Sign in with
Sign up | Sign in
Your question

Personal Firewall - Block all but some application

Last response: in Networking
Share
Anonymous
a b 8 Security
July 6, 2004 6:45:53 PM

Archived from groups: comp.security.firewalls,comp.security (More info?)

We have a client server java application. The communication is provided by

using the Verizon's wireless internet cards. That means that the computer is

connected to the internet all the time. Now we wanted to install a firewall

that would block all the other applications like internet explorer, chat

programs and mainly all the spyware. But the thing is we do not want pop up

messages that ask for our approval to allow or deny any application. We just

want our application which runs on a specific ports using static ip

addresses on the server and the client PC's to access the internet. The user

using the system is not very computer literate and we would not like for him

to see any of such messages. We tested some personal firewalls but all would

pop up the message. Could anybody suggest a firewall that has such options?

All ideas are welcome
Anonymous
a b 8 Security
July 7, 2004 2:41:44 AM

Archived from groups: comp.security.firewalls,comp.security (More info?)

You're not going to find anything that's going to give you what you're
looking for. It's either App Control is enabled and one has to deal with it
or App Control is disabled in the PFW solution and it's not used at all.

App Control in PFW(s) is overrated and can be easily circumvented and
defeated by malware.

The end-user has to be somewhat aware of what he or she is doing is the
bottom line when it comes to controlling malware making it to the machine.

Duane :) 
July 7, 2004 3:12:30 AM

Archived from groups: comp.security.firewalls,comp.security (More info?)

Ashish Joy wrote:

>All ideas are welcome

Don't post through Google... you will miss loads of replies.
Related resources
Anonymous
a b 8 Security
July 7, 2004 3:13:23 AM

Archived from groups: comp.security.firewalls,comp.security (More info?)

In comp.security Ashish Joy <ashishjoy@gmail.com> wrote:
> We have a client server java application. The communication is provided by

> using the Verizon's wireless internet cards. That means that the computer is

> connected to the internet all the time. Now we wanted to install a firewall

> that would block all the other applications like internet explorer, chat

> programs and mainly all the spyware. But the thing is we do not want pop up

> messages that ask for our approval to allow or deny any application. We just

> want our application which runs on a specific ports using static ip

> addresses on the server and the client PC's to access the internet. The user

> using the system is not very computer literate and we would not like for him

> to see any of such messages. We tested some personal firewalls but all would

> pop up the message. Could anybody suggest a firewall that has such options?

> All ideas are welcome

Install Linux on the computer, using java environment, and move the
application. Make shure no services are started amd you are safe.

No need for "firewall-software" in a secured computer system.

--
Peter Håkanson
IPSec Sverige ( At Gothenburg Riverside )
Sorry about my e-mail address, but i'm trying to keep spam out,
remove "icke-reklam" if you feel for mailing me. Thanx.
Anonymous
a b 8 Security
July 7, 2004 10:55:33 PM

Archived from groups: comp.security.firewalls,comp.security (More info?)

Ashish Joy wrote:

> We have a client server java application. The communication is provided by
>
> using the Verizon's wireless internet cards. That means that the computer is
>
> connected to the internet all the time. Now we wanted to install a firewall
>
> that would block all the other applications like internet explorer, chat
>
> programs and mainly all the spyware. But the thing is we do not want pop up
>
> messages that ask for our approval to allow or deny any application. We just
>
> want our application which runs on a specific ports using static ip
>
> addresses on the server and the client PC's to access the internet. The user
>
> using the system is not very computer literate and we would not like for him
>
> to see any of such messages. We tested some personal firewalls but all would
>
> pop up the message. Could anybody suggest a firewall that has such options?
>
> All ideas are welcome


Sygate Personal Firewall has application level blocking and DDL
authentication.

www.sygate.com
Anonymous
a b 8 Security
July 8, 2004 3:16:51 AM

Archived from groups: comp.security.firewalls,comp.security (More info?)

So, to answer both of your questions, 10 times out of 10 when someone
stops svchost.exe from accessing the Internet, it's not svchost.exe that
wants the access as it is only the messenger. It's always some other
program element on the machine that wants to use svchost.exe on its
behalf. That would be an O/S or malware program wants usage of
svchost.exe.

So, one stops Svchost.exe from accessing the Internet with App Control
not knowing what really wants the access. Then one turns around and
allows svchost.exe to access the Internet for some other reason. What
happened to the reason that svchost.exe was stopped not knowing who, what
and why one stopped svchost.exe. The other reason didn't go anywhere and
is still on the machine. Many elements on the O/S that provide Internet
access are treated in the same manner. One stops the access for an
element but one knows not the reason why and then let's it have access
for some other reason.

Malware can beat a PFW with App Control at system boot and get to the
TCP/IP first and be done before any non-integrated O/S component such as
a PFW solution with App Control can even get their and stop it. MS XP for
SP2 is supposed to have App Control that will get to the TCP/IP first
since it will be integrated with the O/S.

Secondly, most users use App Control as a crutch and if it's not sounding
off, then one thinks everything is an OK when malware has circumvented
and defeated the APP Control solution. Or it sounds off so much that the
user just resorts to blowing it off and clicks *yes* let it go as I am
tired of it asking.

