TinyWall - darmowy firewall
Poprawki...poprawki...kolejne "bety"...opóźnienia...i jest od wczoraj stabilna wersja 2 Smile Sporo zmian, a sam Ultim o nowej wersji pisze w ten sposób
Cytat: I''m pretty excited so I''m just going to take a deep breath, close my eyes and say it bravely...


It came 3.5 months later than I originally planned, but frankly, I''m glad it did. I mean, there was a good reason for the delay, many bug fixes, new features, redesigns and so on, and all this good stuff wouldn''t have gone into 2.0 if I had been "punctual". Of course, it''s all thanks to you. I mean the whole community, this forum, other forums, the e-mails I received and many other people that have unwaveringly tested and reported issues and wishes. And I cannot stress enough how thankfulll I am to all of you. Because 1.0 of TinyWall has been downloaded over 36.000 times, and this is not even counting all the sites that worked around my download-counting link! So thank you, and I especially thank the community on this forum, being the most helpfull of all.

Now that I managed to hype up all of you, I must admit there is not much new in this release IF you were already using the latest beta. But it does fix the most recently reported connectivity issue when KB2688338 is installed (which is pretty important), it improves a bit on accessability and there is also a French translation thanks to EboO. Additional languages are gonna pop up in future updates (German and Hungarian were promised too, but I''m still waiting for them). But, and a big but, FYI and for all who didn''t follow the development process, here is a nice and complete list of all the new features and enhacements in 2.0 compared to version 1: -http://tinywall.pados.hu/docs/whatsnew.html-

So, you might be asking, what''s next? I guess as more people start using 2.0, some minor issues will pop up, so I''m gonna wait and see first, and fix them in small incremental updates like I did with the first version. Then once things are calm, I''ll start working on the next major update. Because, just to let you know, I''m still full of ideas and I have lots of fun things on my mind that didn''t make it into 2.0. What will it be called? 2.1? 3.0? Who knows, but TinyWall will keep on improving.

http://www.wilderssecurity.com/showthre ... 39&page=19
Natomiast lista wszystkich zmian anonsowana na stronie programu - poniżej...jest naprawdę spora Smile
Cytat: What''s new in TinyWall
Version 2.0

TinyWall 2.0 incorporates a wide range of new features, many which has been requested by the user community. All aspects of the application are improved, including security, user friendliness, compatibility, performance and stability. Enhancements and new features of TinyWall 2.0 include:

*Easier first-time setup. The search for most recognized applications has become blazing-fast and TinyWall will automatically whitelist known and trusted applications when starting for the first time.
*Added new learning mode. In this mode TinyWall will observe what applications use the internet and how, and remember them in normal mode. Setting up complex applications or a freshly installed system becomes a piece of cake. Just start learning mode, use the applications, then switch back to normal mode.
*A greatly rewritten firewall exception dialog. No more confusing profiles, only a streamlined and simpler interface and a direct possibility to manually specify ports.
*The ability to restrict applications, one by one separately, to the local network.
*TinyWall 2.0 installs and uninstalls like any other application. By common request it can now be removed from the Control Panel.
*Better support for built-in Windows features. TinyWall 2.0 can now be expected to work well and be compatible with Windows Networking, Remote Desktop, Remote Assistance and other network-related Windows features.
*Easier whitelisting of complex applications by recognizing related files. If an executable needs additional files whitelisted to work correctly, TinyWall will automatically notify and offer you to whitelist those files when you try to unblock it.
*Domain blocklist support. Implemented by installing a custom hosts file, this feature will keep you safe from many malicious websites and increase your browsing speed by blocking trackers and ads. This feature is disabled by default and needs to be turned on explicitly. TinyWall will keep the hosts file updated to ensure you always get the latest protection. (Currently the MVPS hosts file is used.)
*Hosts file protection. A common web-related attack by malicious code is redirecting the user to fake sites to phish data or install further bad code. TinyWall will lock the hosts file to ensure its protection and prevent malicious redirection using the hosts file.
*Mouse picking of windows with higher privileges. In v1 when TinyWall''s controller was not running elevated, it was impossible to whitelist another application that is running with admin rights by mouse picking (by window). You either needed to use a different method or you needed to elevate TinyWall too. TinyWall 2.0 allows you to whitelist most admin applications by window without having to elevate TinyWall itself.
*Saving of settings without breaking existing connections. TinyWall will no longer break existing TCP connections when applying firewall settings.
*New updater system. The updater now supports updating not only the application, but also the data components separately. It will naglessly keep your hosts file (if enabled) and the recognition database up-to-date without you having to install new versions of TinyWall.
*Traffic rate monitor. This is a feature in the form of a tray menu entry that will always tell you the current total download and upload rate of your computer.
*Connections window shows blocked applications. The Connections window will now optionally show you what the firewall has blocked recently, and a right-click menu allows you to either unblock or close processes. Even multiple at once.
*Increased performance. Reorganized code and a parallelized load process make TinyWall 2.0 start much faster than earlier versions and firewall settings take less time to apply.
*Remember the last used firewall mode. TinyWall 2.0 saves the firewall mode between reboots (with the exception of the Disabled and Learning modes, which will not be remembered).
*Digitally signed applications executables. All binaries shipped by TinyWall are signed using a recognized digital certificate. A digital certificate assures users that the author is no fictional person and it will identify all software releases coming from me. It means that as long as Windows is telling you that TinyWall has been published by "Károly Pados" and that it is valid certificate, you can be sure that the TinyWall you have downloaded really is from me and that it has not been compromised by others since its release.
*Localizability. The interface in 2.0 can be translated to other languages, as of 2.0 a French translation is included in the distribution.
*Improved support for accessability, keyboard navigation and screen readers.
*Support for running in a virtualized environment.
*Support for quickly filtering the list of application exceptions. Makes it a breeze to search for something in a long list.
*From the Connections window, you can easily initiate searches for processes on VirusTotal, ProcessLibrary and Google.
*Support for Windows 8 (tested on CTP) and .Net Framework 4.

