• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

How to add my application in the exception list of windows firewall ?

 
naved momin
Ranch Hand
Posts: 692
Eclipse IDE Java Linux
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
HI, i wanted to add my application in the exception list of windows firewall is it possible in Java ?
if yes how to do it ?
 
Paul Clapham
Sheriff
Posts: 21416
33
Eclipse IDE Firefox Browser MySQL Database
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
No.

Edit: Think for a moment about what kind of security system would allow applications to declare themselves to be secure.
 
naved momin
Ranch Hand
Posts: 692
Eclipse IDE Java Linux
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Paul Clapham wrote:No.

Edit: Think for a moment about what kind of security system would allow applications to declare themselves to be secure.

Yes, most people say this , but softwares like VNC are successfully able to add themselves in the exception list of the firewall
how they do that ?

Note: please don't consider my application as an exploit or virus it is 101% safe & secure and i am not harming any ones pc nor there data....
 
Winston Gutkowski
Bartender
Pie
Posts: 10527
64
Eclipse IDE Hibernate Ubuntu
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
naved momin wrote:Yes, most people say this , but softwares like VNC are successfully able to add themselves in the exception list of the firewall...

No they aren't, and I would darn' well hope not. And even if they could, I wouldn't let them (old security admin).

Security is not just "something that happens"; it's a matter of active policy, maintained and enforced by people (including me; and hopefully you).
Firewalls are simply an agent of that policy, along with (especially as implemented by desktop systems like Windows) some general "levels" that save a lot of config time.

Even if your firewall supports "policies" for applications (and I've yet to see one), you'd better be awfully careful that you aren't letting in more stuff than you intended.

BTW, VNC is a program in Windows terms (ie, a .exe) that communicates over a known port. In Unix, it's often packaged with "policies" that you can use if you don't want to update the firewall yourself (and I've had to restrict those; so I know of which I speak).

Winston
 
Paul Clapham
Sheriff
Posts: 21416
33
Eclipse IDE Firefox Browser MySQL Database
  • Likes 2
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
naved momin wrote:Note: please don't consider my application as an exploit or virus it is 101% safe & secure and i am not harming any ones pc nor there data....


This is what malware writers say when they want you to install their malware on your computer.
 
Jeanne Boyarsky
author & internet detective
Marshal
Posts: 34973
378
Eclipse IDE Java VI Editor
  • Likes 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
naved momin wrote:Edit: Think for a moment about what kind of security system would allow applications to declare themselves to be secure.

Yes, most people say this , but softwares like VNC are successfully able to add themselves in the exception list of the firewall
how they do that ?
First, they aren't written in Java. Second, an unknown program doesn't declare itself secure. It attempts to communicate and the firewall asks the user if it is safe. My Windows machine even prompts to ask if Firefox is safe. This is a good thing. It means that I know Firefox has changed and something masquerading as Firefox doesn't get to connect to the internet.
 
naved momin
Ranch Hand
Posts: 692
Eclipse IDE Java Linux
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Jeanne Boyarsky wrote:
First, they aren't written in Java.

How much it will take to convert a jar into .exe ?
Jeanne Boyarsky wrote:
Second, an unknown program doesn't declare itself secure.

True
Jeanne Boyarsky wrote:
It attempts to communicate and the firewall asks the user if it is safe. My Windows machine even prompts to ask if Firefox is safe. This is a good thing.

Yes offcourse it is , but I m doing this so that the user should not see the prompt message saying, do you want "this" application to communicate over the internet ......
and if this prompt appears some stupid users will click on "don't allow" instead of "allow" button .... because they don't know the technical stuff behind this .....

You got it right ...my app target "Non technical peoples" so for them every thing should appear smoothly rather than prompts with technical info....I guess you get it why I m asking this question, I m sophistically not interested in making "malwares" which does blah blah .... ?
 
Jesper de Jong
Java Cowboy
Saloon Keeper
Posts: 15480
43
Android IntelliJ IDE Java Scala Spring
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
naved momin wrote:Yes offcourse it is , but I m doing this so that the user should not see the prompt message saying, do you want "this" application to communicate over the internet ......

If the operating system would not show the prompt then there would be a security hole in the operating system.

You can keep saying "Yes, but you should trust my application, I promise it's not malware" but why should Microsoft or any user just trust you, if they don't know you?

So, there is no way that you can get rid of the prompt and there is a very good reason why you cannot get rid of the prompt.
 
fred rosenberger
lowercase baba
Bartender
Posts: 12196
35
Chrome Java Linux
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
let us assume two things:

1) your application is not malware
2) a java program could subvert this security feature

Given that, do you still not see that someone ELSE could write malware, and using the same technique you want, get their programs silently installed on any machine, anywhere in the world? Do you not think that this would be a problem?

IF it could be done, bad people would use it to do bad things. Therefore, the folks who create firewalls do EVERYTHING they can to prevent it. There is no way they would allow just anyone to say "hey...you can trust ME". And if they did, they would have the WORST firewall in the world, which nobody would use.
 
Manoj Kumar Jain
Ranch Hand
Posts: 198
Java Linux Oracle
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
naved momin wrote:
and if this prompt appears some stupid users will click on "don't allow" instead of "allow" button .... because they don't know the technical stuff behind this .....

is this really a technical stuff ?? The owner/user of the computer has right to accept/reject the connection or application. It's not about stupidity.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic