Actually, that's a great idea The only thing worse to these malicous spyware companies than not getting your data is getting all of their data junked because they don't know what is and isn't real
Windows ignores the hosts file for certain domains related to Windows Update and Windows Defender. It's done in order to prevent malware from abusing the hosts file in order to prevent Windows from being updated.
I use Simplewall to block everything by default and allow connections manually, is a lot of work at the start and not so friendly but still a great tool! Will def give this a try as well
@@ao4514 free, open source firewall that just blocks everything and when something needs to connect it alerts you. You can then say OK don't ask again, or OK allow for X mins, or just ignore and it will block it that one time, or select to block completely.
@@ao4514 Short answer: Hard firewall that allows you to block any app (or even ports/ips) on your pc, and like I said before, I have it set to block everything and it will prompt me when a program is trying to connect to the internet to ask for permission it also shows the connections just like the one on this video
My concern is with any 3rd party apps is that they sometimes inadvertently block services that are required by your apps to work properly. And then comes time for long debug processes and it eventually turns out that the 3rd party app you installed was causing the problem all along.
That's another thing I like about Portmaster. It's more transparent and helpful in narrowing down what causes the problem to streamline the debugging and troubleshooting process. Or at least finding out why it's blocking something an app needs on that one machine.
I've been using portmaster for over a year now and would never use any windows computer without it ever again. It cannot be more easy to have privacy for free. If a program doesn't work you unblock it, it's that simple. The only exception here are vpn's, you have to unblock multiple exe's for them to work but that's not difficult either, it will all show up in the portmaster.
Thank you for this. I've been playing the same game for four years. My ping was always at 44ms. With Portmaster my ping dropped from 44 to 40-39ms. That is a nice improvement!
Your channel is great bro. As a former sysadmin, I get so frustrated with people promoting AV crap just for $$$. You are honest, to the point, and give real world quantifiable data. On a side note, you sound a bit like Buildzoid (a guy with a name in the motherboard and gpu hobbyist arena for analyzing board layouts).
Sorry but I would expect you to show what this portmaster is also sending away to their servers while recommending it. I'm guessing you did your due diligence but it's better to show that to users too, because now I feel like I'm just swapping whos spying me rather than stopping it
Portmaster is open source and anyone can inspect the source code here: github.com/safing/portmaster. Due to the nature of how such firewalls work and cause the DNS is encrypted, it isn't easy to "show" what is happening in Wireshark, as it will look like gibberish to the viewer and doing an in-depth investigation of code is not going to be the kind of content that the same viewer complaining about the lack of investigation in this video is going to watch.
@@pcsecuritychannel You could make it at the end of the Video, or a quick overview but its not all about what the average viewer would watch rather than quality of the content for many peoplel, really knowing if the application is secure, and not evolving to another channel just ignoring the probaple downsides (no front here, just many channels are like this already) just objectively reviewing all of it.
@@pcsecuritychannel Fair point on code analysis, I wouldn't expect that anyway. But a short part where you could analyze if portmaster is calling any random URLs or not would be nice, and would certainly show up in wireshark as you know. As you know, just because something is open source doesn't mean that it can be clean or compiled distributed binary is 1-1 identical with what's on github. I'm not saying portmaster is shady, but you know, they can easily add something to github and distribute a different binary that does more or less same with telemetry in it.
@@pcsecuritychannel you don't have to do the in-depth analysis in a video, like you said it will be gibberish for most people - but you could tell us that "I checked and this is not sending a homing signal to its own servers with all this info" etc, OR show a 1 minute highlight of what you found, else why even recommend a tool I agree with @jackjack3358, why should I bother with another tool that might be doing the same thing as microsoft
@@jackjack3358 The whole idea of an encrypted DNS is you can't see the URLs being visited in Wireshark or a network monitoring tool, that's part of the point of a privacy tool, so there is no way to visually "showcase" what URLs you are visiting once you install the application (unlike the Wireshark logs I showed before).
That's like dropping your shorts because a stranger told you they're a hooker then asking the community why it burns while you take a piss. The community will collectively agree that indeed they were a hooker... But based on your results not a clean one, nor were either party using best practices. All of this "open source contribution" occurred after the fact. Moral of the story. There is no panacea. Anything can be open source, but open source does not equate to safe, clean, or best practices. By the time enough competent eyes review the code the damage is done.
@@ShainAndrews Interesting analogy but in this case you're the doctor with the test results. You can go see for yourself and make your own judgement about the software. Open source doesn't equate to safe, clean, or best practice per se. However, with a little due diligence, you can find out with far more ease and certainty than a proprietary piece of software.
@@ShainAndrews analogy is overkill for a pretty simple idea. open source isn't inherently secure and users shouldn't assume it is. not sure wtf you're on about
@@ShainAndrews It's still better that the code is up for open review by anyone than not? Plus over time open source projects develop a trusted reputation as many already have unlike the hooker you reference. Funny how you attempt to cast a stain on open source code by assumed comparison to a hooker. That alone says a lot. Closed source does not equate to "safe", "clean", or "best" practices either as those are all subjective. The difference is that with open source individuals at least have the opportunity to perform their own due diligence of examining what they use in their hardware and developers know that their reputation is on the line when users can review it. When you buy stuff you should be able to examine it for anything unscrupulous which is known as freedom. Therefore, if anything would compare to the dirty hooker it would in fact be big tech monopolizing with closed source as you don't know what your getting. Big tech and government is well proven to be unilaterally untrustworthy! I'd rather trust something I know than something I don't. Big entities that monopolize can't ever be trusted as proven through their manipulation into controlled monopolizations along with their govt collusion = TRASH. Windows and Mac have both had plenty of viruses/breaches plus they have govt back doors. They give ZERO shits about your privacy or anonymity and security is about perception (whose security?) as it's clear when you read the LAs.
