Vista Firewall turns itself off....

Discussion in 'Windows Vista General Discussion' started by gw.harrison, May 7, 2008.

  1. gw.harrison

    gw.harrison Guest

    I'm really at the end of my tether with this issue - have a laptop
    which has windows Vista installed. Whenever I boot up the Windows
    Firewall is turned on. However, towards the end of the boot process,
    the Windows Firewall turns itself off, almost as if when a program
    loads it knocks it out. Is there anyway I can do a walk thru' of the
    boot up process so I can see if I can capture which program or process
    is doing it? At my wits end.
     
    gw.harrison, May 7, 2008
    #1
    1. Advertisements

  2. gw.harrison

    t-4-2 Guest

    Hello,
    You have a program which has firewall of it's own, and it knock off
    windows firewall.
    The system cannot hold 2 separate firewalls, they are always in
    conflict with each other. If you have Norton or Windows Live Onecare,
    disabled their firewalls. Windows Firewall is designed for your machine,
    don't need another sheriff.
     
    t-4-2, May 7, 2008
    #2
    1. Advertisements

  3. gw.harrison

    Mr. Arnold Guest


    You got two firewalls running Vista and something else running together?
     
    Mr. Arnold, May 7, 2008
    #3
  4. gw.harrison

    gw.harrison Guest

    I've never installed another firewall on the laptop - I've always been
    happy to just use Windows Firewall. This is what I can't understand,
    because all the searching I've been doing suggest uninstalling the 2nd
    firewall I've installed - but I've only got and ever had, the one.
     
    gw.harrison, May 8, 2008
    #4
  5. gw.harrison

    Not Me Guest

    You don't have a security suite installed?
    Norton? McAfee? or such?
    Many have a firewall, even if you don't realize it.
     
    Not Me, May 8, 2008
    #5
  6. gw.harrison

    Mr. Arnold Guest

    I've never installed another firewall on the laptop - I've always been
    happy to just use Windows Firewall. This is what I can't understand,
    because all the searching I've been doing suggest uninstalling the 2nd
    firewall I've installed - but I've only got and ever had, the one.

    ------------------------------------------------------------------------------
    What this sounds like to me is that you have malware running on the machine
    that is turning the Vista FW off. What you need to do is look around on the
    machine and look at running processes to see if you can spot something that
    doesn't look right that's running.

    Process Explorer can be used to look at running processes and what those
    processes are hosting, such as possible malware.

    With PE, you go to Menu/View/Show/Lower Pane/Show all DLL(s) and PE will
    show you everything a running process in the upper pane is hosting. You can
    right-click a line in both panes and go to Properties to get more
    information.

    <http://www.windowsecurity.com/artic...d_Rootkit_Tools_in_a_Windows_Environment.html>

    You should use Currports free that runs on Vista which is like Active Ports
    in the link above to see if you can spot anything trying to connect while
    the Vista FW is down that could be dubious.

    http://www.nirsoft.net/utils/cports.html

    You should enable Vista's auditing and see what is happening.

    http://www.ultimatewindowssecurity.com/Wiki/Print.aspx?Page=AuditCategory-DSAccess

    You'll see in the link in Advanced Security Settings it talking about the
    auditing in the XP security link. You should enable the same auditing
    features on Vista, if you can do that and look at the logs with the Event
    Viewer off of Control Panel/Admin Tools.

    http://labmice.techtarget.com/articles/winxpsecuritychecklist.htm

    You should look around and see if you can spot anything that could be
    turning the Vista FW off.

    You should get that CurrPort shortcut into the System Startup so that you
    can see if anything looks dubious on System Startup and Internet
    connections.

    The link will show you how to tell Windows Defender about Currports and not
    to stop it at startup.

    http://www.vistax64.com/tutorials/79612-startup-programs-enable-disable.html
     
    Mr. Arnold, May 8, 2008
    #6
  7. gw.harrison

    Mr. Arnold Guest

    <snipped>

    Oh, and one other thing, I do use IPSec to supplement the Vista FW on my
    laptop when I am on the road like I am now, in case the Vista FW is taken
    out, I still have something protecting the computer. I just implemented the
    AnalogX IPSec polices, IPSec is there to supplement the Vista FW. IPSec is
    on Vista.

    http://www.petri.co.il/block_ping_traffic_with_ipsec.htm
    http://www.analogx.com/CONTENTS/articles/ipsec.htm
    http://support.microsoft.com/kb/813878

    IPSec is only to supplement and not to replace a host based software FW
    running on the computer. It can be used to supplement 3rd party FW solutions
    too that are running on the computer, instead of trying you install two
    FW(s) on the machine that can be in conflict with each other.
     
    Mr. Arnold, May 8, 2008
    #7
  8. gw.harrison

    t-4-2 Guest

    Please check your antivirus program i.e. windows live onecare
     
    t-4-2, May 8, 2008
    #8
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.