I use to be a big fan of App Control in the PFW solutions. I am not
anymore and I have looked at App Control in some of the other products as
well. I use other tools and means to tell me what's happening. BlackIce
with its App Control is active on the machines. I consider BI's App
Control to be one of the best but I don't depend upon it either. I don't
consider App Control to be the stop all and end all solution in any PFW
solution as many others do.

IMHO, it's damn near worthless as far as I am concerned. :) 

Duane :) 
Anonymous
a b 8 Security
July 9, 2004 7:29:59 PM

Archived from groups: comp.security.firewalls,comp.security (More info?)

In article <Xns951FB9F4F6063notmenotmecom@204.127.199.17>,
notme@notme.com says...

> I use to be a big fan of App Control in the PFW solutions. I am not
> anymore and I have looked at App Control in some of the other products as
> well. I use other tools and means to tell me what's happening. BlackIce
> with its App Control is active on the machines. I consider BI's App
> Control to be one of the best but I don't depend upon it either. I don't
> consider App Control to be the stop all and end all solution in any PFW
> solution as many others do.
>
> IMHO, it's damn near worthless as far as I am concerned. :) 

As long as it stops IE, the biggest malware of all... :) 

--
Odd H. Sandvik
Anonymous
a b 8 Security
July 10, 2004 3:06:28 AM

Archived from groups: comp.security.firewalls,comp.security (More info?)

Odd H. Sandvik <invalid@online.nivalid> wrote in
news:MPG.1b58bc4227e7dc369896b3@news.online.no:

> In article <Xns951FB9F4F6063notmenotmecom@204.127.199.17>,
> notme@notme.com says...
>
>> I use to be a big fan of App Control in the PFW solutions. I am not
>> anymore and I have looked at App Control in some of the other
>> products as well. I use other tools and means to tell me what's
>> happening. BlackIce with its App Control is active on the machines. I
>> consider BI's App Control to be one of the best but I don't depend
>> upon it either. I don't consider App Control to be the stop all and
>> end all solution in any PFW solution as many others do.
>>
>> IMHO, it's damn near worthless as far as I am concerned. :) 
>
> As long as it stops IE, the biggest malware of all... :) 
>

I don't have any problems with IE. :)  But If I wanted to stop IE on a NT
based O/S using NTFS, I would go to the Securty Tab and Deny Read/Execute
permissions for all accounts on IExplore.exe.

Duane :) 
Anonymous
a b 8 Security
July 10, 2004 5:39:05 AM

Archived from groups: comp.security.firewalls,comp.security (More info?)

In article <Xns9521B8315D4EAnotmenotmecom@63.240.76.16>, notme@notme.com
says...
> Odd H. Sandvik <invalid@online.nivalid> wrote in
> news:MPG.1b58bc4227e7dc369896b3@news.online.no:
>
> > In article <Xns951FB9F4F6063notmenotmecom@204.127.199.17>,
> > notme@notme.com says...
> >
> >> I use to be a big fan of App Control in the PFW solutions. I am not
> >> anymore and I have looked at App Control in some of the other
> >> products as well. I use other tools and means to tell me what's
> >> happening. BlackIce with its App Control is active on the machines. I
> >> consider BI's App Control to be one of the best but I don't depend
> >> upon it either. I don't consider App Control to be the stop all and
> >> end all solution in any PFW solution as many others do.
> >>
> >> IMHO, it's damn near worthless as far as I am concerned. :) 
> >
> > As long as it stops IE, the biggest malware of all... :) 
> >
>
> I don't have any problems with IE. :)  But If I wanted to stop IE on a NT
> based O/S using NTFS, I would go to the Securty Tab and Deny Read/Execute
> permissions for all accounts on IExplore.exe.

Not a bad idea! :) 

--
Odd H. Sandvik
Anonymous
a b 8 Security
July 14, 2004 12:02:10 PM

Archived from groups: comp.security.firewalls,comp.security (More info?)

Thanks everybody for such informational feedback. After doing some
testing we have temporarily started using Norton Personal Firewall.
Its performance so far seems good. Very few pop-ups and ease of use.
We also tried Zone Alarm Pro. It also seems good and it has some nice
features like creating custon rules. We went with Norton because of
its popularity.

Vacant <vacant@nonews.net> wrote in message news:<n6NGc.8114$LT3.310599@news.xtra.co.nz>...
> Ashish Joy wrote:
>
> > We have a client server java application. The communication is provided by
> >
> > using the Verizon's wireless internet cards. That means that the computer is
> >
> > connected to the internet all the time. Now we wanted to install a firewall
> >
> > that would block all the other applications like internet explorer, chat
> >
> > programs and mainly all the spyware. But the thing is we do not want pop up
> >
> > messages that ask for our approval to allow or deny any application. We just
> >
> > want our application which runs on a specific ports using static ip
> >
> > addresses on the server and the client PC's to access the internet. The user
> >
> > using the system is not very computer literate and we would not like for him
> >
> > to see any of such messages. We tested some personal firewalls but all would
> >
> > pop up the message. Could anybody suggest a firewall that has such options?
> >
> > All ideas are welcome
>
>
> Sygate Personal Firewall has application level blocking and DDL
> authentication.
>
> www.sygate.com
!