"Bezpieczeństwo jest podróżą, a nie celem samym w sobie - to nie jest problem, który można rozwiązać raz na zawsze"
"Zaufanie nie stanowi kontroli, a nadzieja nie jest strategią"
Czy ktoś się orientuje jak dodać numery IP do blacklist''y w tym programie? Czy musi być odpowiedni plik stworzony/dodany do katalogu z programem? Czy bazuje na pliku hosts?

[Obrazek: NVZiH.png]

Edit: Ech pospieszyłem się, niesprawdzając Wink

Domyślnie używa listy MVPS HOSTS nadpisując plik hosts Smile
KIS2020, MBAM1.75, HitmanPro, Eset Online, FF_WF+uBlock, MBAE1.12, ZAM3

Po ponad roku ukazała się nowa wersja 2.1.0
Lista zmian:
Cytat: 2.1.0 - Major release (04.07.2013.)
- Proper and official Windows 8 support
- Add ability to disable global hotkeys
- Properly validate binary certificate of whitelisted applications
- Remove network zone support, it mainly caused confusion
- Don''t show half-constructed Manage window while loading it
- Make list in Processes and Services windows sortable
- Allow batch Remove of application exceptions in GUI
- Fix: Add Firewall Exception window now allows rules for "System" to be saved
- Fix: If cannot add a firewall rule, log details and keep service running instead of crashing
- Fix: Crash when trying to merge rules where at least one is not fully specified
- Fix: Crash when Modifying exception that has "No restrictions" set
- Fix: Connections window for open/listening ports might miss entries
- Fix: Unable to whitelist some services due to bad parsing of ImagePath property
- Fix: Wrong installation of Portuguese localization
- Fix: Failed to get file path of privileged window due to inverted condition
- Fix: Avoid double-shutdown of service on machine shutdown
- Fix: Unable to add rule in service due to short path notation
- Add Dutch, German, Hungarian, Spanish and Russian translations. Update Portuguese.
- Reduce disk space used by localizations by appr. 41%, for icons by 30%
- Controller app and Connections window load faster
- Improve security of communication between service and controller
- More robust communication between service and controller
- Show timestamps in Connections dialog
- Support for multiple controller instances
- All binaries are now cryptographically timestamped
- Precision traffic meter
- Updated application database

Wersja 2.1.2
Cytat: 2.1.2 - Maintenance release (06.07.2013.)
- Fix: Could not install TinyWall.XmlSerializers.dll on some systems

2.1.1 - Maintenance release (04.07.2013.)
- Fix: When asking for permission to whitelist related files, app name is left out

Spora lista zmian do nieco zapomnianej zapory
Cytat:Hi All, I''m checking in again to announce the release of TinyWall 2.1.5! As usual it took long, but as a kind of compensation, there are a whole bunch of fixes to remediate most issues, and even some new features. Here is a detailed list of changes, and as usual, let me know if anything''s wrong.

