Vista Firewall ??????

Discussion in 'Windows Vista Security' started by Davcal, May 19, 2007.

  1. Davcal

    Davcal Guest

    Vista Firewall, a bit of a misnomer. One small step above XP's one way
    Firewall.
    it may stop a lot of stuff incoming, but very little outgoing.
    In fact everything MS and the PC manufacturer, among others
    wants outgoing, goes out, unknown to you.
    Go to www.grc.com and download their free Leaktest software.
    It's very small, and you'll realize how much you need a proper Firewall.
    PC.Tools Firewall Plus, free for Vista, will do the trick...
    That along with Avast free Anti-Virus for Vista will keep you safe.
    I'd also use a Router for peace of mind...
     
    Davcal, May 19, 2007
    #1
    1. Advertisements

  2. Davcal

    PTravel Guest

    Though you're right about the inadequacy of the Microsoft-supplied Vista
    firewall, PCTools Firewall is not an acceptable alternative as it will block
    access to machines on the local lan and there is no easy fix. I've tried a
    number of supposedly Vista-compatible firewalls and have yet to find one
    that (1) works and (2) doesn't bring the machine to a screeching halt
    whenever there's network activity.
     
    PTravel, May 19, 2007
    #2
    1. Advertisements

  3. What's the purpose of stopping outgoing? Are you paying per byte?
    If you are right about that, no third party firewall will be able to
    do anything about it anyway.
    For what purpose exactly? It's one of the oldest leak tests there is.
    No firewall is fooled by that anymore. They are very questionable
    against modern malware though.
    No add-on software will keep you safe. A resonable security concept
    and common sense will.
    If it makes you feel better, go ahead....
     
    Straight Talk (aka B. Nice), May 19, 2007
    #3
  4. Davcal

    Rock Guest

    Attempting to control outbound traffic as a means of malware control is
    pointless. There are many ways malware can bypass it. If your purpose is
    to control non malware apps, then that can be done with Vista's firewall.
     
    Rock, May 19, 2007
    #4
  5. Davcal

    Davcal Guest

    With all due respect "Mr. aka B Nice", you have no idea what you are
    talking about.
    Please do a little research, before answering posts...
     
    Davcal, May 19, 2007
    #5
  6. Davcal

    Davcal Guest

    I think you'll find if you read the help files that you can run it in a
    LAN.
    I do it right now. Check out the "Applications & Advanced rules
    Settings"
    Then check under Settings/Adapters and adjust accordingly.
    You have to do a little work, but it will...
     
    Davcal, May 19, 2007
    #6
  7. Davcal

    Davcal Guest

    Rock..My purpose is to control anything that wants to enter or leave my
    PC.
    In other words, I will decide what and when, not MS, HP, or whatever...
    After I set up the PC Tools Firewall, I couldn't believe the stuff that
    was trying to
    access the Internet. PC Tools Firewall at least gives you the option of
    allowing or not.
    All due respect Rock, You being a MS-MVP know full well what I am
    talking about...
     
    Davcal, May 19, 2007
    #7
  8. Funny enough that was the exact same impression I got of you judged on
    your initial post. It's not the first clueless attack on the windows
    firewall I've experienced.
    Please get a little clue before posting in the first place.
     
    Straight Talk (aka B. Nice), May 19, 2007
    #8
  9. MS is in charge of the very O/S which just happens to be the highest
    authority on your machine. Please try and understand that if they are
    determined to "phone home" without you knowing about it, nothing will
    prevent them from doing so. If you have so many worries about that you
    shouldn't be running windows in the first place.

    I think he knows what he is talking about.
     
    Straight Talk (aka B. Nice), May 19, 2007
    #9
  10. Davcal

    Rock Guest

    Like I said, if you are trying to control malware that's already on your
    system from calling out, it's too late. There are many ways malware can
    bypass any software firewall from inside. If the intent is to control non
    malicious software from going outside, the Vista firewall can be configured
    to do that.
     
    Rock, May 19, 2007
    #10
  11. Davcal

    mikeyhsd Guest

    there is a 3rd party application called
    VistaFirewallControl
    to assist in setting the outbound rules for vista firewall.
    you can turn it on without any help, but creating the rules is difficult.
    this program makes it easy.







    Vista Firewall, a bit of a misnomer. One small step above XP's one way
    Firewall.
    it may stop a lot of stuff incoming, but very little outgoing.
    In fact everything MS and the PC manufacturer, among others
    wants outgoing, goes out, unknown to you.
    Go to www.grc.com and download their free Leaktest software.
    It's very small, and you'll realize how much you need a proper Firewall.
    PC.Tools Firewall Plus, free for Vista, will do the trick...
    That along with Avast free Anti-Virus for Vista will keep you safe.
    I'd also use a Router for peace of mind...
     
    mikeyhsd, May 19, 2007
    #11
  12. Davcal

    Jon Guest


    I passed grc's 'Shield's Up' test with 100% , using Vista's Firewall,. but
    thanks for asking.
     
