Jump to content

Archived

This topic is now archived and is closed to further replies.

pps

Firewall rule with no application path but only application name

Recommended Posts

Hello,

In our company we have about 100 users which each one has more than one installations in his pc of a specific application (appname.exe) and in many different paths.

For example one user has C:\appfolder\appname.exe , C:\apps\appfolder\appname.exe, C:\apps\a1\appfolder\appname.exe  a second one has  C:\Appfolder\appname.exe and so on.

So insted of 100+ rules for appname.exe we want to make only one firewall rule that includes all the above cases.

Thanks,

Peter

Share this post


Link to post
Share on other sites

maybe the software is using a special port which you can block? i have seen no function to block only a process in eset firewall rules without the absolute path to the process

Share this post


Link to post
Share on other sites

Rules require a full path to an application. If they were based just on file names, one could enter "svchost.exe" for instance but since it's a typical name of malware it would also allow the communication for both the system and malicious processes.

Share this post


Link to post
Share on other sites

hello,

If the same application exists in 400 different places 400 rules is not a manageable solution to use paths.

Is it possible to identify the executable via hashing or something similar?

thanks

Share this post


Link to post
Share on other sites

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...