2.1.5 - Maintenance release (12.10.2014.)
- Support for Window Update in Windows 8.1
- Add support for whitelisting executables on remote network shares
- Increase service robustness by dry-run testing new rules before save
- Allow selecting multiple processes when initiated over tray menu
- Add uninstallation protection
- Fix: Service crashes if backup of hosts cannot be found
- Fix: If local network traffic is allowed, local broadcasts are still blocked
- Fix: Connections window crashes if endpoint IP cannot be determined
- Fix: Under some circumstances, controller commits new settings even if rejected by service
- Fix: Wrong error message is shown if user tries to change mode while locked
- Fix: Tray shows out-of-date lock status after service locks due to timeout
- Fix: Tray GUI needs restart after service locks due to timeout
- Fix: Service crash after merging a wildcard and a non-wildcard port rule
- Fix: Hosts file not automatically updating
- Preliminary Italian translation and other localization updates
- Updated application database
http://www.wilderssecurity.com/threads/ ... st-2416755
"Bezpieczeństwo jest podróżą, a nie celem samym w sobie - to nie jest problem, który można rozwiązać raz na zawsze"
"Zaufanie nie stanowi kontroli, a nadzieja nie jest strategią"
Kolejna wersja i lista zmian do niej
Cytat:2.1.6 - Maintenance release (06.01.2015.)
- Windows 10 (TP) compatibility
- Add color-coding to Application Exceptions list
- Faster loading of Manage and Processes windows
- Fix: GUI crashes when process list is cancelled
- Fix: Printer sharing doesn''t create rule for spoolsv.exe
- Fix: Two rules can get incorrectly merged
- Fix: TinyWall loses its settings under specific circumstances
- Updated Brazilian Portuguese translation
- Add Chinese translation
http://www.wilderssecurity.com/threads/ ... st-2444509
"Bezpieczeństwo jest podróżą, a nie celem samym w sobie - to nie jest problem, który można rozwiązać raz na zawsze"
"Zaufanie nie stanowi kontroli, a nadzieja nie jest strategią"
Czy może mi ktoś pomóc bo nie mogę znaleźć informacji na temat czy TinyWall ma funkcję ukrywania komputera w sieci taką jak PrivateFirewall (Stealth Mode – PC is invisible when online and stealth to potential intruders) czy ZoneAlarm Free (Two-way Firewall - Makes your PC invisible to hackers and stops spyware from sending your data out to the Internet.)
(26.05.2015, 12:21)Andy napisał(a): Czy może mi ktoś pomóc bo nie mogę znaleźć informacji na temat czy TinyWall ma funkcję ukrywania komputera w sieci...

Wygląda, że ma funkcje ukrywania...Neil Rubenking na Pcmag.com

Cytat:It's no surprise, then, that TinyWall correctly put all of the test system's ports in stealth mode, making them invisible to outside attackers.

Całość recenzji
"Bezpieczeństwo jest podróżą, a nie celem samym w sobie - to nie jest problem, który można rozwiązać raz na zawsze"
"Zaufanie nie stanowi kontroli, a nadzieja nie jest strategią"
Dzięki Ichito za odpowiedź Smile
Punkt reputacji za linka do recenzji przyznany
Autor na Nowy Rok zrobił prezent i opublikował nową wersję - 2.1.7 - i zapowiada kolejną wersję ze sporymi usprawnieniami.
Cytat:Hi again everybody! I'm very excited, but first let me just start by noting the release of 2.1.7. Nothing major this time so no need to rush, though depending on your monitor+resolution, the added HighDPI-support might come in handy. Of course you might also like the new localizations depending on where you're from. Oh, before I forget, the changelog:

2.1.7 - Maintenance release (04.01.2015.)
- Fix: GUI freezes if Application Finder is closed while scan is running
- Added DPI-awareness (fixes blurry GUI with desktop scaling)
- Add Polish and Turkish localizations
- Updates to Spanish, French, and Brazilian Portuguese translations
- Application database updates

Boring? You decide. The small number of fixes (errm... 1?) is certainly an indication that I haven't received any valid/reproducible bug reports, which, I guess, is good. But 2.1.7 is not why I am excited.

