Hello,
Loving Glasswire, thank you for the great app! My problem is, I have a well known application that attempts to make a network connection on a daily basis from a new executable generated under a random folder. No matter how many times I block it, everyday I get asked again whether I want to grant it access. It appears repeatedly in the firewall list and creates a lot of clutter.
It would be nice if I could block applications just using the name, even possibly an option for wildcards. For example, block the traffic for any application which contains these keywords in the name: "Managed SQL * ". This way, even if the binary is newly generated, it will still get blocked because it has the same name.
Thank you,
Roberto!
1 Like
Roberto,
May I ask the app name? Maybe we can test and fix this permanently.
It appears as “Managed SQL Server Installer”, but the binary’s name is “scenarioengine.exe” and is generated in folders using the following format:
c:\a3e4c9a0f90a75e2603f5ed3\x64\scenarioengine.exe
c:\0cccf00533fec4d5255faec3d2\x64\scenarioengine.exe
c:\70b642973a16dba68e\x64\scenarioengine.exe
c:\4b927c664b58cf97e009b4d4\x64\scenarioengine.exe
Thank you for looking into this!
Roberto
With our paid software you can go to the firewall tab, then click the app icon, then click “hide app” to hide it from the network. We’re thinking about making this feature also ignore all notifications from the “hidden” app. If we added this functionality would it solve your problem, or does this app show up several times under the “firewall” tab in GlassWire?
There are multiple instances of the app under the firewall tab (50+ at this point), so I would have to hide each one individually and do this every day as it re-adds itself.
I see our idea would not benefit you then. We’ll see if we can find another solution.
Perhaps if an app has the same name it can have a + next to it or something like that where you can expand it and see all the apps at once. Would that help?
That would solve the issue of having the name repeated multiple times on the firewall tab. However, I would still have to deny each new instance of this application.
Would it be possible to have it auto-deny apps just based on the name or possibly a md5 hash signature of the file?
Wouldn’t each file have a different hash?
I believe it would be the same hash as the executable should be identical each time. However, I haven’t been able to obtain a copy as it deletes itself after a few seconds.
Here’s what my firewall tab has become and it is only growing:
Really, any solution to organize the clutter would help as it is becoming unmanageable.
Cheers,
Roberto
We’re looking at some options for solving this, for example maybe grouping all identically named items the same. But we want to do this in a usable way. We’re glad to hear ideas in the forum of ways to group this information so it’s easy to use. Thanks for your report.
