Microsoft Windows Vista Community Forums - Vistaheads
Recommended Download



Welcome to the Microsoft Windows Vista Community Forums - Vistaheads, YOUR Largest Resource for Windows Vista related information.

You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so , join our community today!

If you have any problems with the registration process or your account login, please contact us.

Driver Scanner

Windows Firewalls - blocking outbound traffic - best set-up?

microsoft.public.windows.vista.performance maintenance






Speedup My PC
Reply
  #1 (permalink)  
Old 11-03-2007
Steve Campbell
 

Posts: n/a
Windows Firewalls - blocking outbound traffic - best set-up?
I used to own ZoneAlarm Pro but when I bought a new Vista based machine in
March I had to use Windows Firewall and have been very happy with it
except....

I'm not sure what it's vetting on outbound traffic. All the rules (private,
public, domain) are set to 'allow (default)' and I never get asked for
permission for traffic in the way I was used to with ZAP. I tried turning
all 3 to block but then lost internet connectivity until I reversed the
settings.

Can anybody explain what a secure set-up should be and am I on the right
track?

ZAP is STILL not ready for Vista, in what seems like a marketing scam by
Checkpoint (trying to force you to upgrade to their full Suite). Also, ZA
Free seems to slow the traffic down to a crawl and mess Vista up when trying
to uninstall it....

Thanks.
Steve

System Specs:

Vista Ultimate 32 bit
Asus P5B Deluxe motherboard
Core 2 Duo 6700 clocked @ 3GHz
4 GB Corsair 8500 Dominator RAM clocked @ 900MHz
Gigabyte 8800GTS 640MB
Western Digital 150GB Raptor SATA
Western Digital 500GB Caviar SATA2
Creative XFi Xtreme Music
Samsung SH-W183 DVD-RW SATA
Enermax 850W Galaxy PSU
Akasa Mirage 62 case
plus e-SATA Western Digital 500GB Caviar SATA2

Reply With Quote
Sponsored Links
  #2 (permalink)  
Old 11-04-2007
Paul Smith
 

Posts: n/a
Re: Windows Firewalls - blocking outbound traffic - best set-up?
"Steve Campbell" <SteveCampbell@discussions.microsoft.com> wrote in message
news:63C2ACC7-757C-450D-B441-78F3F17F5AE9@microsoft.com...
>I used to own ZoneAlarm Pro but when I bought a new Vista based machine in
> March I had to use Windows Firewall and have been very happy with it
> except....
>
> I'm not sure what it's vetting on outbound traffic. All the rules
> (private,
> public, domain) are set to 'allow (default)' and I never get asked for
> permission for traffic in the way I was used to with ZAP. I tried turning
> all 3 to block but then lost internet connectivity until I reversed the
> settings.
>
> Can anybody explain what a secure set-up should be and am I on the right
> track?


Blocking outbound traffic isn't going to improve the security situation
unless you have a very specific use in mind. If your machine is already
compromised it can probably get around any outgoing filtering anyway.

--
Paul Smith,
Yeovil, UK.
Microsoft MVP Windows Shell/User.
http://www.dasmirnov.net/blog/
http://www.windowsresource.net/

*Remove nospam. to reply by e-mail*


Reply With Quote
  #3 (permalink)  
Old 11-04-2007
Steve Campbell
 

Posts: n/a
Re: Windows Firewalls - blocking outbound traffic - best set-up?
Ah.... I thought that the problem with the XP firewall was that it was one
way only. Am I confusing 2 separate things?

Thanks for getting back.

Steve

"Paul Smith" wrote:

> "Steve Campbell" <SteveCampbell@discussions.microsoft.com> wrote in message
> news:63C2ACC7-757C-450D-B441-78F3F17F5AE9@microsoft.com...
> >I used to own ZoneAlarm Pro but when I bought a new Vista based machine in
> > March I had to use Windows Firewall and have been very happy with it
> > except....
> >
> > I'm not sure what it's vetting on outbound traffic. All the rules
> > (private,
> > public, domain) are set to 'allow (default)' and I never get asked for
> > permission for traffic in the way I was used to with ZAP. I tried turning
> > all 3 to block but then lost internet connectivity until I reversed the
> > settings.
> >
> > Can anybody explain what a secure set-up should be and am I on the right
> > track?

