How to ban program from using tcp/ip

[Netx]

Using my program written in Visual Basic (.net) I would like to learn how
to prevent application from using Internet. My program is "ftpTest" and it
uses ftp protocol.

I would like to ask how to:
1) disallow this program (ftpTest) from using Internet
2) if possible - how to prevent any new program from using Internet as
"default" behaviour.

I don't wont any program to use Internet without my permition, including any
new "setup" programs that connect to its developers website, informing that
they have just been installed on my host. Under Windows XP I used Outpost
firewall to achieve this. I wonder if Vista Home Premium has that features
built-in (which I couldn't find by myself).

Mark

 

[alexB]

It may not be completely coherent but this is how I would approach the issue
(in C#, but I am sure you've got the same namespaces and classes).

I think it is namespace System.Net.NetworkInformation but I am not clear,
since I am in the process of installing VS2008 right now and cannot open
VS2005 and verify.

You should set up a DataTable with appropriate columns for both TCP and UDP
ports since a lot of stuff is going on in the latter. You should query the
ports (there should be a class in that namespace which I do not immediately
recall that will give you all info you need. I think you use different
methods for TCP and UDP.

You will have to also create a historical table in Sql Server or XBase to
keep the history on who is using your sockets and ports and compare from day
to day.

Once you downloaded and installed a program you should query the ports for
any signs of activity and if a socket is created at the port you can block
the socket.

You can prevent ftp port which is a designated port from being used. There
should be options or you can perhaps create a dummy socket to suck into it.

As I said it is very incoherent but perhaps may help.

 

[DanS]

Using my program written in Visual Basic (.net) I would like to learn
how to prevent application from using Internet. My program is
"ftpTest" and it uses ftp protocol.

I would like to ask how to:
1) disallow this program (ftpTest) from using Internet
2) if possible - how to prevent any new program from using Internet as
"default" behaviour.

I don't wont any program to use Internet without my permition,
including any new "setup" programs that connect to its developers
website, informing that they have just been installed on my host.
Under Windows XP I used Outpost firewall to achieve this. I wonder if
Vista Home Premium has that features built-in (which I couldn't find
by myself).

Wouldn't the simplest solution be to use another third-party firewall with
outgoing monitoring a well ?

I'm still using an old version of ZoneAlarm, v4.x, because it works great,
and is old enough to be JUST a firewall, not a protection 'Suite'.

 

[alexB]

It may not be completely coherent but this is how I would approach the issue
(in C#, but I am sure you've got the same namespaces and classes).

I think it is namespace System.Net.NetworkInformation

You could set up a DataTable with appropriate columns for both TCP and UDP
ports since a lot of stuff is going on in the latter. You should query the
ports (there should be a class in that namespace which I do not immediately
recall that will give you all info you need. I think you use different
methods for TCP and UDP.

You will have to also create a historical table in Sql Server or XBase or
Xml file to
keep the history on who is using your sockets and ports and compare from day
to day.

Once you downloaded and installed a program you should query the ports for
any signs of activity and if a socket is created at the port you can block
the socket.

You can prevent ftp port which is a designated port from being used. There
should be options or you can perhaps create a dummy socket to suck into it.

AuthenticationManager class in System.Net may be a more direct approach. You
can get a strangle on the very path to the system resource manager and
monitor every request by any application.

As I said it is very incoherent but perhaps may help.

Don't use firewalls the other user suggested. Zone Alarm is of questionable
value in my opinion, you cannot force it to do what you intend to do and you
can never be sure if it works in good faith.

 

[DanS]

Don't use firewalls the other user suggested. Zone Alarm is of

questionable value in my opinion, you cannot force it to do what you
intend to do and you can never be sure if it works in good faith.

I did say an *older* version of ZA, because it is just a firewall.

I also don't understand how you say it does not work exaclty as the OP
wanted, as that IS exactly how it works.

Any program that wants to acces the internet is stopped until you say it's
OK this time, it's not OK, or it's always OK. And that is the default
behavior for new programs that have never accessed the internet before.
Hell, it even knows if the program doing the accessing has changed since it
last accessed the internet and flags that as a 'new' program also, which
needs permissions as well.

 

[Netx]

"DanS"

Wouldn't the simplest solution be to use another third-party firewall with
outgoing monitoring a well ?

I think yes. The only problem is that all 2 good firwalls that I know about
are: Outpost and Kaspersky. Unfortunately AFAIK they have to be paid each
year for subscription, wich is hard to accept for me.
I wonder if there are "no annually paid" firewalls with capability to block
outgoing traffic and reasonable quality?

I'm still using an old version of ZoneAlarm, v4.x, because it works great,
and is old enough to be JUST a firewall, not a protection 'Suite'.

I have just visited http://www.zonealarm.com and I think there is no v4.x
still available to download. I will perhaps try out "ZoneAlarmR Firewall
Free Version": "Basic Version".

Thanks for support,
Mark

 

[DanS]

"DanS"

I think yes. The only problem is that all 2 good firwalls that I know
about are: Outpost and Kaspersky. Unfortunately AFAIK they have to be
paid each year for subscription, wich is hard to accept for me.
I wonder if there are "no annually paid" firewalls with capability to
block outgoing traffic and reasonable quality?


I have just visited http://www.zonealarm.com and I think there is no
v4.x still available to download. I will perhaps try out "ZoneAlarmR
Firewall Free Version": "Basic Version".

Interesting, the free version. See, like I said it's an older version I
use because it is strictly firewall only. I've had it for a long time.
Once many of the security programs went full protection 'suites', most of
them became bloated, sometimes unstable, and many you have to go to
ungodly measures just to get rid of it completely.

Since I haven't been to the ZA website in a while, I hadn't known they
had a freebie firewall available....which says it is a basic incoming and
outgoing firewall.

It's at least worth a look I'd think. Thanks for letting me know about it
also.

Regards,

DanS

 

[CB]

"DanS"

I think yes. The only problem is that all 2 good firwalls that I know about
are: Outpost and Kaspersky. Unfortunately AFAIK they have to be paid each
year for subscription, wich is hard to accept for me.
I wonder if there are "no annually paid" firewalls with capability to block
outgoing traffic and reasonable quality?


I have just visited http://www.zonealarm.com and I think there is no v4.x
still available to download. I will perhaps try out "ZoneAlarmR Firewall
Free Version": "Basic Version".

Thanks for support,
Mark

Netx,

I haven't tried the new free ZoneAlarm firewall so I can't comment on
it. I used the old ZoneAlarm firewall for many years and was fully satisfied
with it.

I think you would be happier with the free Comodo. You get the same
alert level, if desired, and it is much easier to use.

Have a nice day.

C.B.