Allowing new connections for trusted apps, while in banking protection mode
While in banking protection mode, the UPS monitoring (client) app's connection to the UPS server is interrupted or not established anymore.
UPS client and server are in the same network 192.168.2.0/24 using TCP port 3493. The connection is re-established periodically.
As a workaround, I could turn off "Disconnect untrusted apps". But this is neither in my mind nor in the inventor's mind.
- Is there a whitelist of "trusted apps" ?
- Or is there a whitelist of "trusted IP addresses" or "trusted IP networks"?
- Or would it be possible to allow new connections e.g. inside the own (private) network.
Any suggestion is appreciated.
I am also only an F-Secure user. Sorry for my reply.
Is there a whitelist of "trusted apps" ?
I don't think so. At least, not in the UI.
However, just as a very random thing - could you try to add this UPS monitoring app (.exe file) to general Exclusion list of "App and file control" (feature described there: Exclude files or folders from scanning | Internet Security (2022) | Latest | F-Secure User Guides).
It can be useless to recommend, but since I do not have any 'examples' in my steps to check it - I tried with a very random app and the result was a bit of obscure. So, maybe in your situation - 'already open connection' by UPS monitoring app will not be closed if .exe is added to 'exclusions'.
Or is there a whitelist of "trusted IP addresses" or "trusted IP networks"?
Again, not any specific places for "Banking Protection"-related.
However, there is "Websites exceptions" (described, as example, there: Allowing blocked websites | Internet Security (2022) | Latest | F-Secure User Guides) - where you can use URLs and IPs too.
Or would it be possible to allow new connections e.g. inside the own (private) network.
I am not sure, but I think that mentioned "Disconnect untrusted apps" is only about already open connections. It can be possible to create a new one. However, as such - a certain destination (remote address / URL / IP or something) can be blocked, perhaps, as intended by functionality for browsing.
Any suggestion is appreciated.
Related subject was discussed once (at least): Mailwasher — F-Secure Community
I recommended to contact F-Secure Labs via F-Secure SAS page: Submit a sample | F-Secure
So, maybe they will be able to manage apply this UPS monitoring app as a trusted for Banking Protection feature. If not, maybe they will suggest something better.
Additionally, I feel that maybe F-Secure team will respond there. If so, sorry for my thoughts and my English!
Thank you Ukko.
Your comments regarding the whitelist of trusted apps helped me to solve the issue easily as follows:
I have now put the UPS monitoring app (.exe) on the "Excluded" list at "Viruses & Threats" -> "App and file control".
In my case, fortunately, the result is clearly reproducible:
The UPS monitoring app continues to run in banking protection mode.2 2Like
Very good to hear it!
The UPS monitoring app continues to run in banking protection mode.
Just to mention: as a side-effect - the app will be excluded from any other checks too (like Real-time scanning and DeepGuard, something else). With an exception of manual direct scanning (context-menu scan).
If this UPS monitoring app is alright and trusted - then situation is perfectly fine, I think.
Thanks for your feedback!1 1Like