my dog learned polymorphism*
The moose likes Java in General and the fly likes How to add my application in the exception list of windows firewall  ? Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Android Security Essentials Live Lessons this week in the Android forum!
JavaRanch » Java Forums » Java » Java in General
Bookmark "How to add my application in the exception list of windows firewall  ?" Watch "How to add my application in the exception list of windows firewall  ?" New topic
Author

How to add my application in the exception list of windows firewall ?

naved momin
Ranch Hand

Joined: Jul 03, 2011
Posts: 688

HI, i wanted to add my application in the exception list of windows firewall is it possible in Java ?
if yes how to do it ?


The Only way to learn is ...........do!
Visit my blog http://inaved-momin.blogspot.com/
Paul Clapham
Bartender

Joined: Oct 14, 2005
Posts: 18541
    
    8

No.

Edit: Think for a moment about what kind of security system would allow applications to declare themselves to be secure.
naved momin
Ranch Hand

Joined: Jul 03, 2011
Posts: 688

Paul Clapham wrote:No.

Edit: Think for a moment about what kind of security system would allow applications to declare themselves to be secure.

Yes, most people say this , but softwares like VNC are successfully able to add themselves in the exception list of the firewall
how they do that ?

Note: please don't consider my application as an exploit or virus it is 101% safe & secure and i am not harming any ones pc nor there data....
Winston Gutkowski
Bartender

Joined: Mar 17, 2011
Posts: 7553
    
  18

naved momin wrote:Yes, most people say this , but softwares like VNC are successfully able to add themselves in the exception list of the firewall...

No they aren't, and I would darn' well hope not. And even if they could, I wouldn't let them (old security admin).

Security is not just "something that happens"; it's a matter of active policy, maintained and enforced by people (including me; and hopefully you).
Firewalls are simply an agent of that policy, along with (especially as implemented by desktop systems like Windows) some general "levels" that save a lot of config time.

Even if your firewall supports "policies" for applications (and I've yet to see one), you'd better be awfully careful that you aren't letting in more stuff than you intended.

BTW, VNC is a program in Windows terms (ie, a .exe) that communicates over a known port. In Unix, it's often packaged with "policies" that you can use if you don't want to update the firewall yourself (and I've had to restrict those; so I know of which I speak).

Winston


Isn't it funny how there's always time and money enough to do it WRONG?
Articles by Winston can be found here
Paul Clapham
Bartender

Joined: Oct 14, 2005
Posts: 18541
    
    8

naved momin wrote:Note: please don't consider my application as an exploit or virus it is 101% safe & secure and i am not harming any ones pc nor there data....


This is what malware writers say when they want you to install their malware on your computer.
Jeanne Boyarsky
internet detective
Marshal

Joined: May 26, 2003
Posts: 30138
    
150

naved momin wrote:Edit: Think for a moment about what kind of security system would allow applications to declare themselves to be secure.

Yes, most people say this , but softwares like VNC are successfully able to add themselves in the exception list of the firewall
how they do that ?
First, they aren't written in Java. Second, an unknown program doesn't declare itself secure. It attempts to communicate and the firewall asks the user if it is safe. My Windows machine even prompts to ask if Firefox is safe. This is a good thing. It means that I know Firefox has changed and something masquerading as Firefox doesn't get to connect to the internet.


[Blog] [JavaRanch FAQ] [How To Ask Questions The Smart Way] [Book Promos]
Blogging on Certs: SCEA Part 1, Part 2 & 3, Core Spring 3, OCAJP, OCPJP beta, TOGAF part 1 and part 2
naved momin
Ranch Hand

Joined: Jul 03, 2011
Posts: 688

Jeanne Boyarsky wrote:
First, they aren't written in Java.

How much it will take to convert a jar into .exe ?
Jeanne Boyarsky wrote:
Second, an unknown program doesn't declare itself secure.

True
Jeanne Boyarsky wrote:
It attempts to communicate and the firewall asks the user if it is safe. My Windows machine even prompts to ask if Firefox is safe. This is a good thing.

Yes offcourse it is , but I m doing this so that the user should not see the prompt message saying, do you want "this" application to communicate over the internet ......
and if this prompt appears some stupid users will click on "don't allow" instead of "allow" button .... because they don't know the technical stuff behind this .....

You got it right ...my app target "Non technical peoples" so for them every thing should appear smoothly rather than prompts with technical info....I guess you get it why I m asking this question, I m sophistically not interested in making "malwares" which does blah blah .... ?
Jesper de Jong
Java Cowboy
Saloon Keeper

Joined: Aug 16, 2005
Posts: 14074
    
  16

naved momin wrote:Yes offcourse it is , but I m doing this so that the user should not see the prompt message saying, do you want "this" application to communicate over the internet ......

If the operating system would not show the prompt then there would be a security hole in the operating system.

You can keep saying "Yes, but you should trust my application, I promise it's not malware" but why should Microsoft or any user just trust you, if they don't know you?

So, there is no way that you can get rid of the prompt and there is a very good reason why you cannot get rid of the prompt.

Java Beginners FAQ - JavaRanch SCJP FAQ - The Java Tutorial - Java SE 7 API documentation
Scala Notes - My blog about Scala
fred rosenberger
lowercase baba
Bartender

Joined: Oct 02, 2003
Posts: 11172
    
  16

let us assume two things:

1) your application is not malware
2) a java program could subvert this security feature

Given that, do you still not see that someone ELSE could write malware, and using the same technique you want, get their programs silently installed on any machine, anywhere in the world? Do you not think that this would be a problem?

IF it could be done, bad people would use it to do bad things. Therefore, the folks who create firewalls do EVERYTHING they can to prevent it. There is no way they would allow just anyone to say "hey...you can trust ME". And if they did, they would have the WORST firewall in the world, which nobody would use.


There are only two hard things in computer science: cache invalidation, naming things, and off-by-one errors
Manoj Kumar Jain
Ranch Hand

Joined: Aug 22, 2008
Posts: 191

naved momin wrote:
and if this prompt appears some stupid users will click on "don't allow" instead of "allow" button .... because they don't know the technical stuff behind this .....

is this really a technical stuff ?? The owner/user of the computer has right to accept/reject the connection or application. It's not about stupidity.


Do not wait to strike till the iron is hot; but make it hot by striking....
 
It is sorta covered in the JavaRanch Style Guide.
 
subject: How to add my application in the exception list of windows firewall ?
 
Similar Threads
Problem running tomcat 6 in vista
Sending a mail
client - server communication between two machines
Connecting to Tomcat from a different Computer
Newbie question