I've been quietly working on the next major version of TinyWall (and just tossed out 2.1.7 to make the wait more tolerable). I'm excited because 1) I've recently reached a major milestone where I can guarantee that the new technology will be able to provide at least feature-parity with the current version, and because 2) I've decided this is a good time to make it public at all that I am working on such a thing. And if you think "this is great, but the info's a bit vague", then yes, that's on purpose [Obrazek: clear.png] . Call it building a bit of hype, if you want. Anyway, this time it won't be just GUI fixes [Obrazek: clear.png] . I'll resurface again when there's something to test. Until then, the takeaway of the story is that the lack of updates sometimes does mean something good.

"Bezpieczeństwo jest podróżą, a nie celem samym w sobie - to nie jest problem, który można rozwiązać raz na zawsze"
"Zaufanie nie stanowi kontroli, a nadzieja nie jest strategią"
Kolejna wersja 2.1.8 skierowana bardziej dla użytkowników Windows 10...lista zmian i komentarz autora poniżej
Cytat:2.1.8 - Maintenance release (10.03.2016.)
- Fix: Potential GUI crash when whitelisting by window
- Fix: GUI crash if copying to clipboard which is in use by another app
- Fix: Connections form GUI scaling issue in German localization
- Workaround for performance issue in Windows 10
- Atomic file updates to reduce chance of lost settings in case of file system corruptions
- Handle some more possible errors on uninstallation
- Add Czech localization, and Spanish update
Juhuuu, it's a new update! And due to the Windows 10 thingy in there, I strongly recommend you to install it (well, at least if you're on W10 or planning to upgrade to it). Well, I actually recommend you to install 2.1.8 either way [Obrazek: clear.png] As usual, the new version will be available over the automatic update mechanism with a few days delay, but you don't want to wait for it, do you?

I've also got some other things to announce, I'll try to keep it short, if I manage that, it'll be totally unlike me.

First, I decided I will release a 2.2 that will serve as a migration path to the next TinyWall generation I am working on. That means, you should be able to upgrade to 2.2 and then to whatever comes after that without having to reconfigure your TinyWall. However, a direct upgrade from 2.1 to post-2.2 (skipping 2.2) will not be supported. This is so that I can remove legacy and compatibility code from newer versions. 2.2's purpose will be mainly just that. No big things on the front, just internal changes with only a small number of user-visible effects. There are only a few things left on my todo-list before I can publish a first release, unfortunately recently I haven't been able to spend too much time on TW, but let's hope this does not keep up too long.
"Bezpieczeństwo jest podróżą, a nie celem samym w sobie - to nie jest problem, który można rozwiązać raz na zawsze"
"Zaufanie nie stanowi kontroli, a nadzieja nie jest strategią"
muszę przyznać że ciekawy ten FW -prostota i lekkość Smile narazie współpracuje z 360TSE oraz Zemana...
ciekawe czy dodadzą wyskakujące okienka z opcją dopuszczenia do sieci lub tez nie...? było by łatwiej... choć może i lepiej bo niektórzy z przyzwyczajenia klikną na "tak" jak coś nie działa... bo po co przeczytać komunikat...
Security: Webroot SecureAnywhere + Zemana AL + do przeglądarki plugin: Bitdefender TrafficLight
Nie sądzę, żeby coś się zmieniło w kwestii alertów...TW właśnie dlatego domyślnie blokuje dostęp do sieci wszystkim nieznanym (nieokreślonym przez użytkownika) procesom, by m.in:
- uniknąć dylematu użytkownika "zezwolić czy zablokować", co czasem może nie być takie oczywiste zwłaszcza dla kogoś z mniejszym doświadczeniem
- użytkownik sam świadomie dopisywał do listy zezwolonych tylko te procesy, które potrzebuje czy którym ufa
Białe listy w przypadku zabezpieczeń jak zapory czy wszelkiej maści monitory/blokery stają się coraz skuteczniejszą, bo coraz powszechniejszą bronią, choć takie rozwiązanie to nic nowego. Jest coraz trudniej wykrywać to, co szkodliwe...a przy tym bardzo łatwo w porównaniu z tym określić to, co zaufane i konieczne.
"Bezpieczeństwo jest podróżą, a nie celem samym w sobie - to nie jest problem, który można rozwiązać raz na zawsze"
"Zaufanie nie stanowi kontroli, a nadzieja nie jest strategią"
O matko,
ledwie zainstalowałem i już klops.

