SUNBELT PF BLOCKING THREATFIRE

  Faffingwaste 09:52 25 Feb 2008
Locked

Call me gullible, but I followed a recent recommendation elsewhere on the 'Net to try the Sunbelt Personal Firewall as an alternative to what was said to be the increasingly "mediocre" Zone Alarm Free.

So I've dl'd and installed SPF and yes, it looks good and seems to function well. I don't think it's as big a resource user as Zone Alarm Free, either.

However. I also have ThreatFire (used to be Cyberhawk).

And here's the problem. Sunbelt PF seems impossible to manage in the way, say, that Zone Alarm was.

ZA would alert, then ask for permission to block. The user had an option to choose.

With Sunbelt Personal Firewall, I'm sitting here with the 14th splash screen -- count 'em, 14th - since booting up today. It reads:

Sunbelt Personal Firewall. SPF has detected and blocked an intrusion attempt of type Code injection. The intruder is TFService.exe.

Beneath this warning, there are precisely two "buttons": one button is to close the warning, the other is to allow details of the warning to be seen / hidden.

As to actual user choice -- allow Threatfire, do not allow Threatfire -- there's no sign at all.

Going through the Sunbelt "configuration" and settings hasn't helped any. "Exceptions" seem to relate to web addresses. Not a user's other software.

If anyone can help, that'd be appreciated. But what a pity that this firewall that so many seem to rave about offers nothing like the degree of instant user control provided by the much derided ZoneAlarm.

  Faffingwaste 19:33 25 Feb 2008

How amazing.

All the computer enthusiasts here and not one of 'em uses Sunbelt Personal Firewall.

Not exactly a vote of confidence in that firewall, then. . .

  Technotiger 19:47 25 Feb 2008

I am sure it is not just Sunbelt, have a look at this lot ... click here

I use Sunbelt, the paid for version, and I think it is the best.

Bear in mind a lot of members work during the day! The 'night-shift' is usually busier than the 'day-shift'.

  beynac 20:07 25 Feb 2008

From Sunbelt personal Firewall help:

To add an exception to code injection parameters


Open the Host Intrusion Prevention System - Advanced Settings dialog box; then click Exceptions... under the Code injection section. The Code Injection Exceptions dialog box opens.

Make a selection:

To edit an existing item,
Click Edit... after selecting an item from the list. The Edit Code Injection Exception dialog box opens. Click Browse... to search for then select an item; then click OK.

To add a new item,
Add.... The Edit Code Injection Exception dialog box opens. Click Browse... to search for then select an item; then click OK.


Click OK. You return to the Host Intrusion Prevention System - Advanced Settings dialog box.

  beynac 20:11 25 Feb 2008

Sorry, the above is a bit garbled (I copy/pasted it from the Help page and the formatting went a bit odd).

The relevant bit is:

Open the Host Intrusion Prevention System - Advanced Settings dialog box; then click Exceptions... under the Code injection section. The Code Injection Exceptions dialog box opens.

Click Add.... The Edit Code Injection Exception dialog box opens. Click Browse... to search for then select an item (TFService.exe); then click OK.

Click OK. You return to the Host Intrusion Prevention System - Advanced Settings dialog box.

  pac73 21:06 25 Feb 2008

Why not try Online Armour click here.

I used it before Eset Smart Security,and was impressed with it.
It came top in these tests click here.

  Faffingwaste 13:24 26 Feb 2008

beynac:

Many thanks for that! I actually gave myself a strong lecture earlier this morning relating to the topic: RTFM. And finally found the answer -- exactly as you said.

It really was very kind of you to take the trouble to help; my apologies for any inconvenience caused. In defence (though it's no defence, really!) I've actually gotten used to the allow / deny protocol; the procedure of manually adding "allowables" prior to the actual operation of the firewall program is less than intuitive.

This is the second time I've hit problems with Sunbelt Personal Firewall, where I've gone to a website, roamed happily through it, then attempted to order from that website but met with a 404 error.

Turned out that something else should've been switched off in Sunbelt Personal Firewall, because although no warning was flagged up as to why a 404 error kept being caused, it was actually arising as part of Sunbelt's standard operational activity (Referer: Deny Servers To Trace Web Browsing).

pac: yup, I'll go have a look. Thanks for the tip!

(Technotiger: I know. I know. My fault. Desperation was beginning to set in! Incidentally: have you ever had 404s as a result of the Referer/Deny Servers thing? It certainly baffled me.)

  Technotiger 13:30 26 Feb 2008

No, never had any such problem. I simply set it-and forget it, have only had to allow a few exceptions for sites I use regularly, otherwise I just about forget it is there.

  beynac 14:06 26 Feb 2008

You're welcome. :)

I've got the "Referers - Deny servers...." box ticked and have never had any problems.

I have the paid-for version of Sunbelt but I don't use the Web Filtering as that did give me a few problems and, IMHO, is a clumsy way of achieving ad-blocking. I use Firefox with NoScript and AdblockPlus add-ons which does the job very nicely.

  Faffingwaste 14:56 26 Feb 2008

Sincere thanks again you two: very reassuring!

Re the 'Referer / Deny Servers' thing: what was so infuriating about this disruption was that I was dealing with a well respected PC specialist company UK with a well respected website (which you can figure out from what I've just said.)

I'd repeatedly "customised" a build yet every time I came to submit the details so as to get a price, bang! 404 error.

Baffling, because doing exactly the same thing on Dell Outlet's website didn't trigger a 404, and to be honest, every other website I've been on where filling a 'shopping cart' has been required also escaped the attentions of the Sunbelt Firewall.

Anyway. I've turned off the Refer link permanently, and as nothing else is checked I've basically made Sunbelt's 'Web Filtering' redundant, like beynac has.

It really was frustrating though: using a PC website to spec up a PC but unable to submit the finished work because my own PC was being obstructed by a PC protection program. . .

(Just for fun, I've tried the same exercise again just now at the same website, with the referer filter turned on. And, guess what: 404 again.)

This thread is now locked and can not be replied to.

Elsewhere on IDG sites

Fujitsu Lifebook P727 laptop review

11 best portfolio websites for designers and artists

Office for Mac buying guide: Price, Office 2017 rumours & new features

Comment désactiver les programmes qui s'exécutent au démarrage de Windows 10 ?