How do I make it so that every single file inside a folder has it’s ingoing as well as outgoing connection blocked including anything that is placed into this folder later on - even after the configuration was made?
Thanks for your time.
First you have to create a “File Group” and then you need to add this new group to the Firewall Application Rules and set it to block all communications, I’ll try to make clear steps below.
[ol]- I do not know what knowledge you have of CIS settings so we’ll start with how to get to the Advanced Settings, if you already know how to get there then skip to step 2.
[li]Open the main CIS window.
- In the upper right part of the window you should see “Tasks” next to a green arrow, click this.
- In the new screen, look for “Advanced Tasks” tab and expand it.
- While under the “Advanced Tasks” tab, look for “Open Advanced Settings” and click it.
- Now we need to create a new File Group. (File Groups are basically a group of files/folders in CIS)
[li]Open the Advanced Settings.
- Expand “Security Settings” in the left menu.
- Expand “Defense+” which is under "Security Settings in the left menu.
- Expand “HIPS” which is under “Defense+” in the left menu.
- Click “Protected Objects” which is under “HIPS” in the left menu.
- Right-click anywhere in the window to the right of the menu (or expand the arrow on the bottom) then click “Groups”
- In the new window, right-click anywhere (or expand the arrow on the bottom) then click “Add” then click “New Group”
- Choose a name for the new File Group, for the purpose of this “guide” we’ll call it “Example File Group” - After that click “OK”
- Find the new File Group in the list, right-click it and then click “Add” then click “Folders”
- Find the folder you want to block and click it once to highlight it and then click “OK”
- Click “OK” on the “Manage File Groups” window.
- Proceed to step 3.
- Now we need to create a Firewall Application Rule for the new File Group.
[li]I’m assuming you have the Advanced Settings open still, if not open it.
- Expand “Firewall” which is under “Security Settings” in the left menu.
- Click “Application Rules” which is under “Firewall” in the left menu.
- Right-click anywhere in the window to the right of the menu (or expand the arrow on the bottom) then click “Add”
- Click “Browse” in the new window and then click “File Groups” then click the File Group you just made, for this “guide” we used the name “Example File Group”
- Tick in “Use Ruleset:”
- To the right of “Use Ruleset:” you should see a drop-down list, click it and choose “Blocked Application”
- Click “OK” on all CIS windows.
Yes, I believe it is unnecessarily bothersome to add folders to the firewall rules… If you have any questions then just ask.
Tysvvm;yamph! (Thanks you so very very much; you are my personal hero!)
I was trying the *-thing with the firewall rules and I tried add->Folders in Protected Objects!
It never came to me that to create a File Group you’d have to select “Groups”…
I kinda gave up after I couldn’t select the added folder in Protected Objects for my firewall rule and everything I could find about this topic was outdated. (I got the *-thingie from an older thread)
Now I can kiss addfwrs.bat goodbye^^
You’re a life… comfortizer(? Does that term even exist?)
MOD EDIT : Offensive comment removed. 88)
Glad you got it working.