Block application from accessing Internet

Discussion in 'Windows 10' started by Attedz, Jul 8, 2018.

  1. Attedz

    Attedz MDL Novice

    May 2, 2018
    13
    2
    0
    Hi. How I can fully block application access to Internet? I know that I can block all .exe files with Windows Firewall on the application folder but the application still access Internet someway. Is there some program that will "watch" spefic application and block any connections that it will make? OS is Windows 10 Pro 1803.
     
  2. TairikuOkami

    TairikuOkami MDL Expert

    Mar 15, 2014
    1,172
    1,052
    60
    Outbound protection is disabled by default in Windows Firewall. If it still connects, then it is probably hijacking another process to connect, you can use Zone Alarm firewall to prevent that.
    Not to mention, that a successful DNS request is considered a successful connection sometimes. DNS requests are done by svchost by default, unless disabled to force each app to do it tiself.
     
  3. endbase

    endbase MDL Guru

    Aug 12, 2012
    4,667
    1,708
    150
    I use WFC for that from binisoft
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  4. hotmusik4u

    hotmusik4u MDL Novice

    Jan 8, 2018
    19
    9
    0
  5. Attedz

    Attedz MDL Novice

    May 2, 2018
    13
    2
    0
    Thanks for replies! I will test these when I get back to home! :yes:
     
  6. Attedz

    Attedz MDL Novice

    May 2, 2018
    13
    2
    0
    Thanks! WFC is working perfectly!:)
     
  7. Mr.X

    Mr.X MDL Guru

    Jul 14, 2013
    8,575
    15,645
    270
    I've never needed to uninstall it as I keep using it on a daily basis the portable version since one year or so. Perhaps you're right simplewall needs improvement to handle those issues properly. Perhaps before removing simplewall either installable or portable version, it's a good idea to click the "Disable Filtering" button found in the main interface. That move will restore WF rules as usual.
     
  8. TairikuOkami

    TairikuOkami MDL Expert

    Mar 15, 2014
    1,172
    1,052
    60
    #10 TairikuOkami, Jul 14, 2018
    Last edited: Jul 14, 2018
    I did that, it did not help either. As I said, it is a half-baked cookie, a little burnt from the side. But I guess, it is just too dependable, I was never able to get Binisoft's WFC working either.
    Sphinx's WFC is a miracle, it does not need EventLog or any other nonsense, it works flawlessly taking 0% CPU & I/O. But free version is useless and the paid one is way too expensive.
     
  9. I second it. Be very careful when installing 3rd party firewall programs. These can be very buggy at times.
    Your safest bet is to stay with the Windows Firewall.
     
  10. pf100

    pf100 Duct Tape Coder

    Oct 22, 2010
    2,069
    3,447
    90
    True, but that puts us back at square one with no solution for applications that bypass the windows firewall by hijacking an allowed service or program.
     
  11. s1ave77

    s1ave77 Has left at his own request

    Aug 15, 2012
    16,104
    24,378
    340
    Should be possible to 'sniff' the IPs the solution tries to contact and re-route them internally with:
    Code:
    route -p add 131.253.18.253 MASK 255.255.255.255 0.0.0.0
    My personal list blocks skype that way.
    :thinking:

    EDIT: Undo with:
    Code:
    route delete 131.253.18.253
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  12. AveYo

    AveYo MDL Expert

    Feb 10, 2009
    1,836
    5,685
    60
    That was a great solution, but now that most are generic CDN's, it's getting harder and harder to block stuff without also blocking half the (MS) internet.
    Just remembered the futile governmental efforts to block Telegram in Russia :)
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...