Scenario. A popular Antivirus program installs a transparent HTTP proxy that is used by browsers and any other application making connections via HTTP. Communication between processes is via localhost: process - 127.0.0.1:any ---> Proxy - 127.0.0.1:12080 The problem is, this proxy opens a hole that allows any application using HTTP, to make outbound connections, even when the application has been explicitly denied. I have the firewall set to 'Outbound connections that do not match a rule are blocked' but with this proxy, applications don't even need a rule, they just connect. How can I better control these connections? Thanks.

So, is there anyway to control/block localhost connections on a per process basis?

That would appear to be a sever limitation and in this case a bit of a security hole.

why do you think the communication between two process on the same host not blocked by firewall is a security hole?-CrDev Blogs: http://blogs.msdn.com/b/satyem

why do you think the communication between two process on the same host not blocked by firewall is a security hole? -CrDev Blogs: http://blogs.msdn.com/b/satyem In this case, any application can make outbound connections over HTTP, even when they are explicitly blocked or even when they have no rule at all. If I'm unable to control which applications are allow to make connections, there's not much point to the firewall.