Jump to content

Firewall deny/whitelisting applications with dynamically changing directory names


Recommended Posts

Hello,

Some of the annoying apps with Windows 10 (Music.UI, Video.UI, etc.) and apps like Adobe Flash and Dropbox all have dynamic directory paths. I have tried adding a whitelist/blacklist rule for the firewall for those applications, but it doesn't seem to work. I used an asterisk in the dynamic part of the directory path, but I am still getting popups asking if the app can use the internet.

As an example, this is what I have set to deny: C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17072.16431.0_x64__8wekyb3d8bbwe\Music.UI.exe I use C:\Program Files\WindowsApps\Microsoft.ZuneMusic_*\Music.UI.exe

However, I still get asked every time it tries to connect to the internet. I want to leave the firewall in interactive mode.

Any suggestions on how to fix it?

Link to comment
Share on other sites

As far as I am aware of, wildcards are not supported in app names for firewall rules. It was Win 10 apps that made me long ago abandon all attempts to monitor outbound traffic using the Eset firewall. Below is a screen shot of how the Win firewall handles outbound traffic for ZuneMusic. It is generic in nature and permission related. My advice is just allow all Win app outbound traffic.

Win_FW_App_Rules.thumb.png.da80a15c4a5ef679127caf0a043372a9.png

Link to comment
Share on other sites

One suggestion I have is that Eset include an option to use of the Win Firewall outbound rules when Eset's outbound firewall monitoring is enabled as is currently provided for Win firewall inbound rules. At the minimum, for Win Firewall outbound firewall rules pertaining to Microsoft apps.

Link to comment
Share on other sites

BTW - I manually updated my Win10 Microsoft apps today. My Windows Firewall with Advanced Security -> Firewall event log was full of entries noting the old Win firewall app rule was deleted and a new one added for each app that had updated. This confirms my initial assumption that the rules are dynamically updated. Hence any monitoring of same in the Eset firewall is pretty much an effort in futility.

Edited by itman
Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...