Page 1 of 1
Help on configure Sygate Personal Firewall
Posted: Sun Sep 16, 2007 9:14 am
by Max
Hi,
I'm using for longtime this firewall, but it have an annoyance warning:
On first time, I've allowed full access to every new program and I've checked "Remember my answer and do not ask me again for this application".
But on re-compilations for testing the program, firewall says something like "This program HAS BEEN CHANGED from last run. Do you want to allow this program to access the network?.". The program is delayed until I press "yes".
How to avoid this last message?.
Posted: Sun Sep 16, 2007 9:21 am
by Derek
The firewall is doing what it is supposed to do, it is seeing the changed program and because it doesn't know if it was changed by you or some malicious program it asks for permission.
Being able to stop the message would be a godsend for virus writers etc and so I doubt that it can be turned off.
Saying that, I don't actually use the same firewall, I use zonealarm, but I get the same kind of message whenever I change anything that tries to access the web.
Posted: Sun Sep 16, 2007 1:58 pm
by Tipperton
Derek is right.
All firewals I've seen that offer this option will record a checksum of some sort on the file, it will remember your choice for the file but only as long as it remains unmodified.
It would probably be more accurate if that message said
Firewall wrote:Remember my answer and do not ask me again for this version of this application
Posted: Sun Sep 16, 2007 4:39 pm
by Demivec
It is possible to set an option (at least in Zonealarm) that says that a program changes frequently. This option would disable checking the program's MD5 signature and instead all that would be checked would be the program's path (definately a low security option).
Posted: Sun Sep 16, 2007 4:53 pm
by Derek
Demivec wrote:It is possible to set an option (at least in Zonealarm) that says that a program changes frequently. This option would disable checking the program's MD5 signature and instead all that would be checked would be the program's path (definately a low security option).
Didn't know that, but then I haven't gone looking for such an option.
Like you say, not a good option as far as security goes.
Posted: Sun Sep 16, 2007 6:40 pm
by Tipperton
Demivec wrote:It is possible to set an option (at least in Zonealarm) that says that a program changes frequently. This option would disable checking the program's MD5 signature and instead all that would be checked would be the program's path (definately a low security option).
True, but for a developer a nice convenience for the program he's working on....
Posted: Sun Sep 16, 2007 10:55 pm
by Pantcho!!
I am using sygate firewall,
Altough it is super old with out no support becuase norton bought them becuase of the competition,
IT ROCKS.
it do the job better then any crap firewalls out there and it does it very simple.
You have two situations:
1. a program is trying to access the internet for the first time,
you have the option to say YES or NO and a little checkbox to "remember" your decision.
If its a software like my web browser or Mirc i check the "remember" box and click "YES". then it will NEVER ask me again.
2. the NEVER issue is true always until your case happens, when it asks you again on the same program, why?
Because the program EXE file has changed , maybe from an online update or a new install.
Asking you again is super max security because it might got a virus or cloned applications which is a malware.
If you have your EXE files being changed all the time then you might have your computer infected with somthing.
Posted: Mon Sep 17, 2007 1:44 pm
by pdwyer
You could try and trick the firewall (just for a laugh if nothing else).
Try this, put a set of static features in an exe that calls a test function in a DLL, just keep changing the DLL and recompiling it, the exe is the one that's making the call to the net and it's not changing...
How many firewalls check all the DLLs of an app? (I really don't know, maybe they do)
Atleast it might let you test a situation of constant recompiles without the message. When you function was ready, move it to the main app.
Posted: Thu Sep 20, 2007 2:08 am
by Rook Zimbabwe
How to avoid this last message?.
Simple... don't change your program.
Each change you make and compile and run will produce different keycodes... I get this same stuff when I update Zone Alarm... or when I update Avast... They keep seeing the change and raising flags.
Actually I think this is a good feature... Figuring out a way to disable this function might pave the way for Teenage Programmers from a certain Asian Country to write better MALWARE and SPYWARE...
Bad publicity for PB!!!