While it is useful, you can't leave it and forget since it'll most possibly be a source of "why is x application not working" a lot of times because of its global "Force block incoming connections" rule and it wanting you to use a DNS server and nagging you about it (Had cloudflare and was wondering why almost all sites weren't working, turned out cloudflare was down back then and portmaster was routing my DNS to it, so when things are malfunctioning this the first thing i look at now aside from incoming connections) Also sometimes it classifies things it cannot properly identify as "Network noise", ran into issues with streaming software like Sunshine and had to disable incoming connections ruling for all the "noise connections" to save myself hours of more guesswork Just something to be aware of that's going to make your like much easier when using this
I have a Synology router which has a great way to create filters to block these web sites. It would be really nice to just have a list of the spy web sites to add to these filter without having to introduce yet another app or service. Great video and very much appreciated.
Doesn't it have scripting capabilities? I don't play in the consumer stuff so I don't know... but it seems like you should be able to pull a black list from your source of choice.
@@DavidM2002 That's the core of the magic sauce. Manufactures curate their own "proprietary" black lists. There are quite a few robust list available... lists that assist populating the "proprietary" lists.
I simply use malwarebytes firewall control. It is free and can be set to block everything by default and ask about unlocking. It is hard to tell what you can block (for example gaming services might be necessary for gamepass games) so you need some epxerimentation.
I'm happy to see that a bigger channel promotes the portmaster software, it's an amazing privacy tool that's easy to use! Every windows user should have this on their PC because it's free and opensource and protects your privacy. You can block all major tech companies in the filterlists settings! Simplewall is great but this is more advanced and superior. Great video mr security!
@@BleepBlop-rh9lm Yeah 10 euro a month isn't to cheap. But you have to consider you get a new IP for every program you use, it's the first program that does that (so far i know), tor does it only for the browser and vpns give you only one IP. Speaking of vpn's, mullvad is great and half the price of portmaster. I think both programs are worth paying for.
@@devalue7064 Ofcourse portmaster is great no matter on which OS you use it, i tried it on debian and it didn't work just saying, maybe they'll fix that someday if they haven't already. After all their website advertises the portmaster for debian based system, so it was werid when it didn't work there.
yeah, not much difference in features between free and the $4/month service. To get the good version it's $9.90/month..... and that's the one you should get@@BleepBlop-rh9lm
You just gained A new subscriber . Btw lately i figured out i had a rat and a miner in my laptop because of security tools you mentioned in your videos After disinfection,i made sure that my pc is well secured with the tools you said in your vids❤️👍
Portmaster has been a favorite of mine for a while. The SPN feature (replacing VPNs) is a bit jank and needs work but overall it's a must have. The only complaint i have is the price because it costs way to much to justify for the general public.
I love plug-ins that provide these type of services but always recommend a dedicated hardware firewall which protects the whole network. I use the Firewalla Gold which is extremely easy to set up and manage but of course there are others as well.
Port Master is extremely powerful. It will literally stop apps and services from accessing internet . It was also annoying at first when I couldnt use some application 💀. So you have to make sure you enable or disable blocking on certain apps
You can just use Control-D at Router or device level to do the same thing. and it has similar features + added Proxy for bypassing specific app based IP or the whole device.
Portmaster sounded like a great idea, so I did try it. I found it made my system run a lot slower, and it totally blocked UA-cam, so I couldn't watch this video again. Therefore, I did uninstall it and wondered why you would endorse it.
The spying but also the HORRIBLE new sleep mode forced upon is, and Microsoft not giving a damn, I decided its finally move over to Linux. I'd had enough of their BS , almost burning my laptop because the new sleep mode NEVER works like intended and Microsoft silently removed the option to go back to S3 Sleep mode.
All it takes is a few lines in the Hosts file to route any reporting to MS to your own computer, that is 127 0 0 1 local host. Replace the space with a period. I had to do this to avoid UA-cam deleting the comment.
Somewhat related subject. Setting up Quad 9 DNS. I spent three days trying to get it working on my home network. When I went to verify, Cloudflare was the only result I got. Which is fine... but I set my router for quad 9... then google, then my ISP. Why TF is my router stuck on Cloudflare? Must be a bug. Three routers later same results. Tried three different client machines with different OS's. Same results. Didn't matter what configuration changes I made on the router, or the client interfaces. Fine I'll direct connect the client machines to the ISP. SAME fing' results. Then it dawned on me... Firefox was the common denominator. That little shit sets all DNS to Cloudflare. I'm sure it told me this at some point in my life... Might be a good piece for you to cover. Especially showing your audience how to verify what you set is indeed how it is operating. I deal with route leaks all the time... just didn't expect it at the application layer.
i was totally expecting a closed source proprietary paid software seeing the quality of the UI Pleasant surprise when i saw that it's open source freeminum!
