Looking for a Windows 7/8/10 software that has the possibility to record established and attempts to establish connections with IP adresses, drop connections and restrict a certain program or the entire OS to connect to specific IP adresses in real-time. In other words, a program that blacklists and/or whitelists DNS or IP's much like the "hosts" file but in real-time.
Can you explain more about "real-time"? Not sure what you are looking for or expecting.
Most such software can react and log events "real time". And respond accordingly.
Do you mean some sort of program that continually displays such events on a separate monitor perhaps? As the events occur, are noted, logged, and reacted to?
You would need some sort of logic guidelines that tell the program "blacklist this" or "whitelist that" via IPs and/or URLs.
What criteria do you plan to use for the decision making?
A sort of program that would notify me about incoming and outgoing connections and at the same time try to immediately interrupt and block the connection if I wish, without the need to reboot or restart the program that commited the connections in order for changes to be applied - that would make real-time in my opinion.
So a program is running on some computer, connects to the internet, goes to some IP/URL address, makes a connection, and somewhere along the way notifies you that it is doing so.
Then you click a button or push a keyboard key to interrupt and block the connection. Basically telling the program to "stop that", "do not do so again", and "do something else".....
The trouble I am having is that if the program has gone out and made a connection it may already be too late if the target site is malicious.
Your desired program would have to be in an overall watch position and basically be continually telling your things such as Application X is trying to connect to website/IP address Y. Then offer some "Do you agree and if so the connection will be allowed/whitelisted" message. And if you decline, the over watch will block the connection and blacklist the website/IP. Maybe until told otherwise at some future time.
Not aware of any specific program but if I have correctly stated the requirements someone else may be able to suggest a candidate program or two to serve as the "overwatch".
Glasswire at least displays all inbound/outbound connections in an 'easy to read' fashion, and, allows you to block it with a single click .... (until the trial ends, but, still useful for displaying of data even afterwards)