Exclude Apps from Internet Access

[DocMAX]

Hi,

i see i can block ALL programs from internet access and make some exceptions.
But i want the opposide, allow ALL programs with some exceptions.

How can I do it?
I don't see how to do it with latest version 4.10.

Regards,
DocMAX

[Curt@invincea]

Can you give me an example of an app you want to disallow? I'm not sure how much demand there is for such a feature.

[DocMAX]

Why you need an example app? I want to do it with any app I want.

[Domochevsky]

Hm, for what it's worth, I do support the notion of having a feature like this.
Ideally a "per application" prompt would be useful. Eg, the program tries to access the internet and subsequently SB asks whether or not that is ok. (No -> add to Excluded Applications)

[Curt@invincea]

Why you need an example app? I want to do it with any app I want.

So if you block ParentApp.exe, what happens if it starts ChildApp.exe and communicates through that?

[westes]

Can you give me an example of an app you want to disallow? I'm not sure how much demand there is for such a feature.

What he is requesting is an application level firewall, which is something I have wanted for ages. I'll give an example: Lotus Notes client talks to Lotus Notes server on destination TCP port 1352. If you don't want that application to do anything more than communicate to the Notes server, you create a rule that restricts outgoing TCP traffic for this specific application to destination TCP port 1352. All other connections are rejected. You might want to further restrict on IP address, or on combinations of UDP/TCP, target IP, and target port.

Basically anything that Checkpoint Firewall can do you might want to do targeting a specific application. There might be firewall rules that apply to entire groups of applications, and there might be rules that are specific to specific applications.

It doesn't take much imagination to come up with other use cases, and it's an extremely useful idea.

[Curt@invincea]

It doesn't take much imagination to come up with other use cases, and it's an extremely useful idea.

And that's probably why there are so many application firewalls already out there.

[westes]

It doesn't take much imagination to come up with other use cases, and it's an extremely useful idea.

And that's probably why there are so many application firewalls already out there.

The only way to guarantee the integrity of an application firewall is to have it run from the sandbox manager. No system-level firewall can ever properly constrain the isolated behavior of a particular application.

Which products did you have in mind?

[westes]

It doesn't take much imagination to come up with other use cases, and it's an extremely useful idea.

And that's probably why there are so many application firewalls already out there.

If you have the application installed in Sandboxie, the host OS does not even see the application!! So your host level application firewall won't have any ability to set rules against that process.

If we modify Windows Firewall rules specific to the program we install in a Sandbox *inside* the Sandbox, will Windows Firewall actually execute a custom ruleset just inside of the Sandbox?

[Curt@invincea]

Windows sees everything running in the sandbox. Start task manager. You'll see all the sandboxed processes listed. All IP from the sandbox goes through any firewall.