Windows 10 and 11 have several built-in security features that protect your computer against malware and other threats. In the Windows Security program, you will find the built-in antivirus protection, smart app control, kernel isolation, secure boot and much more.
One area where the system is still a little behind is network security. Today, at least the system has built-in support for dns over https which protects your dns requests from monitoring, and the built-in firewall blocks incoming connections from the internet or local networks. But installed programs can still connect to servers online anyway, including to your own dns over https servers to bypass any dns protections you have. You can remedy this with a so-called application firewall.
Application firewalls work per process instead of per port like the regular firewall, and work mainly outward instead of inward. For most users, it’s about preventing programs from “calling home”. Some programs have no reasonable reason to connect to the Internet other than to download updates, but if you monitor all connections from your computer, you will quickly see that most programs today connect both here and there.
Mac users have long had the excellent Little Snitch application firewall, but now Windows users also have a sensible alternative in the form of Safing Portmaster. It also works as a tracking blocker, secure dns and – if you pay for it – as an alternative to vpn. Here’s how to get started with it.
When you first start Portmaster, you can choose, among other things, which block lists the program should use.
Foundry
Install and make basic settings
Download and run the installer. You must then restart the computer before it can be used. Once you’ve logged in again, you’ll find Portmaster as an icon in the Notification Center on the right side of the taskbar or via the Start menu.
The first time you open the program, you have to click through the basic settings. It’s mainly about choosing what Portmaster will block – trackers and advertising, known malicious sites, and so on. It works much like Pi-Hole and you can always change settings later. You can also select server for dns-over-tls for encrypted dns if you prefer that over Windows built-in.
When the settings are complete, you are greeted by the program’s so-called dashboard, which shows the status of its various functions.
Block a program
With the default settings, Portmaster blocks nothing but the connections provided via the blocklists for advertising, tracking, and so on. No individual program is automatically prevented from connecting to the Internet unless you activate a block.
Block an entire program with Block Connections– slider.
Foundry
click Apps and Profiles in the menu list on the left, a list of all installed programs on the computer is displayed. Select an application to view its settings and connection history. Here there is a slider called Block Connections which blocks all the program’s connections.
If you want to block only individual connections instead, do this:
Block a single connection per domain or IP address.
Foundry
If you look in Settingstab for the application, you can now see that Portmaster has added a rule for that particular application, which you don’t see in the global settings that you reach via the gear icon in the menu list on the left.
It is also possible to do the opposite: Block all connections for a program and then add exceptions for individual domains or IP addresses you want the program to be allowed to connect to. For example, if you want to prevent a program from sending analytics data and other things but still want to receive updates, you can look in the blocked connections for a connection to an address that appears to apply for updates and see if allowing it helps.
Block a program but allow individual connections. Not so smart with Firefox in particular, but can work well with other programs.
Foundry
A tip here is to use the program’s “check for updates” function and look in the list of connection attempts in Portmaster right after. Most programs use two different servers to check for updates and to download the update itself, so you usually need to add another exception.
Advanced: Ask every time
For more paranoid users, Portmaster can be set to work in a different way: Every time a program tries to make a connection for which you have not created a rule, you will be asked how you want to do it, and the connection will not be allowed until you actively approve it.
Ask for each new connection – most secure but gets sticky quickly.
Foundry
At first this means you get to accept connections left and right, but after a while the questions become less frequent and eventually it will only appear once in a while, for example after you install a new program.
2024-01-17 06:29:00
#Portmaster #protects #programs #call #home