Most minimalinstallpossible , third party firewalls?

TairikuOkami said:

My kind of a man. I am happy to say, that I have tamed the beast the way I like it. There are some consequences, like removing Cortana crippled Start and such, but I can live without that.

In my view, disabling web search for Cortana is sufficient enough, at least for the Pro version. In which case, the search shows this:



The app history confirms that Cortana does not connect to the web:



The local search is integrated with Cortana and while I have not tried removing Cortana, it's probably slows down local searches considerably.

TairikuOkami said:

I use Windows Firewall. I do not have any Windows process allowed to connect. No leaking, as far as I can tell.

I have not seen leaking either with Windows firewall, albeit, I do have Windows Firewall Control interface overlay to manage the firewall rules. Its logging feature and the capability of changing the firewall rule just by right-clicking on the log entry sold me on this free interface for the Windows firewall.

TairikuOkami said:

Binisoft has been bought by Malwarebytes, so it is time to look for something else.
Simplewall on GitHub is pretty similar or Sphinx WFC, but its free version is useless.

Thanks for the tips...

About Malwarebytes purchase of Binisoft... here goes the neighborhood...

And not to worry—we will maintain, support, and keep Binisoft products free for everyone in the short term.

Source

And after the "short term" is over, don't see any reason why it cannot continue to work. Especially, if the WFC updates are disabled/blocked. While I do have couple of licenses for Malwarebytes, they are not used; Malwarebytes slowed the system down too much for my preference...

There is absolutely nothing wrong with Windows Firewall - it works perfectly well and does what you tell it. The only issue is it doesn't block outgoing by default but all you have to do is turn it on. And then spend months whitelisting stuff when something or other doesn't work.

Most "third party" firewall are just wrappers for Windows Firewall anyway.

@TairikuOkami has good scripts for this or there is a thread on MDL which is even more extreme (by which I mean painful to use). If your issue is you don't even trust the OS and think it might be bypassing the firewall settings then perhaps you need another OS. I tried that (using Linux) but then my ISP switched to IPv6 and I can't figure out how to set rules for that in iptables at all. I'm sure it is just lack of knowledge on my part but IPv4 seemed easy in comparison.

vgkfan83 said:

I disable the Windows Firewall completely, since my router has one built in.

Probably only for incoming connections though.

Just for your interest, MacOS has firewall disabled by default, the theory being that the home router will protect you. Some Linux distros do too - seems to be who they are aimed at.

What you can get is something like LittleSnitch (or AFWall+ on Android) which will automatically block outgoing connections. Would be nice if there was something like that on Windows but in any case it takes months setting up your whitelist however you are prompted.

I think the Router Firewall and Windows Firewall (3rd Party or Defender) are not the same level of service.
The router firewall monitors the state of the network and provides address translation to keep your network traffic hidden from the outside world seeing it.
The OS firewall prevents unwanted software from using your computer to access the network.
So you still need the host software firewall, even if you have a network firewall.

iko22 said:

The OS firewall prevents unwanted software from using your computer to access the network.
So you still need the host software firewall, even if you have a network firewall.

That was my understanding. However any OS I install doesn't care about outbound. Windows (outbound unrestricted), MacOS (Firewall turned off), Some Linux (rules not even defined and I have to type them in), Some other Linux (results variable as iptables might be pre-populated) but by default nothing cares about outgoing connections.

Your home router will block incoming (unless you enable UDP and you then basically ballsed that up almost deliberately) but unless you tie it down on the PC anything is allowed to go out.

I could be utterly wrong - I'm a programmer not a network guy so my knowledge is pretty limited but I tie down network access on my VMs even at home.

lx07 said:

Probably only for incoming connections though.

Just for your interest, MacOS has firewall disabled by default, the theory being that the home router will protect you. Some Linux distros do too - seems to be who they are aimed at.

That's one reason...

The other is that standard installation of the macOS system doesn't have such potentially vulnerable services listening by default. As such, it doesn't need a tacked-on firewall to help protect such vulnerable services from being attacked. Nonetheless, on my MacBook Pro, the firewall is enabled since it may connect to untrusted wireless networks.

lx07 said:

What you can get is something like LittleSnitch (or AFWall+ on Android) which will automatically block outgoing connections. Would be nice if there was something like that on Windows but in any case it takes months setting up your whitelist however you are prompted.

Actually, there is...