Hi. How I can fully block application access to Internet? I know that I can block all .exe files with Windows Firewall on the application folder but the application still access Internet someway. Is there some program that will "watch" spefic application and block any connections that it will make? OS is Windows 10 Pro 1803.
Outbound protection is disabled by default in Windows Firewall. If it still connects, then it is probably hijacking another process to connect, you can use Zone Alarm firewall to prevent that. Not to mention, that a successful DNS request is considered a successful connection sometimes. DNS requests are done by svchost by default, unless disabled to force each app to do it tiself.
I've never needed to uninstall it as I keep using it on a daily basis the portable version since one year or so. Perhaps you're right simplewall needs improvement to handle those issues properly. Perhaps before removing simplewall either installable or portable version, it's a good idea to click the "Disable Filtering" button found in the main interface. That move will restore WF rules as usual.
I did that, it did not help either. As I said, it is a half-baked cookie, a little burnt from the side. But I guess, it is just too dependable, I was never able to get Binisoft's WFC working either. Sphinx's WFC is a miracle, it does not need EventLog or any other nonsense, it works flawlessly taking 0% CPU & I/O. But free version is useless and the paid one is way too expensive.
I second it. Be very careful when installing 3rd party firewall programs. These can be very buggy at times. Your safest bet is to stay with the Windows Firewall.
True, but that puts us back at square one with no solution for applications that bypass the windows firewall by hijacking an allowed service or program.
Should be possible to 'sniff' the IPs the solution tries to contact and re-route them internally with: Code: route -p add 131.253.18.253 MASK 255.255.255.255 0.0.0.0 My personal list blocks skype that way. EDIT: Undo with: Code: route delete 131.253.18.253
That was a great solution, but now that most are generic CDN's, it's getting harder and harder to block stuff without also blocking half the (MS) internet. Just remembered the futile governmental efforts to block Telegram in Russia