A problem with Firewalls on Windows I've noticed is some AntiVirus softwares enforce their own Firewall (like Bitdefender) and thus bypassing all custom rules we set as Windows Firewall rules..which is slightly annoying
Meanwhile emmess who wants you to pay a hefty amount for their products and then harvest your browsing and usage data to earn more from you. Better to become commodity for free than to be one after paying
Meanwhile emmess who wants you to pay a hefty amount for their products and then harvest your browsing and usage data to earn more from you. Better to become commodity for free than to be one after paying
A Video Idea: how safe is a Sandbox really. testing multiple sandboxes like Virtualbox VM, Windows Sandbox.. e.t.c and showing the worst case scenario if flaws are being used.
Been using Port master with Linux and even it doesnt help as much as it would on Windows, it still helps blocking some ads in my games and complements ublock
I understand that MS are going to be releasing a "lite" version of Windows11 later in 2024 which by default does not include the MS store, or co-pilot any many other bits n pieces. I am looking forward to this as it seems to me the less MS the lower overall vectors for intrusive snooping. In the meantime I will give this project a try. TY for the vid.
I installed this but my web browsing has become unpredictable with some sites not coming up while others are fine. I've had to reboot my system one time because this was clogging something in the OS. Finding fixes is difficult. This app needs a very good in depth tutorial. When I shut it down, everything goes back to normal.
Any chance you've been able to place wireshark on your network -- or is it check hardware firewall logs -- to see if traffic to these nefarious IP truly stops once that application is used? Nice to "trust but verify".
FWs only block the traffic in question, not the process. i assume MS will try to cause such traffic to originate from legitimate processes/executables, so blocking at last-mile-to-ISP (perimeter) would be beneficial for your entire network.
Check the DNS-Settings... it's always a very bad idea to use a DNS which is not set by the VPN provider. AFAIK portmaster does not accept the system dns, you have to set one in the settings (I may be wrong here).
I’m using comodo firewall, do you recommend swapping to this one? Because I like the control of the processes that comodo gives me and port master doesn’t have (or at least you didn’t show us)
Personally wouldn't use this, it's easy for n00bs but ask the question if you rather give data to Microsoft, to portmaster. Just seems like a fancier local pihole. The maps are great, but you can achieve the same thing with a combination of FOSS tools - do that instead. I definitely wouldn't be using their baked-in resolver for all my requests.
I have a question : i have Kaspersky Total Security installed, is this kind of Firewall is compatible with ? ( Because Kaspersky T.S include is own Firewall and maybe it can create conflicts, slow-down or instability ? )
Has someone confirmed that: 1) the source has no precompiled binaries; 2) it compiles without needing to download any precompiled binaries; 3) when executing it literally can't automatically download and then run or link to any precompiled binaries/libraries or scripts?
Hey, can you please make a video on how to use snort or Wireshark and explain how to identify threats, etc??? Thank you for your work, I really appreciate it ❤❤❤.
Hands down the best Firewall w/ nice extra features, even the paid ones like GlassWire are no match. I use Portmaster both as network analysis/privacy tool and as antivirus. I mean good RAT/Malware that's 100% Undetected aka "FUD" will easily sneak through any AV but good luck going through Firewall w/ Block/Prompt default network action. It's defo best at least on OS level. Firewall servers/operating systems that companies use is a different thing.
Better than Comodo firewall, I have my doubts. Does it have a host-based intrusion prevention system that can be configured, can it block scripts from file-less malware, visualizer new unknown applications, protect the registry? I'm sure this Portmaster has its strengths, blocking lots of windows telemetry on default and looks virtually good showing IP locations would be quite helpful
Unfortunately, Portmaster has a devastating effect on browser (I only tried Chrome) performance. Frankly, I had expected the opposite because of fewer ads and other unwanted stuff loading and bandwidth getting freed up by silencing all kinds of telemetry. So yeah, not what I expected.
Well you are using Chrome, what did you expect? LoL Chrome embeds itself like a Trojan into the windows registry. You can't fully remove it unless you manually delete every entry and file left behind. If you care about security you shouldn't be using Chrome.
This might be cool but if I were you I would get a port monitor and you will find Microsoft is still communicating . I know quite abit about Windows firewall Gpedit and the registry and after blocking and removing everything that I felt they were using , it was many many things , I did a port monitor and found it did not work . The communication channels , from my experience , cannot be shut down all the way. Thanks for the share. :O)
Hi there, it was a very useful and informative tutorial video, please upload more about free and open-source Firewall , This topic is very interesting. thnx
i used old version of portmaster and that version did not log your every activity, but in this new version they log everything what software you open and what website visit etc and that seems pretty sus to me even it's open source!
I just love how yall is battling a symptom rather than trying to battle the root cause which are tasks and services. I believe the amount of telemetry can be reduced greatly
@@e1woqf maybe if that OS made it as simple to fix issues as windows then everyone will use it. until then, its normal users are the guys who look like they haven't left the basement in a few months.
Tryed Portmaster, and for few days it worked awesome. But after a week, it blocked all my internet, and couldn't do nothing. Had to de install it. Idea behind this program is great, maybe i did something to make it block whole my net.
I noticed it with KDE Connect. But a lot of other things are also blocked, such as images in some applications. Here you have to configure a lot by hand so that it runs well. With a complex system, this causes a lot of problems. That's why I have Now I just limit myself to seeing where the data traffic is going every now and then. The tool is best suited for that
Hey TPSC, I was wondering is it possible to disable Windows Defender so that we can use PortMaster? If so, can you make a video on how we would do that properly, please? Thanks for everything you upload.
