"Block All" as Standard

I need a “block all” mode with a whitelist approach as possible standard - as it is every program is allowed first before being able to block it.

4 Likes

We’re investigating if this is possible while still using the Windows Firewall. We’d prefer not to make our own Firewall because it can add instability to the system and it’s very hard work. I also want this feature.

1 Like

Should be possible - just look at http://www.binisoft.org/, its standard mode is block all without a rule that allows traffic - from there yoiu start to whitelist your programs… Its also just setting windows fw rules

2 Likes

I need this too. Please take a look at Windows Firewall Control:
http://www.sphinx-soft.com/Vista/index.html (english)
http://www.sphinx-soft.com/de/Vista/order.html (german)
This program controls the windows firewall too and blocks all new applications by default…

I think allowing applications connect by default is a security risk.

2 Likes

I agree with this. Also, if possible, you could write something that allows for extensible things to happen when an alert condition occurs, and/or when a user performs actions (like allowing an app through the firewall). For instance, I just thought that it would be nice to have a powershell script sleep a process('s threads) on “first connection,” then have it un-sleep when I allow the traffic.

An “extensible action engine” like this would be really great and take care of my other request for uploading a pcap to virustotal.

2 Likes

Adding my agreement with this. Would like to see a notification appear indicating something would like to initiate traffic, and ask if I would like to allow only that session, allow it while the application runs that one time, allow it permanently, or allow it for a specific amount of time.

4 Likes

ditto. BWMeter http://www.desksoft.com/BWMeter.htm has the kind of control that you are describing. would like to see this level of control in GlassWire as well.

Yes, this kind of feature will be be very appreciate. I would like to be able to block all programs by default and allow connection only for programs I need/trust.

2 Likes

I too support this request. I love the way that GW alerts when a new process has connected to the Net, BUT that is nonetheless rather shutting the stable door after the horse has bolted. That allowed new connection could maybe have given some password or card number to a criminal! Yes, we really do need blocking all by default!


Philip

2 Likes

I support this request. It would be nice to block all outbound by default. Then overnight Glasswire monitors outbound attempts and pops up alerts.

In the morning, I log into the future “phase B” release of the GlassWire Central management server. Then I check all the alerts on all the machines and notice that my antivirus executable has updated again, and to auto allow all outbound from AV.exe to AV.com across the fleet.

Yes all kinds of stuff will break like WMI, Printing, client/server apps. But as an additional layer of defense I’d feel alot better about my individual machine, or my fleet machines.

1 Like

I wonder what a good name for this feature would be?

“BAO” block all outbound, Megablock, Ultrablock, Hyperblock, UltraGuard, Glass-Wire-Frosty-Glass, Opaque Mode, Stealth mode, Dark mode, Quiet mode, Fortress Mode, Inviso-Style, Fort Knox, Alcatraz, Black Hole (packets go in, but they never come out), Death Star, Packet Wall, One Way Mode, Guard Mode, Gate Guard, Guard wall, Glass Guard, Glass Wall, Window Blinds, Shutter Guard, Blind Mode, Outbound Interrogator, Glass Gator, InterroGuard (google says this is open), NannyGuard, Packet Safe, FilterGuard, FilterSafe, Glass-Safe, Glass Fortress, Crystal Palace, Crystal Fortress, Crystal Guard, View safe, View Guard, The drstreit option or “TDO”, Normally closed except for whitelist or “NCEFW”

Glasswire Outbound Block or “GOB”. Glasswire Ultra Block “GUB” mode. Glasswire Alcatraz Zone “GAZ”

The “Not in my House” button or “NIMH”.

Glasswire Outbound Firewall or “GOF”

3 Likes

Cool name ideas, thanks!

Looks like BiniSoft is shareware. Glasswire is shareware. If BiniSoft has already done the heavy lifting on the firewall side, and Glasswire has the better front end, then perhaps a collaboration to join forces could be fruitful. GlassWire guys and BiniSoft guys should do lunch.

Or not.

I’ve never used BiniSoft so I can’t speak authoritatively. I just did a cursory overview of BiniSoft. I can’t tell if BiniSoft is just a different front end for the “Windows Firewall with Advanced Security”, or if BiniSoft is its own firewall that replaces the Windows Firewall.

We have already started working on our end so collaboration is no longer necessary. However, I’ll check out their product. Thanks!

In this “Block All”-mode GlassWire should inform the user, if a new application tries to connect to a server and give him the possibility to set the application on the whitelist or blacklist. Thanks!

3 Likes

I’ve been using Binisoft Windows Firewall Control for a few days now, and for the most part I really like it - and I too would support a combining of its features (no doubt with improvements) with the current GW feature set.

This is a must feature and overall firewall should get more features. Very limited options.

1 Like

Working on it. Thanks for your feedback.

All the “firewalls” that do this result in the connection being rejected and the application failing. Only a WFP driver level firewall can suspend the connection until the user approves it.