>
> Blocking outbound traffic isn't going to improve the security situation
> unless you have a very specific use in mind. If your machine is already
> compromised it can probably get around any outgoing filtering anyway.
>
> --
> Paul Smith,
> Yeovil, UK.
> Microsoft MVP Windows Shell/User.
> http://www.dasmirnov.net/blog/
> http://www.windowsresource.net/
>
> *Remove nospam. to reply by e-mail*
>
>

Reply With Quote
  #4 (permalink)  
Old 11-04-2007
Paul Smith
 

Posts: n/a
Re: Windows Firewalls - blocking outbound traffic - best set-up?
"Steve Campbell" <SteveCampbell@discussions.microsoft.com> wrote in message
news:F15AC033-C9AA-41A2-A74B-EB5BE1656D7E@microsoft.com...
> Ah.... I thought that the problem with the XP firewall was that it was one
> way only. Am I confusing 2 separate things?


Sure its one way, setup as an inbound firewall by default, in that an
application internal to your machine can talk to an outside server freely.

Outbound firewalls are designed to help prevent a compromised machine from
talking to an external server, but if the machine is already compromised it
can probably turn the firewall off, or hide in another application and talk
to the external server anyway.

--
Paul Smith,
Yeovil, UK.
Microsoft MVP Windows Shell/User.
http://www.dasmirnov.net/blog/
http://www.windowsresource.net/

*Remove nospam. to reply by e-mail*


Reply With Quote
  #5 (permalink)  
Old 11-06-2007
Steve Campbell
 

Posts: n/a
Re: Windows Firewalls - blocking outbound traffic - best set-up?
Thanks Paul. All the advice I've seen so far has always been to secure
outgoing connections as well, though I take your point. I suppose I'm
looking for an albeit 'lockdown' period whilst I find and eliminate any
security breach.

Steve

"Paul Smith" wrote:

> "Steve Campbell" <SteveCampbell@discussions.microsoft.com> wrote in message
> news:F15AC033-C9AA-41A2-A74B-EB5BE1656D7E@microsoft.com...
> > Ah.... I thought that the problem with the XP firewall was that it was one
> > way only. Am I confusing 2 separate things?

>
> Sure its one way, setup as an inbound firewall by default, in that an
> application internal to your machine can talk to an outside server freely.
>
> Outbound firewalls are designed to help prevent a compromised machine from
> talking to an external server, but if the machine is already compromised it
> can probably turn the firewall off, or hide in another application and talk
> to the external server anyway.
>
> --
> Paul Smith,
> Yeovil, UK.
> Microsoft MVP Windows Shell/User.
> http://www.dasmirnov.net/blog/
> http://www.windowsresource.net/
>
> *Remove nospam. to reply by e-mail*
>
>

Reply With Quote
Reply


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Blocking troublesome traffic from Second Life Steve Security News 0 08-07-2007 09:40
Blocking troublesome traffic from Second Life Steve Security News 0 08-07-2007 02:32
Help, Vista's firewall started to work with outbound traffic, and I don't know how to stop it!!!!! Juan I. Cahis microsoft.public.windows.vista.general 10 07-16-2007 05:18
Firewall blocks outbound traffic even if outbound rule exists =?Utf-8?B?Q3VydA==?= microsoft.public.windows.vista.security 21 03-22-2007 19:08
Vista firewall not blocking outbound traffic despite explicit rules to do so Roof Fiddler microsoft.public.windows.vista.security 11 02-12-2007 21:08




All times are GMT +1. The time now is 19:32.




Driver Scanner - Free Scan Now

Vistaheads.com is part of the Heads Network. See also XPHeads.com , Win7Heads.com and Win8Heads.com.


Design by Vjacheslav Trushkin for phpBBStyles.com.
Powered by vBulletin® Version 3.6.7
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Search Engine Optimization by vBSEO 3.6.0 RC 2

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120