Jump to content

Vista Firewalls?

vegettoxp

By vegettoxp
in Windows Vista

 Share

Recommended Posts


rewtgh

rewtgh

Posted
Posted

I'm using Avast! Antivirus, because it has a built-in firewall, and because it's free!

Whether it's fully compatible with Windows Vista, I don't know. But i'm running it on bèta 2 and haven't encountered any problems whatsoever. It works just fine.

But who am I to say that? :thumbup:thumbup:thumbup:thumbup

Link to comment
Share on other sites
nitroshift

nitroshift

Posted
Posted

using bitdefender 9 professional plus that has an integrated firewall. works great. however, the bitdefender 9 internet security won't run and give errors as it installs some drivers not supported in vista.

Link to comment
Share on other sites
Mr Snrub

Mr Snrub

Posted
Posted (edited)
I'm using Avast! Antivirus, because it has a built-in firewall, and because it's free!
Well, it has a "network shield" which can be considered a basic IDS system, not a personal firewall with control over which program uses which protocols to which destinations, or which can run as servers.

Actually, Vista has a built-in 2-way firewall - launch mmc.exe and look for the "Windows Firewall with Advanced Security" snap-in.

As with XP's firewall, it is blocking inbound traffic by default, with a simple list of exceptions such as remote assistance, MSN Messenger, etc.

The outbound protection is by default turned off - in that it defaults to "allow all".

You can either select to change the default to "block" and then set up exceptions for eveyr program or port that you want, or add specific block rules if there are programs or specific protocols you don't want to permit.

When deploying XP SP2 desktops in a corporate environment you can specify different rulesets based on whether the client is connected to the domain (trusted network) or elsewhere (untrusted).

Now, with Vista, you have 3 options - domain, private and public.

So you can create a ruleset for your company LAN, one for home LANs or other "semi trusted" networks, and one for untrusted LANs such as wireless hotspots where you may want to block all but VPN to the office.

For home users it may be simpler to get a 3rd party firewall when there are Vista-friendly ones, but for companies the built-in one is much more feature-rich for "real" firewalling, including application-layer (not "personal information vaults" and such).

The home user might find it too much administration to manage the Vista firewall for outbound, with a "default block" policy as there aren't any visible indicators when something is prevented from communicating, and logging is not enabled by default either.

Edited by Mr Snrub
Link to comment
Share on other sites
  • 2 months later...
JohnnyFu

JohnnyFu

Posted
Posted

Hi,

I played a little bit with that outgoing thing. I set outgoing to "Block" at the public profile, worked so far, IE 7 was no longer able to connect on internet sites. Now I created a rule for IE7.

After that IE7 could connect to internet sites again. But with incredible slow loading times. So i had to set back everything by default.

Either i did something wrong or there is something wrong with that outgoing thing :)

Link to comment
Share on other sites
  • 3 weeks later...
Spooky

Spooky

Posted
Posted (edited)

The Vista firewall in 5728 is great. BTW, having been involved in many different firewall betas from many of the well known companies over the years, I can say that, for an out of the box first time effort, the Vista firewall is going to beat them all. There is not one other software firewall on the market that completly protects during boot, the Vista firewall turns your machine into a black hole while its booting, with complete stealth when you arrive at the desktop as-is. There won't be any need to add a third party software firewall. I think MS did a good job with their first integrated firewall. Of course this is all just my opinion. Just make sure you use the Advanced Firewall interface instead of the normal firewall interface when configuring as it gives you access to both in-bound and out-bound and all the configuration options. To find the advanced firewall interface simply (in the Ultimate version - don't know about the others right now as i'm using Ultimate but I think it will show up also by doing this) do a search at the start menu for 'Firewall' then when it comes up right click on it and choose to 'pin' it to the start menu or you can create a shortcut to it on the desktop.

Edited by Spooky
Link to comment
Share on other sites
  • 2 months later...
LeveL

LeveL

Posted
Posted (edited)

The fact of the matter is - some people don't trust Microsoft and it is probably Microsofts EXE's that

they want to block. I lost count of how many times on XP I have seen "NSOSKRNL.EXE is trying to

broadcast to xxx.xxx.xxx.xxx" Is the Vista Firewall going to block Microsoft EXE's? I doubt it, like

it says in this topic, the Vista firewall does not tell you when something is blocked and does not have

logging enabled.

No one answered this guy.

Just says "use a hardware firewall"

So lets get this straight then - NO third party software firewall will work on Vista?

Someone's REALLY going to have to convince me this OS is worth using im afraid.

Before anyone says "why would you block Microsoft EXE's" don't say it, all I will

say back is "why don't you want to block MS EXE's". LOL - because things like

NTOSKRNL in XP are not meant to access the network, knowing Vista it will

probably just have the entire contents of system32 on some sort of "safe list"

so then some spyware/worm/trojan/virus can USE the Microsoft EXE's and the

built in firewall will just allow it.

I changed my mind, you're not gonna be able to convince me to use Vista

I don't think, not when no third party software firewall can possibly be installed,

thats just 100% lame.

You can say the built in firewall is great all day long, still doesn't change the fact

that hoards of people simply will not put up with it.

Edited by LeveL
Link to comment
Share on other sites
Mr Snrub

Mr Snrub

Posted
Posted
So lets get this straight then - NO third party software firewall will work on Vista?

