How to prevent a file from accessing the internet?
Solution 1
"Windows Firewall with Advanced Security" seems to have what I need. I was typing "Windows Firewall" in Windows 7 Start menu search box, and I accidentally saw there is a different program called Windows Firewall with Advanced Security. It has settings for inbound and outbound rules which can be defined by the user. Here is a screeny from Google search:
Solution 2
You're looking for a personal firewall program, most (or all) of which allow you to block outbound traffic. (Older versions of the built-in Windows Firewall only blocked inbound traffic by preventing applications from exposing themselves as network servers.)
Update: Mehper found out that Windows Firewall with Advanced Security included with Windows 7 does, indeed, allow you to define outbound firewall rules.
Years ago, I used to use ZoneAlarm for this, but I stopped using it when it corrupted my network stack and made me unable to connect to the network at all. There are also several others to choose from, such as Comodo Personal Firewall (which has a free version) and Norton Internet Security.
Solution 3
With Sandboxie (Shareware; free for personal, non-commercial use with limited functionality) you can prevents all programs in the sandbox from accessing the Internet. Additionally Sandboxie runs your programs in an isolated space which prevents them from making permanent changes to other programs and data in your computer.
I will show you how can you can create, setup and use sandbox:
After install Sandboxie start Sandboxie Control
"%programfiles%\Sandboxie\SbieCtrl.exe" /open
The button Block All Programs prevents all programs in the sandbox from accessing the Internet. When this mode is in effect, the button changes to Allow All Programs, and when clicked, will undo the effect of blocking all programs.
Issue message SBIE1307 when access is denied: When a program is restricted due to this setting, Sandboxie can issue a notification message. Use this checkbox setting to indicate whether you would like to receive these notifications.
You can run executable file in "DisabledInternet" sandbox:
1) Right click on file -> In context menu choose "Send To"-> "Sandboxie - DisabledInternet"
2) Right click on file -> In context menu choose "Run Sandboxed"-> Choose "DisabledInternet" sandbox
3) Drag and drop file to Sandboxie Control window -> Choose "DisabledInternet" sandbox
4) You can also use command line and make shortcut:
"%programfiles%\Sandboxie\Start.exe" /box:DisabledInternet "path to executable file"
Some important notes about Sandboxie:
Sandboxie is shareware software. The free version is missing a few features(automatically running programs under Sandboxie and ability to run programs in more than one sandbox at the same time ) which are available in the paid version. After 30 days of use, the free version displays reminders(5-second popup) to upgrade to the paid version, but remains functional.
source:
http://en.wikipedia.org/wiki/Sandboxie
Greg Jennings
about.me/mehper Industrial Engineer M.Sc. One of the authors of Distribution Planning of Magazines: A Practical Approach. Author of Random Variate Generation If the Density Is Not Known: Basics, Methods, Implementations. Mostly dealing with the following topics: Food Logistics, Enterprise Resources Planning, Supply Chain Management, Materials Management, Healthcare Logistics, Executive Reporting, Data Analysis, System Development and Optimization. Programming Languages: VBA, SQL, R. XBox 360 fan.
Updated on September 17, 2022Comments
-
Greg Jennings almost 2 years
There are some
.exe
and.dll
files belonging to some programs on my laptop which communicate with the internet without my permission (for self-update generally). I want to prevent those files one by one from accessing the internet. I don't want to install any external firewalls. I'm using Windows 7 Home Pro and if this can be done by Windows Firewall, it's OK. I took a look at Windows Firewall but couldn't find a setting to disable file access.-
petersohn about 14 yearsIf those are really self-updates, there should be an option to turn them off. It is better because it not only saves your bandwidth, but also memory and CPU time that is used for trying to connect.
-
Greg Jennings about 14 years@petersohn: You're right, but some programs don't have this option. I still want to know how I can do that manually.
-
-
Greg Jennings about 14 yearsThe problem is, the above list is for allowed programs. I need the list for disallowed programs.
-
th3dude about 14 yearsWhy do you need the list of disallowed programs? I don't quite understand. If something is accessing the internet, then it should be in the 'allowed' list. From there, you can remove its rights so it can no longer access.
-
Greg Jennings about 14 yearsSome programs are not in the list and they have access. For example, Babylon. BTW, I found the solution and will post it as an answer in a while. Anyway, thanks for your answer.
-
Beaner about 14 yearsThere is still a free version of ZoneAlarm. They call it "ZoneAlarm Basic". You can download it from zonealarm.com/security/en-us/…
-
rob about 14 yearsHey, you're right...thanks for the correction. I tried finding ZoneAlarm Basic earlier, and when I got to that Trialware page, I didn't even notice the Download.com link and assumed they were being extra evil by making the "Free ZoneAlarm Basic" free via trialware.
-
Chris about 14 yearsWhile Zone Alarm works fine on XP machines, it can cause problems with Vista and I assume 7's automatic updating feature.
-
LawrenceC over 12 yearsComodo is a personal firewall that I've used for a long time with Vista and 7. Can block outgoing connections by application and alert when such tries to make a connection. Careful to not sign up for their extra services, though, when installing.
-
Xandrmoro over 7 years@rob You are wrong -- Windows Firewall has ability to control both inbound and outbound traffic and follows a rule table.