Stara Opera działa, jak widać wchodzę do internetu, ale FF jakby zablokowany, choć był domyślnie uznany za zaufany.
Nie czaję.
W ustawieniach wyjątków Opera i FF mają tak samo, ale nie działa.

Jakiś samouczek tiny jest polecany? OA wróć...
(25.03.2016, 15:15)korbennn napisał(a): O matko,
ledwie zainstalowałem i już klops.

Stara Opera działa, jak widać wchodzę do internetu, ale FF jakby zablokowany, choć był domyślnie uznany za zaufany.
Nie czaję.
W ustawieniach wyjątków Opera i FF mają tak samo, ale nie działa.

Jakiś samouczek tiny jest polecany? OA wróć...
włącz tryb nauki, uruchom FF i jak połączy się z netem wróć na tryb normalny....
Security: Webroot SecureAnywhere + Zemana AL + do przeglądarki plugin: Bitdefender TrafficLight
Nic to nie dało, próbowałem ładnych kilka razy. Może jeszcze spróbuję na czystym systemie, bo teraz mam po odinstalowanym OA, niemniej nie fajnie się zachował.
Wracam do tej zapory, bo lubię i często polecam ten soft jako niemal bezobsługowy po wstępnej konfiguracji. Poniżej screeny z ustawień, które ja stosuje w tej zaporze...nie żebym ją używał na co dzień, bo "na co dzień" to oznacza u mnie kilka dni ewentualnie tygodni Smile...ale takie właśnie zawsze ustawiam po jej zainstalowaniu.
Pokazuję 3 najważniejsze zakładki i tak:


W ustawieniach głównych wyłączam automatyczne aktualizacje...to nie jest AV, żeby mi każdego dnia sprawdzał, czy jest aktualizacja, a sam wolę sprawdzać takie rzeczy samodzielnie na stronach producenta. Ponadto włączam filtrowanie szkodliwych treści mimo, że podobne filtrowanie jest w przeglądarce...ale pamiętać trzeba, że nie tylko przeglądarka może się z siecią łączyć Smile


Odnośnie reguł dla aplikacji - TW ma kreator, który wykrywa aplikacje do ewentualnej zgody na połączenia sieciowe, ale z używanych przez mnie dostaję na liście tylko Firefoxa, więc nie sugeruje się tym narzędziem. Co do reguł - w tej zakładce ustawiamy naszą listę zezwoleń i blokad dla aplikacji i tylko te zezwolone będą mogły się z siecią łączyć (poza tymi w zakładce z wyjątkami)...reszta aplikacji rezydujących w systemie będzie domyślnie blokowana.
Jak widać na obrazku poza drukarkami i aktualizacjami systemu, mam zablokowane wszystkie procesy typu systemowa poczta, komunikator, składniki pakietu Live. Ni używam, więc nie widzę powodu do ich aktywności w sieci...nawet potencjalnej ze względu na istniejące odkryte i nieodkryte podatności w tych aplikacjach.
Procesy do białej listy dodawać można na trzy sposoby - proces aktywnego okna, z listy aktywnych procesów i ze wskazania konkretnego pliku wykonywalnego...wszystko działa bardzo szybko i łatwo, najczęściej stosuję dodawania z listy procesów.


W zakładce wyjątków specjalnych nie zmieniam nic - na obrazku jest ustawienie fabryczne - ponieważ nie współdzielę zasobów ani nie stosuję żadnych rozwiązań zdalnych.

