TechSpot

Programs Add Themselves to the Windows Firewall Exception List

By theH
May 25, 2006
  1. I've noticed that some programs seem to just go ahead and add themselves to the Windows Firewall Exception List by creating a registry entry here:

    HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List

    Surely it's not this easy to by-pass the Windows Firewall?

    I came across this problem when attempting to block UT2004 from accessing the internet (My younger cousins have been banned from playing ut2004 online by their parents but as a compromise they can still LAN with each other and I'm trying to help out).

    However, I noticed UT2004 would just go ahead and add itself to the exceptions list *every time* I hit "join a game" and all the servers would pop up despite my efforts. Any thoughts on this?
     
  2. altheman

    altheman TS Rookie Posts: 425

    it could that windows is allowing outgoing connections but not incoming ones, which is what it does by default (i think). and since the exception list is in the registry, it wouldnt be too difficult for a program to add itself to the list.
    my recommendation is to use a proper firewall, like Sygate (my fav. firewall), which is much better then a half baked windows one.
    get Sygate firewall from here: http://www.tucows.com/get/213160_90233 its free and really good.
     
  3. theH

    theH TS Rookie Topic Starter Posts: 31

    altheman: Thanks for the recommendation; I will install a firewall for them as a last resort though because it seems like kind of over-kill for just one program.

    Here are two other possible things I've come across:

    1) Is there anyway to make a registry key read-only? This way I can add the program to the exceptions list, un-check it (don't allow it as an exception), and then prevent it from appearantly "re-allowing" itself as an exception.

    2) I've been advised that there is a file somewhere in Windows XP that allows you to re-route specific outgoing requests to go to other sites. I mean I was advised to find wherever UT2004 tries to get the server list and "re-route" that to point to my own IP address so that the request would fail. Does that even make sense?
     
  4. altheman

    altheman TS Rookie Posts: 425

    you could try putting deny permissions on the registry key, but that might make the system unable to give exception to legit. programs. personally, i wouldnt recommend this.

    i think your referring to the "hosts" file under "C:\windows\system32\drivers\etc\."

    to do this, you need to know the site that UT2004 tries to connect to. once you get this, you need to type this in the hosts file (open with notepad).

    Code:
    127.0.0.1       www.the site that ut2004 connects to here.com
    
    this will make ut2004 look for the server list on your pc, which doesnt exist, and therefore fail.
     
  5. theH

    theH TS Rookie Topic Starter Posts: 31

    Thanks altheman, my problem is solved.

    For the record UT2004's master server is:

    ut2004master1.epicgames.com and (backup server)
    ut2004master2.epicgames.com
     
  6. altheman

    altheman TS Rookie Posts: 425

    glad to hear the good news :)
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...