TinyWall

Features

What makes TinyWall special?

TinyWall includes a combination of features that sets it apart from both commercial and freeware firewalls.

• TinyWall does not annoy you with popups at all, yet it is still extremely easy to add exceptions to your firewall rules.
• TinyWall actively blocks hundreds of trojans, viruses and worms.
• TinyWall does not require you to know about ports, protocols and application details.
• TinyWall makes use of network zones, allowing you to specify different behaviour when you're at home, at work or in the public.
• TinyWall prevents malicious programs from modifying the settings of Windows Firewall.
• TinyWall uses Windows' own firewall for filtering and does not install drivers or other kernel components.

Additional features

• Automatic learning mode
• Firewall tampering protection
• Optional password lockdown of settings
• Normal protection, Allow outgoing, Block all, Allow all and Learning modes
• Support for temporary/timed firewall rules
• Port and domain blocklists
• Hosts file protection
• Option to always allow communication within LAN
• Option to restrict an application to the LAN
• Full IPv6 support
• List current connections
• 100% free and clean software. No fees, no ads, no payed upgrades.

The no-popup approach

The problem

Most firewalls are based on the same interaction principles. Basically, whenever an application is trying to access the internet, display a popup asking the user what to do. This is not only annoying for the user, but also less than secure. On an average computer, a lot of applications are trying to access the internet but not all of them actually require a network connection. Displaying a popup for each app makes it very probable that unneeded applications will gain access to the network, as it increases the likelyhood of the user granting unnecessary rights to some applications. Also, depending on how a particular firewall works, the user can be asked multiple times for even the same program, which will also lead to the user becoming less and less aware of what he actually allows.

The solution

TinyWall takes a different approach. It does not display popups that "urge users to allow". In fact, it will not notify you of any blocked action. Instead of showing popups, TinyWall makes it easy to whitelist or unblock applications by different means. For example, you can just initiate whitelisting by a hotkey, then click on a window that you want to allow. Or, you can select an application from the list of running processes. (Of course, the traditional way of selecting an executable also works.) This approach avoids popups but still keeps the firewall very easy to use. It will also limit the list of unblocked programs to those that the user really needs, which is optimal from a security standpoint.

About the firewall technology

Microsoft started to include its own firewall product in versions of Windows XP, known as "Windows Firewall". That firewall however, had seriously limited capabilities and usefulness, making a separate firewall product more than desirable. This bad reputation of Windows Firewall is still existent today, although somewhat unjust. In fact, newer versions of the operating system, Vista and Windows 7 include a totally new firewall technology, known as "Windows Firewall with Advanced Security". This newer version corrects most of the defects of its predecessor, and is capable of filtering IP packets based on various protocols, local or remote ports, addresses, subnetworks, application and packet direction etc., separately or in combination. It turns out, it possesses almost everything a man could ask from a firewall engine. So why is Windows Firewall still fighting its reputation? Mainly:

1. Bad default configuration. Windows Firewall's default configuration is insecure and annoying, and only does filtering in one direction.
2. Bad user interface. Do you know how to fine tune the built-in firewall of Windows? Do you know where to find its detailed options? Do you dare to edit its rules?
3. Insecure accessability. The firewall in Windows can be controlled by any application with sufficient privileges. In fact, multiple malicious programs are known to disable it. What use is a firewall if it can be bypassed by what it is trying to protect you from?
4. Historical reasons. People tend to think it is the same useless product found in Windows XP.

TinyWall addresses most of these problems: TinyWall 1) gives Windows Firewall a sane and secure configuration and 2) presents you with a simple interface where you can easily define what has network access and what not, while 3) preventing other programs from modifing or overwriting your firewall settings.