    Jon, May 20, 2007
    #12

  13. And this was news to you? That's why most of us always recommend the
    use of a 3rd party firewall.


    Gibson is a very poor source for computer security advice. Gibson has
    been fooling a lot of people for several years, now, so don't feel too
    bad about having believed him. He mixes just enough facts in with his
    hysteria and hyperbole to be plausible. Despicably, Gibson is assuming
    a presumably morally superior pose as a White Knight out to rescue the
    poor, defenseless computer user, all the while offering solutions that
    do no good whatsoever.

    Perhaps you should read what real computer security specialists
    have to say about Steve Gibson's "security" expertise. You can start here:
    http://www.grcsucks.com/



    --

    Bruce Chambers

    Help us help you:
    http://dts-l.org/goodpost.htm
    http://www.catb.org/~esr/faqs/smart-questions.html

    They that can give up essential liberty to obtain a little temporary
    safety deserve neither liberty nor safety. -Benjamin Franklin

    Many people would rather die than think; in fact, most do. -Bertrand Russell
     
    Bruce Chambers, May 20, 2007
    #13
  14. Davcal

    PTravel Guest

    I spent an hour or two on the PC Tools Firewall forum. The suggested "fix"
    was to import a rule that didn't work on my machine. This was, perhaps, a
    month ago. Has the program been updated?
     
    PTravel, May 20, 2007
    #14
  15. Davcal

    Mr. Arnold Guest

    Vista's packet filter and this thing you're talking about, another packet
    filter, both of them are machine level packet filters.

    They are not firewall solutions.

    A firewall meets this specification.

    <copied>

    What is a firewall?

    A firewall protects networked computers from intentional hostile intrusion
    that could compromise confidentiality or result in data corruption or denial
    of service. It may be a hardware device or a software program running on a
    secure host computer. In either case, it must have at least two network
    interfaces, one for the network it is intended to protect, and one for the
    network it is exposed to.
    A firewall sits at the junction point or gateway between the two networks,
    usually a private network and a public network such as the Internet. The
    earliest firewalls were simply routers. The term firewall comes from the
    fact that by segmenting a network into different physical subnetworks, they
    limited the damage that could spread from one subnet to another just like
    firedoors or firewalls.

    <copied>

    That router you're talking about comes closer to being a firewall than that
    personal/machine level packet filter will ever be that you're talking about.
     
    Mr. Arnold, May 20, 2007
    #15
  16. Davcal

    PTravel Guest

    Followup: I just took a quick look at the PC Tools Firewall forum. The
    problem remains. The "solution" is to allow packets from any private IP
    address, e.g. pass 192.168.0.0 to 192.168.255.255. That's no solution at
    all for a laptop which, routinely, will be logged onto airport and hotel
    LANs. I certainly don't want access to my machine by anyone else on a
    public network.

    Sorry, but PC Tools Firewall still isn't ready for primetime.
     
    PTravel, May 20, 2007
    #16
  17. Davcal

    Victek Guest

    Followup: I just took a quick look at the PC Tools Firewall forum. The
    Re PC Tools Firewall Plus, you can be very specific and granular in the
    rules you create. You could allow packets from a specific IP only, or a
    narrow range of IP's. You don't have to open up the whole private address
    space (192.168.0.0-192.168.255.255) to allow traffic on your LAN.
     
    Victek, May 20, 2007
    #17
  18. Davcal

    PTravel Guest

    And, again, that won't work for a laptop that travels. I have no way of
    knowing in advance the base IP for a hotel or airport LAN, nor do I have any
    way of knowing whether it will be the same as the base IP I use for my own
    LAN at home. It's really far too much trouble to log in to a foreign LAN,
    check the IP assigned by the DHCP server, create a rule for PC Tools and
    then remove the rule when I'm done. No one is going to do that.

    As for opening up the IP space on my LAN, I can limit the range of my DHCP
    server, but I like to group devices by IP range. For example, my routers
    are 192.168.10.1-10, my printers start at .50, computers with fixed IPs
    begin at .100 and DHSP-assigned computers begin at .150. My servers start
    at .200, and my TIVO is at .237. That's an awful lot of rules to accomodate
    a firewall that has an eccentric design that serves no rational purpose.
     
    PTravel, May 20, 2007
    #18
  19. Davcal

    Engel Guest

    Engel, May 20, 2007
    #19
  20. Davcal

    PTravel Guest

    PTravel, May 20, 2007
    #20
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.