I've disabled it completely on W11 but it's a real trial. On W10 you could use regedit to get rid of it but Microsoft have made it much more difficult in W11, you need to find a good tutorial to follow!! I've also removed Edge and One Drive the same way but m/soft do not make it easy... You also have to watch updates as they tend to try and put everything back.
You have enough material to file a case with the European Commission. If not the GDPR, pretty sure Microsoft broke other pieces of the European legislation.
hey Leo you sound sick. I hope you arent. and if you are i pray for your recovery. Thank you for telling me about portmaster. I will use it because the blocking from the host file method doesnt work anymore 😞 Thank you for this! + 1 like. 😁
@@hyperbladezplayz2004 Have you tried clearing your MS Edge Browser Cache and Clearing all browser data? I just tried the previous video and added the domains to my hosts file, cleared Edge browser data, and when I open a New Tab I see it blank as expected. So perhaps you just need to do that?
Will definitely add Portmaster to the list of software to investigate. Question, does this replace O&O Shutup? Also question about crowdsec, does it replace having AV software like Kaspersky or Sophos? Thanks
@wannebedal-adx458 - still would set all privacy setting in Windows itself (and you still can use O&O Shutup for that)... because that will reduce the load and noise from Windows even trying to collect and send! Also in case Portmaster might theoretically fail... so you still have the first line of preventing the worst! Short answer: Yes, still use it ;)
I rather have a network wide firewall compared to a single pc so everything in my network has the same stuff blocked. I use eblocker to get rid of spam,adware,trackers etc. It also does https. Try that for a video and compare it to adguard home and pihole.
Problem is that after I installed Portmaster, it broke my remote connections to other computers, so had to uninstall it as I could not find what it was blocking...
I far prefer simplewall, port master is very bloated and laggy. I also couldn't play apex legends with it running. SImplewall has its own issue though like no wild cards. So you have to whitelist apps every time they update etc.
Someone should write a software that just send random wierd data to those sites microsoft sends data to.
An interesting idea xD
Actually, that's a great idea
The only thing worse to these malicous spyware companies than not getting your data is getting all of their data junked because they don't know what is and isn't real
That's a very stupid way to get yourself prosecuted under the CFAA. Funny though.
@@ShaferHart Fuck em, worth it. lol. Have a few billion people do it at the same time. lol
There was a chrome extension which was sending random search queries to google.
Windows ignores the hosts file for certain domains related to Windows Update and Windows Defender. It's done in order to prevent malware from abusing the hosts file in order to prevent Windows from being updated.
the malware is preventing other malware from saving you
terrifying.
I use Simplewall to block everything by default and allow connections manually, is a lot of work at the start and not so friendly but still a great tool! Will def give this a try as well
What is simplewall ?!
@@ao4514 free, open source firewall that just blocks everything and when something needs to connect it alerts you. You can then say OK don't ask again, or OK allow for X mins, or just ignore and it will block it that one time, or select to block completely.
@@ao4514 Short answer: Hard firewall that allows you to block any app (or even ports/ips) on your pc, and like I said before, I have it set to block everything and it will prompt me when a program is trying to connect to the internet to ask for permission
it also shows the connections just like the one on this video
NotSoSimplewall
Tinywall works for me. The thing about the advanced firewalls with all the crazy features is they are resource hogs.
My concern is with any 3rd party apps is that they sometimes inadvertently block services that are required by your apps to work properly. And then comes time for long debug processes and it eventually turns out that the 3rd party app you installed was causing the problem all along.
That's another thing I like about Portmaster. It's more transparent and helpful in narrowing down what causes the problem to streamline the debugging and troubleshooting process. Or at least finding out why it's blocking something an app needs on that one machine.
I've been using portmaster for over a year now and would never use any windows computer without it ever again.
It cannot be more easy to have privacy for free.
If a program doesn't work you unblock it, it's that simple. The only exception here are vpn's, you have to unblock multiple exe's for them to work but that's not difficult either, it will all show up in the portmaster.
Any decent software vendor should tell you in their documentation what ports are needed for their app to work.
it made my pc slower, so i uninstalled it...
True. Comdo firewall
Thank you for this. I've been playing the same game for four years. My ping was always at 44ms. With Portmaster my ping dropped from 44 to 40-39ms. That is a nice improvement!
I do most of this via my firewall but going to check this out as it's always nice to have open source apps to recommend to my less tech savvy friends.
pfBlocker FTW
How do you do it yourself via your firewall?
@@sylverpepper Opnsense lets you use blocklists and they include most of these domains. I also blackhole a bunch of stuff via pi hole.
Your channel is great bro. As a former sysadmin, I get so frustrated with people promoting AV crap just for $$$. You are honest, to the point, and give real world quantifiable data. On a side note, you sound a bit like Buildzoid (a guy with a name in the motherboard and gpu hobbyist arena for analyzing board layouts).
Sorry but I would expect you to show what this portmaster is also sending away to their servers while recommending it. I'm guessing you did your due diligence but it's better to show that to users too, because now I feel like I'm just swapping whos spying me rather than stopping it
Portmaster is open source and anyone can inspect the source code here: github.com/safing/portmaster. Due to the nature of how such firewalls work and cause the DNS is encrypted, it isn't easy to "show" what is happening in Wireshark, as it will look like gibberish to the viewer and doing an in-depth investigation of code is not going to be the kind of content that the same viewer complaining about the lack of investigation in this video is going to watch.
