- Get
More From Vista's Firewall
First thing, create a
restore point just in case you need to go back.
The
default setting for Vista's firewall is to blocks inbound connections
but allow all outbound connections. This is not ideal, any acquired
virus or malware would have unrestricted access to the internet.
It
can be argued that your anti virus or anti spyware program should
(hopefully) catch these and prevent any problem. I have no problem with
this argument when using Windows XP because I found the available third
party software firewalls cause so many problems including slowing down
my machine. Now, with Vista's
firewall we have the option to block all outbound connections
other than those which
a match predefined rule. So far I've found no speed or other
issues while running Windows firewall with outbound filtering enabled.
To block outbound
connections first open the firewall ie go to Control panel>
Administrative Tools > Windows Firewall with Advanced Security
Note: All three profiles are set "Outbound connections that do not
match a rule are allowed"
To change this click on "Windows Firewall Properties"
Change "Outbound connections" from "Allow (default)" to "Block". Repeat
for all three profiles.
Outbound connections which do not match a firewall rule are now
blocked.
Click on "Outbound Rules" in the left panel and see what rules already
exist.
These
are all the outbound enabled rules in my firewall that were already
created by windows, not sure if they are all necessary.
The following is a list of the rules I've created for programs I wish
to allow access to the internet.
Note: Rules with a green tick are enabled, ones with a gray tick are
disabled.
To help manage the rules, I prefix all the ones I create with "Allow"
followed by the program or process name.
We'll look at the rule I've created for "Allow Agent", this is my news
reader (usenet) and email client.
1) General tab -
2) Programs and Services - Use to "Browse" button to find the program
you wish this rule to apply to.
Click the “service” button if you wish to associate a
service with the rule. ie see my “Allow windows update” rule.
3) Protocols and Ports - Protocol TCP in this case.
Local Port, this is often not predictable so chose "All Ports"
Remote ports, this is often predictable.
Port 25 - standard SMTP (sending emails)
Port 80 - required if
you wish the email client to accepts html content
Port 110 - standard POP3 (receiving emails)
Port 119 - standard NNTP (news reader)
Port 443 - required
if you wish the email client to accepts html content
Port 563 - non-standard NNTP for SSL connections (news reader)
Port 587 - non-standard SMTP (sending emails through gmail)
Port 995 - non-standard POP3 (receiving emails through gmail)
4) Scope
If
confident the "Remote IP address" is unlikely to change it can be
entered here, otherwise it's best left as "Any IP address"
Inbound Rules
These
are the inbound rules predefined by windows which are enabled
on
my machine. I don't need to add any extra inbound rules because I do
not run any programs which act as a server ie games, P2P etc.
As a
general guide, if you need to open a port in the routers firewall for a
program to work then you also need to create a inbound rule.
My Firewall Rules
footer