How to Block everything except one application ?

Crapo · November 10, 2015, 8:15am

Hi,

I am on a limited data plan when I travel and I use my computer connected on internet.
I would like to block everything, including windows update and other software updates.
I would like to allow only one web browser, firefox, chrome or opera.

How can I set up a config like this temporarily ?
I’m not an expert.

Thank you

wasgij6 · November 10, 2015, 6:21pm

what version of CIS are you using.

Crapo · November 11, 2015, 6:31am

It is CIS Premium version 8.2.0.4703

wasgij6 · November 11, 2015, 7:27pm

Go to the advanced settings → firewall settings and enable “Do NOT show popup alerts” and change the dropdown to block requests. This will block anything that doesnt have a rule created for it.

Now to create the rules for your applications.

To allow your browser go to advanced settings → firewall settings → applications rules then add whatever browser you want to allow access
Add a new rule and give it the allow allowed application ruleset
For windows update im not exactly sure which processes need access to the internet so maybe someone else can give us some insight. I think the main exe is under C:\Windows\System32\wuauclt.exe but it also uses svchost.exe.

The process will be the same for adding any other application you want to allow access for.

Crapo · November 11, 2015, 11:38pm

Hi, thank you for your quick answer, does it mean that everything will be blocked with this rule, even windows update and other background running programs ?

futuretech · November 12, 2015, 2:21am

I’ll give tell you each rule that you need to block everything except DNS and web browsers. First go to add > browse > file groups > all applicatoins > use ruleset blocked application. Next add another rule and click browse > running applicaitons > select svchost.exe > use a custom ruleset > add allow UDP out destination port 53 then add another rule to block IP In or out. Then the last rule select web browsers file group and select outgoing only. Your rules should look like the ones in the attached screenshot. Heres the help documentation on adding firewall rules Application Rules, Firewall Protection, Best Firewall | Internet Security v7.0

[attachment deleted by admin]

sAyer · November 13, 2015, 12:45am

You also need to add a rule under svchost for Boot PC (port 68) for DHCP clients requesting IP addresses. Unless you have a static ip address.