Kelmen 0 Posted February 26 Share Posted February 26 i managed to create a custom firewall rule to block both communication with a specific file. but in that rule, i have to explicitly state where the file is located, so folder path is required. i wonder is there a way to do this like, "regardless where the file is, as long as the filename is xyz, apply this rule" Link to comment Share on other sites More sharing options...
Administrators Marcos 5,397 Posted February 26 Administrators Share Posted February 26 If the application is signed, you can created a firewall rule based on the signer instead of the application path: Link to comment Share on other sites More sharing options...
Kelmen 0 Posted February 26 Author Share Posted February 26 i tried that, it seems like using signer, can't specify the application name. i just don't want a specific app by this company to send data. but this company has many other apps/services will still required by other apps of different companies, working as like engine or dependency. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,397 Posted February 26 Administrators Share Posted February 26 Is the application actually digitally signed? Link to comment Share on other sites More sharing options...
czesetfan 29 Posted May 12 Share Posted May 12 On 2/26/2024 at 9:33 AM, Marcos said: If the application is signed, you can created a firewall rule based on the signer instead of the application path: Do I understand correctly that a rule created in this way (with a signer) applies to a process that runs from different locations? For example, wscript.exe: both System32/ and SysWOW64. 🤔 Or do I need to create rules, for both locations? Link to comment Share on other sites More sharing options...
Administrators Marcos 5,397 Posted May 14 Administrators Share Posted May 14 Rules with the application identified by a signer work regardless of the path to the application. Link to comment Share on other sites More sharing options...
Recommended Posts