Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

For Windows, check out simplewall, it does (almost) exactly that.

https://github.com/henrypp/simplewall



It has built-in support to block Windows Services/Apps/Updates without user interaction.


It uses the windows firewall. Do I trust Windows firewall to block itself? NO!


From the README:

> Keep in mind, simplewall is not a control UI over Windows Firewall, and does not interact in any level with Windows Firewall.

> It works over Windows Filtering Platform (WFP) which is a set of API and system services that provide a platform for creating network filtering applications. Windows Filtering Platform is a development technology and not a firewall itself, but simplewall is the tool that uses this technology.


Even if it was a wrapper over Windows Firewall, why would that make you trust the filtering less? Like even if it was running fully custom ring 0 code, there's still also Windows kernel code running at the same level. Microsoft could make the kernel interfere however they want.


Like how MS ignored the hosts file if you tried to use it to block windows update. Ultimately MS has final say on what you're allowed to do on windows and they can force updates that disable or enable any kind of behavior they want. It's their system.

If you don't trust MS, don't use windows or at least never ever let connect to the internet. In a fight between you wanting to keep your privacy and an OS designed and determined to exploit you for profit, you will always lose.


I'm to the point of getting a separate hardware firewall and putting that between my computer and home network. But when you do that, you won't be able to tie activity back to an application... maybe the new nextgen firewalls can if you install some sort of agent on the computer? Idk....


I briefly experimented with using such an agent to communicate with a separate hardware firewall and found it was not worth the effort for myself and a better solution was just sandboxing anything I don't trust in a VM, since escaping a VM is harder than compromising the local agent to mask the traffic as coming from something else.


I'm using malwarebytes windows firewall control and it does block itself. I'm constantly dealing with Windows 10 crying over defender not being able to update itself and popups that I may have a virus that is blocking defender from calling home.


> It uses the windows firewall.

No:

"simplewall is not a control UI over Windows Firewall, and does not interact in any level with Windows Firewall"


I was referring to the firewall functionality already present in windows, not the GUI called "windows firewall".




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: