Skip to content
Nodir Temirkhodjaev edited this page Sep 8, 2024 · 25 revisions

Introduction

Brief overview of the guide

Welcome to the 'First Start' guide for our Fort Firewall. This guide will walk you through the key steps to install, configure, and maintain our firewall.

You'll learn why a firewall is essential, check system compatibility, go through installation, configure settings, and ensure your system is protected.

Whether you're a personal user or an IT professional, this guide aims to make the process easy and understandable.

The importance of a firewall

A firewall is essential as it serves as a protective barrier between your network and potential cyber threats. While antivirus software may occasionally miss malware, a properly configured firewall ensures that such overlooked malware cannot communicate with the outside world or connect to command and control (C2) servers.

By controlling network traffic and preventing unauthorized access, firewall safeguard against hacking attempts, viruses, and data breaches, making it an essential layer of digital protection.

System Requirements

Supported OS versions

Asset OS Version Architectures Description
*-windows-x86.* Windows 7 SP1 and later x86, x64 32/64-bit Windows 7, 8, 8.1, 10, 11
*-windows10-x86_64.* Windows 10 1809 and later x64 64-bit Windows 10 1809+, 11
*-windows10-arm64.* Windows 10 2004 and later ARM64 ARM64 Windows 10 2004+, 11

Requirements


Installation

Step by step guide to install the software

fort_installation

Details of what the various options during installation mean

  • Windows Explorer integration

Adds an entry to the Windows Explorer right-click menu, making it easier to control applications

  • Windows Service

Installs Fort Firewall as a service for increased security and stability

Makes Fort Firewall portable, so that all settings and changes are saved in the installed folder, making it easier to transfer settings to another system.


Basic Configuration

How Fort Firewall works by default

Fort Firewall has 5 filter modes:

image

  • Auto-Learn

All apps are allowed, except the blocked apps. Disabled App Groups are blocked.

  • Ask To Connect

!Not yet implemented!

  • Block, if not allowed

All apps are blocked, except the allowed apps. Disabled App Groups are blocked.

  • Allow, if not blocked

All apps are allowed, except the blocked apps. Disabled App Groups are allowed.

  • Ignore, if not blocked or allowed

Any new apps will be ignored and will not appear in the 'Programs' window.


Filter Mode New App Disabled Group Enabled Group
Auto-Learn Allow Block App Group Action*
Block, if not allowed Block Block App Group Action*
Allow, if not blocked Allow Allow App Group Action*
Ignore, if not blocked or allowed Ignore Ignore App Group Action*

*This means that everything depends on the user rules in the Application Groups.

By default, the Fort Firewall operates in 'Auto-Learn' mode.

So if you want better security, the best practice is to use 'Block, if not allowed' and manually allow any new applications that you trust.

Example - If you have Filter Mode set to Block if not allowed, then if the application is unknown to Fort Firewall, it will be added to Programs with an exclamation mark and Blocked state. The exclamation mark is used to notify the user that the new application has appeared.

Explanation of common firewall features and their usage

Programs management

image

Fort Firewall has several options for the blocking/allowing or even killing of processes.

Wildcard paths

Additionally, it supports wildcards in program path names, enabling flexible rule creation for various applications. This ensures a secure and customized browsing experience, tailored to your needs.

Fort Firewall provides a user-friendly, efficient, and robust rule editing feature for effectively blocking applications. Firewall rules can be formatted using a pattern format similar to the one described in the Git documentation for .gitignore files. This format allows for specifying patterns to match files or directories.

  • For example, to create a rule for the file "C:\Downloads\test.exe" using this format, you can use the following pattern: C:\Downloads\test.exe

  • To create a rule that blocks all .exe files in the "C:\Downloads" directory: C:\Downloads\*.exe

  • To create a rule that blocks all files in the "C:\Downloads" folder and its subdirectories: C:\Downloads\**

  • To create a rule that blocks all files in one-level subdirectories of the "C:\Downloads" folder: C:\Downloads\*\*.exe

  • To create a rule that blocks all files with the ".exe" extension in any subdirectory of "C:\Downloads": C:\Downloads\**\*.exe

  • To create a rule that blocks any file named "secret.exe" in any location: **\secret.exe

  • To create a rule that blocks any file located in the folder "Downloads" on all drives: ?:\Downloads\**

  • To create a rule that blocks any file located in the folder "Downloads" on specific drives: [CD]:\Downloads\**

Please keep in mind that you can use the forward slash / and backward slash \ at your own discretion.

Application Groups

By monitoring inbound and outbound network traffic, Fort Firewall effectively filters IP addresses and application groups. It allows you to create rules to block or permit specific IP addresses and control app groups' access to the internet.

Blocking IP addresses or ranges of IP addresses

You can block IP addresses in the Options > IP Addresses > right part of the Allowed Internet Addresses tab named Exclude.

image

Note that there are two tabs in the IP Addresses options:

  • Internet Addresses - used to define IP addresses of Internet. By default, Local Area Network (LAN) addresses are excluded and not blocked/filtered.
  • Allowed Internet Addresses - this tab is used to block or explicitly allow IP addresses and ranges of Internet.

Windows Explorer integration

It offers seamless Windows Explorer integration, making it even easier for users to manage and block applications. With this integration, users can simply right-click on a file in Windows Explorer and access Fort Firewall's options directly from the context menu.

This allows users to quickly set up custom rules, block or unblock applications, and adjust settings without needing to open the main Fort Firewall interface.

Picture1

Speed limits

As well as filtering IP addresses and controlling application groups' access to the web, Fort Firewall also allows you to apply speed limits to application groups.

By setting custom bandwidth limits, you can manage and prioritize network usage for different applications, ensuring optimal performance and preventing network congestion.

Picture4

Zones

Fort Firewall offers a unique feature called "Zones" that allows you to block IP addresses more efficiently. Zones are user-defined groups of IP addresses or IP ranges with a shared set of rules.

By organizing IP addresses into Zones, you can easily create and manage specific rules for blocking or allowing access to these groups. This simplifies the process of filtering out unwanted traffic and enhances the security of your browsing experience.

Picture5

Traffic Statistics

At the user's request, Fort Firewall has a built-in function to store traffic statistics. This functionality enables users to keep track of their network activity, providing valuable insights into data usage, connection patterns, and potential security threats.

image

Blocked connections

In the Statistics window, you'll also discover a 'Blocked connections' tab, where you can view a list of processes along with their respective source and destination IP addresses, as well as timestamps.

Additionally, in the 'Dir.' (direction) column, the block reason is displayed as an icon, and you can see the corresponding text by hovering your mouse over this icon.

image

Traffic Graph

Fort Firewall includes a simple graphical display of bandwidth usage, making it easy for users to visualize and understand their network activity. This visual representation showcases real-time data transfer rates, highlighting both incoming and outgoing traffic.

With this intuitive feature, users can easily monitor their bandwidth usage, identify potential bottlenecks or congestions, and make informed decisions about managing their network connections for optimal performance.

Picture7

image

The need for frequent updates and where/how to set up the update

Updating Fort Firewall to the latest version ensures optimal security, compatibility, and functionality by addressing bugs, vulnerabilities, and introducing new features.

First you need to go to Zones and enable the 'Update Checker' task.

image

You can run the check manually by clicking on the 'Run' button. Alternatively, you can wait for the specified time.

If the new update is found, you will receive a notification in the 'My Fort' window.

photo_5195373032187743337_x


Advanced Features

Deep dive into more complex features of the firewall software.

Windows SvcHost services management

image

The Services tab in the Programs window shows all the services used by SvcHost.exe, so you can make them Trackable by selecting the appropriate button (very rarely needed on Windows 10+), or add them to the Programs window by clicking the Add Program button.

This will make them start in a separate process.

Internet access for the services is managed from the Programs window.


### How and when to use these features (VPN integration, Intrusion Detection System, etc.)


# Testing the Firewall ### Methods for ensuring the firewall is set up correctly and is actively protecting your system ### Discussing common troubleshooting steps


Maintenance and Support

Details about regular updates

Nodir Temirkhodjaev generously maintains Fort Firewall in his spare time, offering this service completely free of charge.

Users are encouraged to donate as a way to support both the author and the continued development of the firewall they rely on.

Contact information for support if issues arise

If you encounter a problem or have an idea for improvement, you can submit it here.

Where to look for FAQs or common issues

FAQ