Jump to content

Archived

This topic is now archived and is closed to further replies.

claudiu

Firewall rules

Recommended Posts

What happens with invalid firewall rules (let's say I uninstalled the program for which previously I had a rule)

 

Thanks!

Share this post


Link to post
Share on other sites

Firewall rules will still remain and would need to be removed manually

Share this post


Link to post
Share on other sites
17 minutes ago, cyberhash said:

Firewall rules will still remain and would need to be removed manually

Any firewall I had so far would mark somehow the invalid rules ( Windows Firewall Control, PC Tools Firewall Plus).

How difficult would be for ESET to implement that.

BTW, if I disable Firewall only , what else is going to be affected???

I forgot to ask : what about duplicate rules?

Share this post


Link to post
Share on other sites
22 minutes ago, claudiu said:

Any firewall I had so far would mark somehow the invalid rules ( Windows Firewall Control, PC Tools Firewall Plus).

How difficult would be for ESET to implement that.

 


Yes it's a small annoyance that does not affect functionality, so after uninstalling an program i generally remove the rule i created manually at the same time so i don't end up with a number of redundant rules.

Share this post


Link to post
Share on other sites
31 minutes ago, claudiu said:

BTW, if I disable Firewall only , what else is going to be affected???

Appears nothing else. However, you might have issues with re-enabling the Win Firewall since Win Security Center has effectively disabled it since Eset is installed. You will have to do some experimenting in this regard.

31 minutes ago, claudiu said:

I forgot to ask : what about duplicate rules?

Firewall rules are executed sequentially from top to bottom in the rules list. So a duplicate rule that is located lower in sequence would never execute since it's predecessor would have satisfied the monitored network activity.

Share this post


Link to post
Share on other sites
7 minutes ago, itman said:

Appears nothing else

Also, the notification if an application has been modified (by update) is disabled.

Funny thing, some rules "allow this and that" are still enabled.

Anyway, I uninstalled Internet Security and installed NOD32 antivirus + Windows Firewall Control , by BiniSoft.( Looks less sophisticated but easy to manage.)

Share this post


Link to post
Share on other sites
1 hour ago, claudiu said:

Funny thing, some rules "allow this and that" are still enabled.

 

By disabling the firewall , allow "everything" takes place. Not just "this and that"

ESET Firewall and WFC are equally easy to use. WFC is not actually a dedicated firewall and just allows for easier use of windows own firewall.

The firewall within EIS offers botnet and network attack protection and "MIGHT" offer greater protection than windows firewall does by default.

https://support.eset.com/kb318/?viewlocale=en_US

Share this post


Link to post
Share on other sites

As Cyberhash wrote, ESET's firewall is not just as simple as the Windows firewall. Not only can ESET protection modules communicate with each other, providing the others with information contributing to better detection and protection, but the ESET firewall also provides Botnet and Network protection modules. That said, even if malware bypassed all protection layers, the firewall can identify it based on the communication protocol which is not that easy to update to evade detection. Also in network environment, Network protection protects the system from malicious exploits in network communication protocols such as SMBv1. As a result, it protected our users from the infamous WannaCry ransomware spreading from unpatched computers already at the network layer.

Share this post


Link to post
Share on other sites

It is possible, after I created the necessary set of rules in interactive mode, to lock the ESET firewall? In other words, do not pop-up any question firewall related and block anything which doesn't have an "allow rule".?

This would be useful to set family PC (wife ,kid)

Share this post


Link to post
Share on other sites

To accomplish that, after creating the necessary rules switch the fw to the policy-based mode.

Share this post


Link to post
Share on other sites
3 hours ago, claudiu said:

This would be useful to set family PC (wife ,kid)

I believe what you are implying is the ability to auto assign a firewall profile based on user logon or logon status; user or limited admin. That is not possible. Firewall profiles can only be linked to a specific network adapter.

Share this post


Link to post
Share on other sites
2 hours ago, itman said:

I believe what you are implying is the ability to auto assign a firewall profile based on user logon or logon status; user or limited admin. That is not possible. Firewall profiles can only be linked to a specific network adapter.

No, I have 3 PC , each of the with ESET; I wanted to make  all firewall rules in interactive mode and lock the firewall after that.

Share this post


Link to post
Share on other sites

It seems like somebody else had a similar idea....but a little bit too late. WFC has been acquired by Malwarebytes.

 

Share this post


Link to post
Share on other sites
On ‎7‎/‎13‎/‎2018 at 7:38 PM, itman said:

Firewall rules are executed sequentially from top to bottom in the rules list

So, how can I move a rule UP/DOWN  or insert a rule between other two?

Share this post


Link to post
Share on other sites

Use the arrows to move rules in the list:

image.png

Share this post


Link to post
Share on other sites

  • Recently Browsing   0 members

    No registered users viewing this page.

×