@@pcsecuritychannel You could make it at the end of the Video, or a quick overview but its not all about what the average viewer would watch rather than quality of the content for many peoplel, really knowing if the application is secure, and not evolving to another channel just ignoring the probaple downsides (no front here, just many channels are like this already) just objectively reviewing all of it.
@@pcsecuritychannel Fair point on code analysis, I wouldn't expect that anyway. But a short part where you could analyze if portmaster is calling any random URLs or not would be nice, and would certainly show up in wireshark as you know. As you know, just because something is open source doesn't mean that it can be clean or compiled distributed binary is 1-1 identical with what's on github. I'm not saying portmaster is shady, but you know, they can easily add something to github and distribute a different binary that does more or less same with telemetry in it.
@@pcsecuritychannel you don't have to do the in-depth analysis in a video, like you said it will be gibberish for most people - but you could tell us that "I checked and this is not sending a homing signal to its own servers with all this info" etc, OR show a 1 minute highlight of what you found, else why even recommend a tool
I agree with @jackjack3358, why should I bother with another tool that might be doing the same thing as microsoft
@@jackjack3358 The whole idea of an encrypted DNS is you can't see the URLs being visited in Wireshark or a network monitoring tool, that's part of the point of a privacy tool, so there is no way to visually "showcase" what URLs you are visiting once you install the application (unlike the Wireshark logs I showed before).
So far, so good. Thanks. Generally, if it's Open Source, I'm in, almost always more secure due to how it's developed.
Along with the transparency of anyone being able to review the code.
That's like dropping your shorts because a stranger told you they're a hooker then asking the community why it burns while you take a piss. The community will collectively agree that indeed they were a hooker... But based on your results not a clean one, nor were either party using best practices. All of this "open source contribution" occurred after the fact.
Moral of the story. There is no panacea. Anything can be open source, but open source does not equate to safe, clean, or best practices. By the time enough competent eyes review the code the damage is done.
@@ShainAndrews Interesting analogy but in this case you're the doctor with the test results. You can go see for yourself and make your own judgement about the software. Open source doesn't equate to safe, clean, or best practice per se. However, with a little due diligence, you can find out with far more ease and certainty than a proprietary piece of software.
@@ShainAndrews analogy is overkill for a pretty simple idea. open source isn't inherently secure and users shouldn't assume it is. not sure wtf you're on about
@@ShainAndrews It's still better that the code is up for open review by anyone than not? Plus over time open source projects develop a trusted reputation as many already have unlike the hooker you reference. Funny how you attempt to cast a stain on open source code by assumed comparison to a hooker. That alone says a lot.
Closed source does not equate to "safe", "clean", or "best" practices either as those are all subjective. The difference is that with open source individuals at least have the opportunity to perform their own due diligence of examining what they use in their hardware and developers know that their reputation is on the line when users can review it. When you buy stuff you should be able to examine it for anything unscrupulous which is known as freedom. Therefore, if anything would compare to the dirty hooker it would in fact be big tech monopolizing with closed source as you don't know what your getting. Big tech and government is well proven to be unilaterally untrustworthy!
I'd rather trust something I know than something I don't. Big entities that monopolize can't ever be trusted as proven through their manipulation into controlled monopolizations along with their govt collusion = TRASH. Windows and Mac have both had plenty of viruses/breaches plus they have govt back doors. They give ZERO shits about your privacy or anonymity and security is about perception (whose security?) as it's clear when you read the LAs.
While it is useful, you can't leave it and forget since it'll most possibly be a source of "why is x application not working" a lot of times because of its global "Force block incoming connections" rule and it wanting you to use a DNS server and nagging you about it (Had cloudflare and was wondering why almost all sites weren't working, turned out cloudflare was down back then and portmaster was routing my DNS to it, so when things are malfunctioning this the first thing i look at now aside from incoming connections)
Also sometimes it classifies things it cannot properly identify as "Network noise", ran into issues with streaming software like Sunshine and had to disable incoming connections ruling for all the "noise connections" to save myself hours of more guesswork
Just something to be aware of that's going to make your like much easier when using this
Yes, I had had that issue with O&O Shutup.
I have a Synology router which has a great way to create filters to block these web sites. It would be really nice to just have a list of the spy web sites to add to these filter without having to introduce yet another app or service. Great video and very much appreciated.
Doesn't it have scripting capabilities? I don't play in the consumer stuff so I don't know... but it seems like you should be able to pull a black list from your source of choice.
@@ShainAndrews Thanks Shain, I never thought or even knew about that.
@@DavidM2002 That's the core of the magic sauce. Manufactures curate their own "proprietary" black lists. There are quite a few robust list available... lists that assist populating the "proprietary" lists.
I simply use malwarebytes firewall control. It is free and can be set to block everything by default and ask about unlocking. It is hard to tell what you can block (for example gaming services might be necessary for gamepass games) so you need some epxerimentation.
this was posted 30 seconds ago? And i got the recommendation?
Same?
what's the problem?
UA-cam have been testing recommendations by boosting people you do not necessarily watch on your home page.
Ditto
This software is well known by linux users. It is also very handy software.
What a fantastic tool! Thanks for sharing this with us :)
And did you independently verify that no spy traffic was leaving your network? Or...?
I'm happy to see that a bigger channel promotes the portmaster software, it's an amazing privacy tool that's easy to use!
Every windows user should have this on their PC because it's free and opensource and protects your privacy.
You can block all major tech companies in the filterlists settings!
