Jump to content
Not connected, Your IP: 3.237.71.23
Sign in to follow this  
Weasel

Steam bypasses network lock

Recommended Posts

Had AIRVPN running yesterday with network lock enabled, the only thing allowed through being VPN.  Started Steam in offline mode and got the message "Allow Steam through firewall" which I denied.  I then checked my firewall and sure enough eventhough Steam was denied and network lock was enabled Steam still had access to the internet.  This makes me worried, what else is doing as it pleases since the AIRVPN network lock does not seem to work 100%.

 

In this picture you can see Steam has access eventhough the lock is activated and access was denied.

 

 

Share this post


Link to post

First, it might be that you allowed it before and it was just a residue of your previous configuration.

Second, Network Lock is designed to do exactly as the name suggests, block Network Access to userspace

apps that are bound to the Windows Firewall rules.

If you run another program as a super-user (Administrator), which bypasses the Windows Firewall rules

and acting as and can generally be classified as malware - Network Lock cannot be effective in this case.

That "allow" screen is just a courtesy - if a program is granted Administrator permissions or if you allowed it's

elevation with UAC - it can add those "allow" rules with dozens of documented and less-documented techniques.

Network Lock is not a solution against malicious apps that subvert or disable the Windows Firewall.


Occasional moderator, sometimes BOFH. Opinions are my own, except when my wife disagrees.

Share this post


Link to post

Thanks for the quick response.  So to reply: Steam has never been given permission before so that is not the cause.  Also Steam is not malware it is a host server for software as you most likely know.  However, as  you say maybe it is grabbing my admin and bypassing it, I will check the firewall rules and make sure it doesn't run as admin.  This is the only program that I know of that has done this, Utorrent asks but I refuse it; it shows in the firewall but without permission to access the net.

 

***Ok, so I checked and Steam is not set to run as admin, therefore it is a normal program.  I went into the firewall rules for the program and set it to only be allowed to connect through my normal IP address range.  I then enabled the lock and started Steam and once again it had full access.  So how, in laymen terms, do I stop it from making it's own rules for accessing through the VPN?***

Share this post


Link to post

The only way for it to be persistent is either when it was already installed as Admin and has an elevated process

in the system already, or when it has a driver on your system that is in charge of low-level permission handling.

 

Any search for "Steam+Windows+Firewall" lead to frustrated users with a similar issue to yours,

http://steamcommunity.com/discussions/forum/1/616187839424967229/

http://forums.anandtech.com/showthread.php?t=2396021

 

The choice of keeping persistent malware on your system is totally yours.

Other programs, however, will still be required to be bound to the Windows permission set, unless you choose

to install them as Administrator or elevate their privileges for any reason.

Once you do, that program will be able to modify your system as it wishes, and the ability of Network Lock

to help you will be very limited if that program decides to tamper with the Windows Firewall.

Such system should be treated as compromised/infected, and unfortunately cannot be covered by the VPN client.


Occasional moderator, sometimes BOFH. Opinions are my own, except when my wife disagrees.

Share this post


Link to post

Btw I'd like to empathize something, although the steam client is allowed in the firewall it's only in inbound rules with no IPs specifically specified the outbound rules which is what you are sending still only has the network lock IPs which means that the steam client can get through to you in the firewall but it can't receive traffic from you which generally means your IP wouldn't leak to Steam.

Share this post


Link to post

Thanks for the responses.  I see why you call it malware, and I agree now.  I went into advanced firewall settings, limited steam to only being allowed to connect when I am connected to private network (my normal non-vpn), then enabled vpn lock and it still connected, the bugger.  Unfortunetly if I get rid of steam I get rid of the games I bought that only run via steam.  I will keep looking, but thanks once again.

 

However: I went into advanced firewall, set Utorrent to only be allowed to connect via public network (vpn) and sure enough if I disconnect from vpn my connection to utorrent drops, which is what I want.  At least that works.

 

****just FYI, I am going to try Comodo firewall****

Share this post


Link to post

I think what you need to do is "block all" on public, "allow all" only on work =VPN" connections (https://support.purevpn.com/windows7-firewall)... It may also be that steam runs as a service, in that case it probably has elevated rights and executes them. GPO policies may have also been changed or addded during install. Delete all steam related fw rules (or disable them) and see how it works or not.... Investigate further. Use Wireshark, if indeed data leaves your network card in your current setup.

 

I know many things to do - sorry, i dont use steam - hence i can only give suggestions, what seems to be common Windows problem (tightening traffic).

Share this post


Link to post

Hello !

​I don't know if it would help, but have you considered re-installing Steam? Maybe then you can see if it's possible to start fresh, settings wise.

​Games can be backed up easily, once you find their respective save locations.


Moderators do not speak on behalf of AirVPN. Only the Official Staff account does. Please also do not run Tor Exit Servers behind AirVPN, thank you.
Did you make a guide or how-to for something? Then contact me to get it listed in my new user guide's Guides Section, so that the community can find it more easily.

Share this post


Link to post

Interesting thing about this program (Steam).  Sure enough this program wants to run with FULL CONTROL which really sucks so I dug into the registry and took away full control from Steam and gave it only to myself as admin, the result?, Steam would no longer work and threw an error "Steam needs FULL CONTROL".  Total BS and true Malware, I am just sorry that my three games will only run with Steam connected and I can't run them from the HD.

 

Hopefully it is as previously stated, although I am connected they don't know my real IP but I can't understand that as I am connected so they would have my user, no?

 

 

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image
Sign in to follow this  

×
×
  • Create New...