Block application from accessing Internet

Discussion in 'Windows 10' started by Attedz, Jul 8, 2018.

  1. Attedz

    Attedz MDL Novice

    May 2, 2018
    13
    2
    0
    Hi. How I can fully block application access to Internet? I know that I can block all .exe files with Windows Firewall on the application folder but the application still access Internet someway. Is there some program that will "watch" spefic application and block any connections that it will make? OS is Windows 10 Pro 1803.
     
  2. TairikuOkami

    TairikuOkami MDL Addicted

    Mar 15, 2014
    734
    614
    30
    Outbound protection is disabled by default in Windows Firewall. If it still connects, then it is probably hijacking another process to connect, you can use Zone Alarm firewall to prevent that.
    Not to mention, that a successful DNS request is considered a successful connection sometimes. DNS requests are done by svchost by default, unless disabled to force each app to do it tiself.
     
  3. endbase

    endbase MDL Guru

    Aug 12, 2012
    3,953
    1,231
    120
    I use WFC for that from binisoft
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  4. hotmusik4u

    hotmusik4u MDL Novice

    Jan 8, 2018
    7
    1
    0
  5. Attedz

    Attedz MDL Novice

    May 2, 2018
    13
    2
    0
    Thanks for replies! I will test these when I get back to home! :yes:
     
  6. Attedz

    Attedz MDL Novice

    May 2, 2018
    13
    2
    0
    Thanks! WFC is working perfectly!:)
     
  7. Mr.X

    Mr.X MDL Guru

    Jul 14, 2013
    6,077
    13,647
    210
    I've never needed to uninstall it as I keep using it on a daily basis the portable version since one year or so. Perhaps you're right simplewall needs improvement to handle those issues properly. Perhaps before removing simplewall either installable or portable version, it's a good idea to click the "Disable Filtering" button found in the main interface. That move will restore WF rules as usual.
     
  8. TairikuOkami

    TairikuOkami MDL Addicted

    Mar 15, 2014
    734
    614
    30
    #10 TairikuOkami, Jul 14, 2018
    Last edited: Jul 14, 2018
    I did that, it did not help either. As I said, it is a half-baked cookie, a little burnt from the side. But I guess, it is just too dependable, I was never able to get Binisoft's WFC working either.
    Sphinx's WFC is a miracle, it does not need EventLog or any other nonsense, it works flawlessly taking 0% CPU & I/O. But free version is useless and the paid one is way too expensive.
     
  9. Ocygord

    Ocygord MDL Senior Member

    May 26, 2011
    275
    88
    10
    I second it. Be very careful when installing 3rd party firewall programs. These can be very buggy at times.
    Your safest bet is to stay with the Windows Firewall.
     
  10. pf100

    pf100 MDL Expert

    Oct 22, 2010
    1,159
    1,555
    60
    True, but that puts us back at square one with no solution for applications that bypass the windows firewall by hijacking an allowed service or program.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  11. s1ave77

    s1ave77 MDL Guide Dog/Dev

    Aug 15, 2012
    15,602
    22,262
    340
    Should be possible to 'sniff' the IPs the solution tries to contact and re-route them internally with:
    Code:
    route -p add 131.253.18.253 MASK 255.255.255.255 0.0.0.0
    My personal list blocks skype that way.
    :thinking:

    EDIT: Undo with:
    Code:
    route delete 131.253.18.253
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  12. BAU

    BAU MDL Senior Member

    Feb 10, 2009
    291
    449
    10
    That was a great solution, but now that most are generic CDN's, it's getting harder and harder to block stuff without also blocking half the (MS) internet.
    Just remembered the futile governmental efforts to block Telegram in Russia :)