Simplewall is great but this is more advanced and superior.
Great video mr security!
why just windows? i use it on linux too
I wish the pro version was not subscription based. It's too expensive.
@@BleepBlop-rh9lm
Yeah 10 euro a month isn't to cheap. But you have to consider you get a new IP for every program you use, it's the first program that does that (so far i know), tor does it only for the browser and vpns give you only one IP.
Speaking of vpn's, mullvad is great and half the price of portmaster.
I think both programs are worth paying for.
@@devalue7064 Ofcourse portmaster is great no matter on which OS you use it, i tried it on debian and it didn't work just saying, maybe they'll fix that someday if they haven't already.
After all their website advertises the portmaster for debian based system, so it was werid when it didn't work there.
yeah, not much difference in features between free and the $4/month service. To get the good version it's $9.90/month..... and that's the one you should get@@BleepBlop-rh9lm
This should complement Simplewall so well
Not use if it's worth using both? I have simplewall and looked at portmaster about a year ago and ended up just using simplewall
i like free stuff. i dont like microsoft taking my stuff for free
I used simplewall for a while, this might be a nice one to try
Holy shit this is awesome! Open source, great looking, simple with advanced settings! Great share!
You just gained A new subscriber . Btw lately i figured out i had a rat and a miner in my laptop because of security tools you mentioned in your videos
After disinfection,i made sure that my pc is well secured with the tools you said in your vids❤️👍
You made the right choice, this channel is as good as portmaster.
Portmaster has been a favorite of mine for a while. The SPN feature (replacing VPNs) is a bit jank and needs work but overall it's a must have. The only complaint i have is the price because it costs way to much to justify for the general public.
Yeah right. It is an open source software. You have been cheated if you paid for that.
@@CyberPun the price is for the vpn, sherlock
@@Blox117 NordVPN is better. Try that.
I just tried it for one hour, and it made my pc slower, so i uninstalled it !! never more !!
What does SPN stand for?
I love plug-ins that provide these type of services but always recommend a dedicated hardware firewall which protects the whole network. I use the Firewalla Gold which is extremely easy to set up and manage but of course there are others as well.
That was a lot more than just one click
Hi Leo, I am a big fan of your channel. Thank you for all you do!
Been using this since it was in beta, it’s pretty good!!
I really like Portmaster too I just wish it was more compatible with DNSCrypt and other VPNs without needing to do any config changes
Port Master is extremely powerful. It will literally stop apps and services from accessing internet . It was also annoying at first when I couldnt use some application 💀. So you have to make sure you enable or disable blocking on certain apps
You can just use Control-D at Router or device level to do the same thing. and it has similar features + added Proxy for bypassing specific app based IP or the whole device.
ControlD is the best purchase I've made in a while. The ability to use community filters and it being compatible with almost every device is great.
@@Dispatch4131 true that haha
Portmaster sounded like a great idea, so I did try it. I found it made my system run a lot slower, and it totally blocked UA-cam, so I couldn't watch this video again.
Therefore, I did uninstall it and wondered why you would endorse it.
I like it. I would like it even more if this were running in layer 3.
they use a kernel driver on windows
The spying but also the HORRIBLE new sleep mode forced upon is, and Microsoft not giving a damn, I decided its finally move over to Linux. I'd had enough of their BS , almost burning my laptop because the new sleep mode NEVER works like intended and Microsoft silently removed the option to go back to S3 Sleep mode.
what do you mean?
Wow, i thought im the only one having problem keeping my pc in sleep lmao windows became a fucjing cancer
All it takes is a few lines in the Hosts file to route any reporting to MS to your own computer, that is 127 0 0 1 local host. Replace the space with a period.
I had to do this to avoid UA-cam deleting the comment.
Somewhat related subject. Setting up Quad 9 DNS. I spent three days trying to get it working on my home network. When I went to verify, Cloudflare was the only result I got. Which is fine... but I set my router for quad 9... then google, then my ISP. Why TF is my router stuck on Cloudflare? Must be a bug. Three routers later same results. Tried three different client machines with different OS's. Same results. Didn't matter what configuration changes I made on the router, or the client interfaces. Fine I'll direct connect the client machines to the ISP. SAME fing' results. Then it dawned on me... Firefox was the common denominator. That little shit sets all DNS to Cloudflare. I'm sure it told me this at some point in my life... Might be a good piece for you to cover. Especially showing your audience how to verify what you set is indeed how it is operating. I deal with route leaks all the time... just didn't expect it at the application layer.
Hi, thank you for the information. Can you also please do third party software firewall testings/review as well. 😂
i was totally expecting a closed source proprietary paid software seeing the quality of the UI
Pleasant surprise when i saw that it's open source freeminum!
You've sparked my interest!!!
thanks for covering this Application
Thank you man. I hope this blocks Windows updates as well.
Just a warning, no matter what kind of software firewall you use, MS is still communicating. Just put some port monitoring device and you will it.
@Brockxz could you please explain?
@@lukasbruderlin2723 Simple: connect *only* your Windows PC to your router and monitor the egress traffic on your router.
A problem with Firewalls on Windows I've noticed is some AntiVirus softwares enforce their own Firewall (like Bitdefender) and thus bypassing all custom rules we set as Windows Firewall rules..which is slightly annoying
That's not slightly annoying. That's a No Go. Any OS behaving like that cannot have a place on any of my PCs.
There is a reason Bitdefender Antivirus exists. Its basically the same without the firewall.
