locked
windows 7 firewall outgoing connections RRS feed

  • General discussion

  • Hi
    I have seen a few posts about the outgoing connections on windows firewall.
    The default settings are as follows
    Incoming traffic ALL items that do not have a rule set will be BLOCKED
    Outgoing traffic ALL items that do not have a rule set will be ALLOWED
    This means that if for say a program called keylog.exe (totally ficticious) wants to send data out then it will be allowed.
    There is clearly a need to configure the firewall for the security needs of the individual computer concerned.
    If you wish to change the default then access windows firewall from the control panel or the mmc console and click on the advanced settings.
    You need to have administrative privilages.
    You will now be presented with a screen showing the settings for domain, private and public profiles.
    At the bottom of this screen is a link for Windows firewall properties.
    Click on this and you will be able to use the drop down boxes to change the default settings of each profile.
    For instance you can change the private profile to block ALL OUTGOING taffic appart from the traffic with rules.
    If you do this you will have a better chance of preventing rogue outgoing traffic.
    There is a penalty to pay for this of course, that is you will have to create a rule for all the programs you need to have access such as Internet explorer, Adobe reader, Quicktime and your mail program. Unfortunately as mentioned previously there will not be a popup saying a program would like to have access to the internet, the access will just fail. In this case you will need to create a rule using the wizard in the firewall settings.
    This is not difficult and at least you will know that only the programs you wish to allow will be able to access the network. 
    I hope that Microsoft will change the default in future and provide a popup like that in onecare but obviously that will not be done for the release of Windows 7.
    I personally would like to put the extra effort in myself to make the computer completely secure and configure the firewall to only allow connections from those apps I choose.
    All the best
    Mlac
    Sunday, August 30, 2009 2:33 PM

All replies

  • Hi
    further to the above you must remember to set up a rule for windows update and your antivirus service.
    To do this when you click new rule choose the custom route.
    Then click on next. At the next screen at the side of were it says services click on customise.
    You will now be able to choose apply to this service and be presented with a list of installed services.
    Choose the one you want to allow such as windows update or windows time or your antivirus service and click ok.
    You now keep clicking next until you get to a screen were you can click allow the connection.
    Then choose the domain and click next and give the connection a name.
    click finish and the service you chose will be allowed.
    Of course if you are using sidebar gadgets that connect you would chose the allow a program route at the first screen and click on browse were
    you would browse to your chosen exe such as sidebar.exe and click allow then follw the screens through and pick the domain.
    malc 
    Sunday, August 30, 2009 4:30 PM