Question About Bd Firewall Etc.
Hi,
I have just re-installed BD IS 2014 from a previous install I did which did not go very well. I had to recover a system image without it. Moving forward, I noticed that when I set "DENY" in Application Rule an outgoing connection is still established.
Even-though I have set a program to be denied connection(both outgoing/incoming) the connection still is allowed. PotPlayer and GOM Player are allowed. See images below.
BD Firewall General Rules
PotPlayer settings
PotPlayer conceted to Remote Address 110.45.215.113
GOM Media Player settings
GOM Media Player connected to Remote Address 64.19.142.11
GlaryUtilties settings
GlaryUtilties connection to Remote Address 54.230.87.44
When I checked the firewall logs yesterday I saw that there was a connection that was allowed by BD firewall for Glary Utilties upgrade.exe. There was an existing DENY rule for it. See image below.
Also with Glary Utilities Integrator.exe, the rule is DENY. See images of integrator.exe with connections established without logs in the firewall events.
Are the rules correct?
I believe if I set either "a" or "b" rules below any connection would be denied correct?
(a)
Local Address: Any
Remore Address: Any
Network Type: (Check) Untrusted
Events: (Check all) Listen / Traffic / Connect
Protocol: Any
Direction: Both
IP Version: Any
Permission: DENY
(
Local Address: Any
Remore Address: Any
Network Type: (Check all) Trusted / Home/Office / Public / Untrusted
Events: (Check all) Listen / Traffic / Connect
Protocol: Any
Direction: Both
IP Version: Any
Permission: DENY
There is also a pop-up when I tried to launch Glary Utilities as seen in the image attached. That pop-up is supposed to be for the free version which I had previously. But it should not have displayed because I recently changed from free to pro version.
Is there a way to block that pop-up in BD firewall?
Comments
-
I'd like to add also that I am in Paranoid Mode but I rarely see a pop-up. I only saw one when I downloaded the BD Uninstall tool via FDM(freedownload manager) but had failed to get a snapshot. I tried to download again but the pop-up was gone.
0 -
Try resetting the rules for applications.
0 -
Try resetting the rules for applications.Have you also tried restarting after you set the firewall rules?
Thanks for the reply Rampant. I did reset the application rules and started from scratch but it was still the same. The images I posted was after I started from scratch.
Yes I restarted after starting from scratch.
Actually, this is the second time I experienced this as this is a second trial of me using BD IS 2014.
Is there anything that I should check further?0 -
Yesterday I remade all the Application rules and started from scratch again. Checked if the DENY rule was working on all the examples. It seems to be but I see that for Kingsoft products wpp.exe / wps.exe and et.exe connections are established and then it disappears. I can't verify if this is "blocked/denied" after it seemed to have connected or not. I see in Process Hacker>Network that the .exe's connect and establishes connection and then for a couple of seconds they vanish. There are no logs that I can check if the action has been really blocked or not as the firewall events does not show it there.
That behavior is different with PotPlayer / GOM Player. The connection stays there much longer. PotPlayer connection will vanish after 20-30sec approx but GOM stays there until it closes.
I also have an issue which I posted in another topic about IP Range. I tired to block an IP Range but it seems that the DENY rule is not working as the URL still gets connected, http://forum.bitdefender.com/index.php?showtopic=535200 -
Yesterday I remade all the Application rules and started from scratch again. Checked if the DENY rule was working on all the examples. It seems to be but I see that for Kingsoft products wpp.exe / wps.exe and et.exe connections are established and then it disappears. I can't verify if this is "blocked/denied" after it seemed to have connected or not. I see in Process Hacker>Network that the .exe's connect and establishes connection and then for a couple of seconds they vanish. There are no logs that I can check if the action has been really blocked or not as the firewall events does not show it there.
That behavior is different with PotPlayer / GOM Player. The connection stays there much longer. PotPlayer connection will vanish after 20-30sec approx but GOM stays there until it closes.
I also have an issue which I posted in another topic about IP Range. I tired to block an IP Range but it seems that the DENY rule is not working as the URL still gets connected, http://forum.bitdefender.com/index.php?showtopic=53520
I am having exactly the same issue. I block a programs internet connection to "DENY" however the programs can still access the internet. I also did restart the computer, did not work. I think this is a bug about the firewall which is very annoying.0