This is a draft. Please tell me if it works for you. I tested on Win 8.1 with the Hammerfight v1.004 game.
About Steam
Steam is a game environment consisting mainly of
[ol]- a program Steam.exe located in the main steam directory that is used to run game programs from another directory, and another SteamService.exe located in another directory which is used to run games needing admin permissions and Steam and games installers
- these games may be unknown to CIS and may use unusual hacks, and/or virus-like behavior to gain performance
- the steam executables and some games need incoming as well as outgoing connections for some tasks, and which themselves exhibit some unsual behavior and have been mistaken for viruses
- Several other special purpose executables in various directories[/ol]
Using it with CIS is problematic both for the above reasons and because games are usually run full screen, and may suppress Alt-Tab and so CIS alerts may not be received or accessible. Also games may lock themselves into full screen mode so that they are impossible to navigate away from to answer alerts without closing the program which may be impossible is frozen by CIS.
As a consequence unusually permissive settings are required to run Steam, settings that assume all games are trusted. An alternative for those unwilling allow such access is to run games in Windowed mode (if permitted) when first run, unsandbox executables from sandbox notifications and watch for and allow other alerts with ‘remember settings’ on. This will not always work as access required may depend on the level you reach within the game. A compromise between these approaches for people running with HIPS on and in custom firewall mode has been suggested by Clockwork here and here. You could of course also use game mode, or training mode in different CIS modules. But that puts the whole computer into a permissive mode and so is even less secure than the permissive Steams-specific settings suggested below. However game mode may be an advantage if maximum performance is needed at the expense of security.
Permissive settings for Steam
The following settings assume that the Steam Games you run are not malware, and neither they nor the directories that contain them are infected by malware. Please note that the settings will pose a security risk if this is not correct.
The referred to below will normally be C:\Program Files (x86)\Steam on 64 bit systems and C:\Program Files\Steam on 32 bit systems, unless you have changed it.
A. If Anitvirus and the Firewall are enabled, which they are by default, do the following:
[ol]- Set Firewall Tasks ~ Stealth ports into alert mode
- In Advanced Settings ~ Firewall ~ Applications settings, add * and apply the Allowed Application policy to it.
- In Advanced Settings ~ Antivirus ~ Excluded Paths and Excluded Applications add the folder *
- In Advanced Settings ~ Defense + ~ Behavior Blocker exclude the same folder from Buffer Overflow Protection[/ol]
B. If you are using the Behavior Blocker which is on by default, do the following:
[ol]- In Advanced Settings ~ Defense + ~ Behavior Blocker ~ Exclusions add \Steam.exe and \bin\SteamService.exe, and tick exclude child processes[/ol]
C. If you are using HIPS, which is off by default in the default IS config, but on in proactive config. do the following:
[ol]- In Advanced Settings ~ Defense + ~ HIPS ~ Application rules apply the Installer/Updater policy to \Steam.exe and \bin\SteamService.exe
- If running in paranoid mode, apply the ‘Allowed Application’ policy to all Steam executables in and \bin[/ol]
Then: restart the computer
These settings should deal with the vast majority of games. However if you get problems double check the Firewall Stealth settings are set to alert inbound connections, not block them, run the game in Windowed mode (not full screen) and watch for alerts from games or svchost.exe.
Best wishes
Mouse