Someone's REALLY going to have to convince me this OS is worth using im afraid.

...

I changed my mind, you're not gonna be able to convince me to use Vista

I don't think, not when no third party software firewall can possibly be installed,

thats just 100% lame.

PC-Cillin is in beta: https://www.trendbeta.com/index.php?get=286

It's the fault of the 3rd parties that they haven't written software for Vista, isn't it?

I guess once Vista starts to get a significant uptake then the vendors such as ZoneLabs, Sunbelt, Norton, etc. will then look at writing for it - heck they may even start to write 64-bit versions finally!

Link to comment
Share on other sites
Spooky

Spooky

Posted
Posted

Your correct some people don't trust Microsoft, but the same people will eat in restruants which are the most dirty place in the world to eat and not give it a second thought. Big deal if it communicates with the net, thats what web focused OS's are supposed to do, every one of them does.

The Vista firewall does tell you when something is asking for access and leaves the choice up to the user to allow it or not.

The Vista firewall does have logging, you just have to click the box to turn it on.

Right now, aside from a hardware firewall, the Vista firewall is just about it.

If you use the advanced firewall (in the start menu enter 'Firewall' in the search field) you have have access to complete control for the firewall.

The fact of the matter is - some people don't trust Microsoft and it is probably Microsofts EXE's that

they want to block.

Link to comment
Share on other sites
  • 2 weeks later...
usasma

usasma

Posted
Posted

Comodo's latest beta build works in Vista - with a couple of bugs:

1) It disables my AVG email scanner (fix is posted on both AVG and Comodo site)

2) Network monitoring is labelled as being off, but it accepts input from the dialog boxes.

Link to comment
Share on other sites
jaws75

jaws75

Posted
Posted (edited)

Don't use windows firewall with advanced security from the start menu. Access it from Local security policy. If you use it from the start menu it can be overridden by windows or anything with administrator access (maybe even a trojan). Using it through local security policy you have full control as long as you set it to disallow "rule merging". All rules set through the start way are ignored.

I deny all and then only allow a few things access. Works great!

nothing like windows time or even core components get through.

for outbound I have the following set to allow...

Firefox

Windows time

utorrent

core networking DNS (required for internet)

for incoming I have utorrent set and that's it. (by default all incoming is blocked unless a rule is set)

set it right and you'll prefer it. set it wrong and you'll complain that it sucks.

JohnnyFu mentioned IE being slow. It could be the anti-phishing filter needing access. (just a thought) I use Firefox exclusively. The firewall will not alter the speed of the port (80) another component of IE must need access. (this actually means the firewall is working properly and blocking stuff)

good luck.

:added:

I can't get the logging to work. does it work for anyone? how did you enable it? I turn the logging on but it won't log.

Edited by jaws75
Link to comment
Share on other sites
  • 2 weeks later...
Spooky

Spooky

Posted
Posted (edited)

Setting it from the Local Security Policy doesn't do what you think it does. The local Security Policy only uses the already present menu item to accomplish its settings. Using it from the start menu or Local Security Policy doesn't do anything to prevent something with administrator privilages from over-riding a rule. The reason that Local Security Policy seems to have the effect your seeing is because the Vista default is to check Local Security Policies first before anything else and apply those policies before anything else, so setting a rule to block or allow something in the Local Security Policy will be used before the existing firewall rule. The Vista firewall is different then other firewalls, the rules are not tested one at a time, they are all tested together at the same time including the Local Security Policy (checked first).

You enable logging by opening up the advanced firewall GUI, highlight 'Windows Firewall with Advanced Security' at the top of the firewall GUI, then click 'Action' then 'Properties' then choose your connection profile tab, then click on the 'Customize' button in the 'Logging' area on your connection profile tab.

Don't use windows firewall with advanced security from the start menu. Access it from Local security policy. If you use it from the start menu it can be overridden by windows or anything with administrator access (maybe even a trojan). Using it through local security policy you have full control as long as you set it to disallow "rule merging". All rules set through the start way are ignored.

I deny all and then only allow a few things access. Works great!

nothing like windows time or even core components get through.

for outbound I have the following set to allow...

Firefox

Windows time

utorrent

core networking DNS (required for internet)

for incoming I have utorrent set and that's it. (by default all incoming is blocked unless a rule is set)

set it right and you'll prefer it. set it wrong and you'll complain that it sucks.

JohnnyFu mentioned IE being slow. It could be the anti-phishing filter needing access. (just a thought) I use Firefox exclusively. The firewall will not alter the speed of the port (80) another component of IE must need access. (this actually means the firewall is working properly and blocking stuff)

good luck.

:added:

I can't get the logging to work. does it work for anyone? how did you enable it? I turn the logging on but it won't log.

Edited by Spooky
Link to comment
Share on other sites
jaws75

jaws75

Posted
Posted
You enable logging by opening up the advanced firewall GUI, highlight 'Windows Firewall with Advanced Security' at the top of the firewall GUI, then click 'Action' then 'Properties' then choose your connection profile tab, then click on the 'Customize' button in the 'Logging' area on your connection profile tab.

It's set that way but the log file does not get created. I read that it may be a permission problem for the folder it's writing to so I changed folders. No go. I then set it in Local Security but still no go. The logging does not work for me. Does it work for you?

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...