Jump to content

Firewall rule with no application path but only application name


Recommended Posts

Hello,

In our company we have about 100 users which each one has more than one installations in his pc of a specific application (appname.exe) and in many different paths.

For example one user has C:\appfolder\appname.exe , C:\apps\appfolder\appname.exe, C:\apps\a1\appfolder\appname.exe  a second one has  C:\Appfolder\appname.exe and so on.

So insted of 100+ rules for appname.exe we want to make only one firewall rule that includes all the above cases.

Thanks,

Peter

Link to comment
Share on other sites

maybe the software is using a special port which you can block? i have seen no function to block only a process in eset firewall rules without the absolute path to the process

Edited by schuetzdentalCB
Link to comment
Share on other sites

  • Administrators

Rules require a full path to an application. If they were based just on file names, one could enter "svchost.exe" for instance but since it's a typical name of malware it would also allow the communication for both the system and malicious processes.

Link to comment
Share on other sites

  • 2 weeks later...

hello,

If the same application exists in 400 different places 400 rules is not a manageable solution to use paths.

Is it possible to identify the executable via hashing or something similar?

thanks

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...