Would love to see a comparison between Portmaster and Glasswire, both Free and Paid options.
or comodo Firewall
I've had glasswire for a couple years, both free and paid versions, and im here looking for something better if that tells you anything
does this by any chance introduce any latency when playing games? does it reduce internet speeds?
It is not reducing internet speed and "most likely" not add any latency.
Free?, remember that when the product is free then YOU are the product!
Ever heard of Open Source? ;-)
@@igorthelight never in my life, do tell me more 😂😂😂
@@Alex_Martz xD
Meanwhile emmess who wants you to pay a hefty amount for their products and then harvest your browsing and usage data to earn more from you. Better to become commodity for free than to be one after paying
Meanwhile emmess who wants you to pay a hefty amount for their products and then harvest your browsing and usage data to earn more from you. Better to become commodity for free than to be one after paying
i forgot how good portmaster is, thanks for reminding me!
A Video Idea: how safe is a Sandbox really. testing multiple sandboxes like Virtualbox VM, Windows Sandbox.. e.t.c and showing the worst case scenario if flaws are being used.
Simple wall is the best!!!
Tricky to set up but thannit works!
14 minutes with 800 visualisations is insane!
Been using Port master with Linux and even it doesnt help as much as it would on Windows, it still helps blocking some ads in my games and complements ublock
Portmaster indeed is awesome
I understand that MS are going to be releasing a "lite" version of Windows11 later in 2024 which by default does not include the MS store, or co-pilot any many other bits n pieces. I am looking forward to this as it seems to me the less MS the lower overall vectors for intrusive snooping. In the meantime I will give this project a try. TY for the vid.
I installed this but my web browsing has become unpredictable with some sites not coming up while others are fine. I've had to reboot my system one time because this was clogging something in the OS. Finding fixes is difficult. This app needs a very good in depth tutorial. When I shut it down, everything goes back to normal.
Any chance you've been able to place wireshark on your network -- or is it check hardware firewall logs -- to see if traffic to these nefarious IP truly stops once that application is used? Nice to "trust but verify".
there is no "trust but verify" in sponsored content ;) I tried portmaster and it uses more resourses than chrome, too much for a personal firewall
FWs only block the traffic in question, not the process. i assume MS will try to cause such traffic to originate from legitimate processes/executables, so blocking at last-mile-to-ISP (perimeter) would be beneficial for your entire network.
Of course he didn't, otherwise he wouldn't be posting this video making those outlandish claims.
Portmaster does not sit well with VPNs or similar virtual network devices, however
Check the DNS-Settings... it's always a very bad idea to use a DNS which is not set by the VPN provider. AFAIK portmaster does not accept the system dns, you have to set one in the settings (I may be wrong here).
I’m using comodo firewall, do you recommend swapping to this one? Because I like the control of the processes that comodo gives me and port master doesn’t have (or at least you didn’t show us)
Personally wouldn't use this, it's easy for n00bs but ask the question if you rather give data to Microsoft, to portmaster. Just seems like a fancier local pihole. The maps are great, but you can achieve the same thing with a combination of FOSS tools - do that instead. I definitely wouldn't be using their baked-in resolver for all my requests.
You also recommended Comodo Firewall before. How would you compare these two?
This is a good one
Thanks for the video!
I have a question : i have Kaspersky Total Security installed, is this kind of Firewall is compatible with ? ( Because Kaspersky T.S include is own Firewall and maybe it can create conflicts, slow-down or instability ? )
Has someone confirmed that: 1) the source has no precompiled binaries; 2) it compiles without needing to download any precompiled binaries; 3) when executing it literally can't automatically download and then run or link to any precompiled binaries/libraries or scripts?
Marketing IS malicious activity.
I used to use Zone Alarm years ago until it got obsolete!😲😲
You always post most useful advice and recommendations here. Thank you!
I'll have to check it out and thanks for the FYI.
Id try it if it was portable. reseting my computer to use it and then keeping it on is a no no for me.
I'm going to try this.
Hey, can you please make a video on how to use snort or Wireshark and explain how to identify threats, etc??? Thank you for your work, I really appreciate it ❤❤❤.
Hands down the best Firewall w/ nice extra features, even the paid ones like GlassWire are no match. I use Portmaster both as network analysis/privacy tool and as antivirus. I mean good RAT/Malware that's 100% Undetected aka "FUD" will easily sneak through any AV but good luck going through Firewall w/ Block/Prompt default network action.
It's defo best at least on OS level. Firewall servers/operating systems that companies use is a different thing.
Better than Comodo firewall, I have my doubts. Does it have a host-based intrusion prevention system that can be configured, can it block scripts from file-less malware, visualizer new unknown applications, protect the registry? I'm sure this Portmaster has its strengths, blocking lots of windows telemetry on default and looks virtually good showing IP locations would be quite helpful
Thanks, Leo!
Unfortunately, Portmaster has a devastating effect on browser (I only tried Chrome) performance. Frankly, I had expected the opposite because of fewer ads and other unwanted stuff loading and bandwidth getting freed up by silencing all kinds of telemetry. So yeah, not what I expected.
chrome is literally spyware..
Well you are using Chrome, what did you expect? LoL
Chrome embeds itself like a Trojan into the windows registry. You can't fully remove it unless you manually delete every entry and file left behind.
If you care about security you shouldn't be using Chrome.
Try Thorium instead.
