEstLa

    MozartEstLa Platinum Record

    Joined:
    Jul 13, 2014
    Messages:
    473
    Likes Received:
    174
    Location:
    France
    EDIT: SOLVED - SEE BELOW...

    Hi!

    I'm using Windows 7 stock firewall (with Windows Firewall Control v4.9.2.0 frontend).

    I have a question: is it possible to define, for one application (eg "c:\program files\reaper (x64)\reaper.exe") one rule to block access (out) to internet (all IPs/ports/services etc), and second/third rules to allow (out & in) to my LAN?

    In other words: I'd like to restrict "reaper.exe" only into my LAN.

    Thanks in advance for reply.
     
    Last edited: Jan 26, 2017
  16. MozartEstLa

    MozartEstLa Platinum Record

    Joined:
    Jul 13, 2014
    Messages:
    473
    Likes Received:
    174
    Location:
    France
    From binisoft.org (FAQ), I've found the way to block internet and allow all on LAN/WLAN subnet.

    Of course, my LAN uses common 192.168.1.0/24 but I allow any 192.168.x.x because some discover services (printer or scanner) may access to these IPs. Also, 192.168.x.x are private IPs.

    Firewall Reaper and Live.png

    Example above for Ableton Live + REAPER to prevent Internet checks, but allow for example any TouchOSC operations over WiFi (in same subnet) from/to iPad... perhaps this may help other members here.
     
    Last edited: Jan 27, 2017
  17. shomyca

    shomyca Producer

    Joined:
    Jul 20, 2012
    Messages:
    221
    Likes Received:
    105
    Thank you so much for this! You saved me the trouble of learning it myself. It works great!

    I had to allow Cubase (vienna ensemble pro) reaching my slave pc over router, but still wanted to block cubase reaching internet. This was the way to do it.

    Cheers!
     
  18. Mousikanos

    Mousikanos Member

    Joined:
    Feb 11, 2018
    Messages:
    28
    Likes Received:
    9
    Or you could use a nice little nifty application called GlassWire. There's a Free and Pro version of it, but I find it very powerful and cool.

    https://www.glasswire.com/
     
  19. Xupito

    Xupito Audiosexual

    Joined:
    Jan 21, 2012
    Messages:
    1,161
    Likes Received:
    574
    Location:
    Where machine gun effect means dead bodies
    Don't remember who said it but you only have to block the .exe file(s) of the DAW and the possible plugins standalone versions (many of them uses the standalone version to register).

    [EDITED:] Here ))
    The .dll files are loaded in an .exe process, just like VST2 plugins in the DAW main .exe, but it can be applied to all kind of files.

    I nearly always use a third-party tool that has whitelist mode to complement Windows Firewall (tray icon menu picture)
    Whitelist mode is to block everything but the apps you allow.

    -The best feature wise is TinyWall but it's almost discontinued
    [​IMG]
    - Another really light portable one that gets the job done is Sordum FAB:
    [​IMG]

    When you use whitelist mode you've to be careful because when you disable it any non explicitly blocked app can access internet.
    So you may want to add blocks to important apps besides the permissions to allow that you tipically add (browser, ...).
     
  20. panaman

    panaman Member

    Joined:
    Jul 8, 2017
    Messages:
    79
    Likes Received:
    19
    can these be used together, fab blocking app orientated while binisoft blocking ip addresses?

    seems to me like many of what you need to block doesnt actually call home by itself but rather opens a browser window to go home, so browser would have to be blocked at all times in whitelist mode?
     
  21. DJK

    DJK Platinum Record

    Joined:
    Nov 23, 2017
    Messages:
    386
    Likes Received:
    153
    Location:
    felixstowe england
Loading...
Similar Threads - Windows Firewall block Forum Date
What Windows OS Firewall Are You Currently Using? PC Feb 23, 2016
Reason 2.5 Fix on Windows 10 Software Dec 5, 2018
windows 7 and usb3 Computer Hardware Dec 4, 2018
How can i make Samplers Recognize Sample Paths From Windows ( songs ) ? Mac / Hackintosh Dec 3, 2018
Maschine MK1 not working with Maschine 2 (Windows 10) PC Nov 28, 2018
Loading...