I to wszystko Smile
"Bezpieczeństwo jest podróżą, a nie celem samym w sobie - to nie jest problem, który można rozwiązać raz na zawsze"
"Zaufanie nie stanowi kontroli, a nadzieja nie jest strategią"
Nieco ruszyło się w temacie zapory i mamy kolejny build w wersji beta

Cytat:When I started working on TinyWall3 long ago (before my long pause), I got *very* far. So far, that a week ago when I again dug deep into the code, I was surprised how many things were already done and relatively clean. As a result, I've been very active the past week, working on TW3 almost every evening and basically through the weekend, and now I have a beta build. This build contains some huge internal changes, and there are probably regressions. This is the point I've been working up to to start gutting out the service core and finally replace Windows Firewall with a direct interface to the Windows Filtering Platform, which I've announced back in 2016, and I have great hopes it will solve most of the known annoyances of TinyWall. Note though, this build still builds on top of Windows Firewall, and at best it only has feature parity with 2.1 (minus the regressions). But if all goes well, the *next* beta release will build on top of WFP. I have already completed my WFP library/interop layer in 2017, so if this build is relatively solid, all I need to do is swap out the current parts for it.

Anyway, a few important notes:
- This is a beta build for testers. Don't install it in the hopes that you will get the cool features earlier, because they aren't there yet. This is all preparatory work for the new stuff.
- The settings and database formats have changed. Export your settings before installing the beta so that you can re-import them again when you switch back to the current stable release.
- Some of the built-in rules have changed. If you're on pre-Win10, please provide feedback if the special exceptions still work and do their job correctly.
- This release is not digitally signed on purpose. Only official stable releases will be signed.

Click here for beta download link
"Bezpieczeństwo jest podróżą, a nie celem samym w sobie - to nie jest problem, który można rozwiązać raz na zawsze"
"Zaufanie nie stanowi kontroli, a nadzieja nie jest strategią"
Informacja na temat nowej wersji 3 - w tym wydaniu autor wyraźnie pokreślił brak wsparcia la Visty i systemów 32-bit. To niestety ogranicza grupę zainteresowanych użytkowników...tak myślę.

Cytat:Here is a new test build of the latest development snapshot. I thought this is a good time to make one, because IMHO this version is pretty solid and yet also contains many of the new features – so you have a very good incentive to try it out [Obrazek: clear.png]

This is the first release of TinyWall that does not require Windows Firewall anymore. You need not disable it (in which case just leave it in its default configuration), but it doesn’t matter much. Starting with this release, TinyWall is no longer just a GUI for the default Windows firewall, but instead it communicates directly with the filtering layers in the kernel. This huge change is what made most of the firewall improvements in the changelog below possible at all, while also bringing several security and performance advantages. But maybe most importantly, it allowed me to finally get rid of TinyWall’s annoying quirks that we all had to live with until now.

You should be able to do everything and more in this build that you can do in TinyWall 2.1. Still, this release is not feature-complete, so expect more new features to pop up before TinyWall 3 final comes out. But first I need a broader test to solidify the groundwork. So please help with the testing, assuming you don’t bump into any major issues, it’ll be worth it [Obrazek: clear.png]

Want to help? Here’s the download link.

And here’s the changelog:

Firewall technology improvements:
- Rebuilt firewall on top of Windows Filtering Platform
- Full support for File and Printer Sharing and Network Browser
- Raw and promiscuous socket filtering
- Apps are no longer disconnected when firewall reloads
- Connections window need not be open to register blocked applications
- Multicast support for local network firewall rules
- Support for machine-global exceptions

Installer improvements:
- Install location can be customized
- Warning about remote installations during setup
- Slightly modernized installer look

GUI improvements:
- Automatic app recognition for drag&dropped files
- Manual app detection gives instant first results
- Live update of traffic rate in tray menu
- Processes window remembers size
- Much improved loading time of the Processes window
- Don't list duplicate processes in Processes window

General reliability improvements:
- Atomic saving of configuration
- Reduced probability of failed whitelisting attempts
- Fix: Don't leave locked files on service exit
- Fix: Race condition between update check and service message loop

Deprecation notes:
- Windows Vista no longer supported
- 32-bit systems no longer supported

Features disabled in the test build:
- Binaries are not digitally signed
- Automatic updates are disabled
"Bezpieczeństwo jest podróżą, a nie celem samym w sobie - to nie jest problem, który można rozwiązać raz na zawsze"
"Zaufanie nie stanowi kontroli, a nadzieja nie jest strategią"

Użytkownicy przeglądający ten wątek: 1 gości