This might be cool but if I were you I would get a port monitor and you will find Microsoft is still communicating . I know quite abit about Windows firewall Gpedit and the registry and after blocking and removing everything that I felt they were using , it was many many things , I did a port monitor and found it did not work . The communication channels , from my experience , cannot be shut down all the way. Thanks for the share. :O)
So you're acknowledging that he's wrong but still giving him daps?
@@macethorns1168 LOL Sorta ... :O)
Hi there, it was a very useful and informative tutorial video, please upload more about free and open-source Firewall , This topic is very interesting. thnx
Thank you for what you do. Keep up the good work
Interesting how you didn't block NSFW :P . I use Pi-hole but i'll take a look into this one aswell.
Why should you? ;-)
Hi, when can we get another free av test-comparison? Love your channel
Easier way is to follow the ways of the Stallman 🙏
i used old version of portmaster and that version did not log your every activity, but in this new version they log everything what software you open and what website visit etc and that seems pretty sus to me even it's open source!
Could you elaborate? Where can I read up about this
i love this channel you are very informative
Thanks!
Finally portmaster presented in tpsc 🎉🎉 Maybe the SPN next ?
Simplewall ? No?
I just love how yall is battling a symptom rather than trying to battle the root cause which are tasks and services. I believe the amount of telemetry can be reduced greatly
Indeed, by using another OS! 😃
@@e1woqf maybe if that OS made it as simple to fix issues as windows then everyone will use it. until then, its normal users are the guys who look like they haven't left the basement in a few months.
Reduced, yes, Eliminated, no.
Windows 11 spying, Intel and AMD CPU security holes convince me it's time to buy a Mac and run other OS in VMs
Tryed Portmaster, and for few days it worked awesome. But after a week, it blocked all my internet, and couldn't do nothing. Had to de install it. Idea behind this program is great, maybe i did something to make it block whole my net.
Would you mind making a video on the Internet Security capabilities of Adblockers like Adguard? Where they can help or where they get limited?
Fuck AdGuard. Ublock Origin is the way.
Comodo used to be awesome, but it changed a few years back.
Can you test Kaspersky, Bitdefender, and Norton together in a new video? They've all gotten better since your last one.
Look no further and use Kaspersky.
@@repairman2be250 Haha thats what I am using for over a year, just wanna see kaspersky beat them.
Welp, it completely breaks my ethernet adapter and I have no outbound connection to anywhere. Can't ping google or anything 😂😂
I noticed it with KDE Connect. But a lot of other things are also blocked, such as images in some applications. Here you have to configure a lot by hand so that it runs well. With a complex system, this causes a lot of problems. That's why I have Now I just limit myself to seeing where the data traffic is going every now and then. The tool is best suited for that
I'm wondering if there will be any video about recent malware called Pikabot, I'm curious about how it hides and spreads.
Hey TPSC, I was wondering is it possible to disable Windows Defender so that we can use PortMaster? If so, can you make a video on how we would do that properly, please? Thanks for everything you upload.
I've disabled it completely on W11 but it's a real trial. On W10 you could use regedit to get rid of it but Microsoft have made it much more difficult in W11, you need to find a good tutorial to follow!! I've also removed Edge and One Drive the same way but m/soft do not make it easy... You also have to watch updates as they tend to try and put everything back.
You have enough material to file a case with the European Commission. If not the GDPR, pretty sure Microsoft broke other pieces of the European legislation.
hey Leo you sound sick. I hope you arent. and if you are i pray for your recovery. Thank you for telling me about portmaster. I will use it because the blocking from the host file method doesnt work anymore 😞 Thank you for this! + 1 like. 😁
Blocking from the Hosts file doesn't work anymore?
@@HoldenRiot i tried doing it however it blocks the website itself but all the ads and things still popup for me.
@@hyperbladezplayz2004 Have you tried clearing your MS Edge Browser Cache and Clearing all browser data? I just tried the previous video and added the domains to my hosts file, cleared Edge browser data, and when I open a New Tab I see it blank as expected. So perhaps you just need to do that?
@@HoldenRiotwill try to do that Lets see =) if it works il drop a subscribe.
Will definitely add Portmaster to the list of software to investigate. Question, does this replace O&O Shutup?
Also question about crowdsec, does it replace having AV software like Kaspersky or Sophos? Thanks
@wannebedal-adx458 - still would set all privacy setting in Windows itself (and you still can use O&O Shutup for that)... because that will reduce the load and noise from Windows even trying to collect and send!
Also in case Portmaster might theoretically fail... so you still have the first line of preventing the worst!
Short answer: Yes, still use it ;)
I rather have a network wide firewall compared to a single pc so everything in my network has the same stuff blocked. I use eblocker to get rid of spam,adware,trackers etc. It also does https. Try that for a video and compare it to adguard home and pihole.
Problem is that after I installed Portmaster, it broke my remote connections to other computers, so had to uninstall it as I could not find what it was blocking...
These spying are in windows 10 as well.
I use AdGuard DNS for the same thing:)
We all noticed you left NSFW "stuff" unblocked, Leo.
That's a right thing to do for a single man ;-)
I far prefer simplewall, port master is very bloated and laggy. I also couldn't play apex legends with it running.
SImplewall has its own issue though like no wild cards. So you have to whitelist apps every time they update etc.
It would be more helpful if you post link for the tool in the description.
@yb5336 If one can't Google, they should donate their computer to someone that can use it.
@@RechargeableLithium why would one use spyware?