Jump to content

Wildcard support in firewall rules solution


Recommended Posts

Hello,

I hope that Marcos will read this message and ansers to it.

 

I didn't found again the topic but I know that you are some users who want to keep the control of their rules and don't wants to use the automatic mode of the firewall.

And we have a big problem with a lot of app which change their path frequently (windows store) and ask frequently again the autorisation.

 

Marcos, explain that for security reason it's not safe to use wildcard in firewale rules. Ok with that. Even if, I think that if the users are informed and agree with the risk they take, it can not be a real good excuse.

But anyway, that's my solution which is a mix.

I propose to add an option where users can choose several folder (for exemple Windows Store) and if an exe is in this folder, they are verified whith the automatic metode. So the security is not worst than the automatic one and the user keep the interactive control of the connection of the majority of his app (all the exe out of those folder).

 

What do you think about the idea ?

 

James

Link to comment
Share on other sites

  • Administrators

The problem with custom firewall rules and applications changing the path after update is planned to be addressed in the future. There is currently no ETA but it's definitely something we want to address.

Link to comment
Share on other sites

  • 1 month later...

At the moment, when an app has been changed (updated/upgraded) for which a firewall rule exists, I get a confirmation dialogue in which I can select to keep the current rule(s) and apply it to the new app executable.

Why not apply this exact behavior to wildcard-rules when the path and/or executable has been changed? This way the user retains the same amount of control over rules for updated apps and the rule table doesn't get cluttered with dozens of obsolete rules.

Edited by Laub
Link to comment
Share on other sites

On 1/30/2022 at 11:56 AM, itman said:

"Don't hold your breath" on Eset supporting global wildcard capability. I have been waiting 7 years for it.🥺

As you said 7 years waiting.
Didn't this option come up until now?
do you still have hope that it will come?
There are so many questions that we have no answers!

Link to comment
Share on other sites

i will note that the Win firewall also doesn't support wildcard in its rules;

Quote

The use of wildcard patterns, such as C:*\teams.exe is not supported in application rules. We currently only support rules created using the full path to the application(s).

https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-firewall/best-practices-configuring

Like the Win firewall, the Eset firewall is a basic feature but effective firewall.

On the other hand. McAfee's firewall; at least for the endpoint versions, does allow wildcards: https://docs.mcafee.com/bundle/endpoint-security-10.6.0-firewall-product-guide-windows/page/GUID-6BBA2444-6126-49CD-A866-93CDC0CF7A66.html . BTW - McAfee won A-V Comparatives product of the year award: https://www.av-comparatives.org/tests/summary-report-2021/ .

Edited by itman
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...