dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
2684
Expand your moderator at work
JarmoP
join:2013-10-11
Finland

JarmoP to bcool

Member

to bcool

Re: Can I live with Windows Firewall alone on W7 SP1

To me the most kerio 2.1.5 reminding Windows firewall controller is TinyWall. It has no zones and all is based on the firewall rules. I must admit I don't know how safe the rules admitting something to home network are. I don't have one. Just a single computer connected to internet.

The GUI have options like password protection that are not working, because it makes TW loose the GUI (the controlling graphic user interface). And some other GUI options are dangerous that could make bring the service down. I am speaking about things like updating Adobe Flash:

TinyWall has a window to see blocked connections. If I try unblock Flash update from that window, it brakes TW. I think the service that controls Wi9ndows firewall gets broken and allows everything out. Same if I try unblock Flash update as a process. The only stable option I know is putting the firewall to 'Allow all outgoing' mode. The GUI is unstable when allowing connections from it!

But when some of you are behind a router, it is a good one once you have made all your rules. that you can save as a ruleset file. Blocks all unknowing both inbound and outbound. And I have not seen it braking otherwise. It is a tinkerers firewall control.

TW system rules coming from install are these:
»www.saunalahti.fi/~jarmo ··· ules.jpg

I have disabled Network Detection Discovery rules that are not needed for my cable modem or my Huawei USB stick mobile connections from those.

I just wish Karoly Pados before he dissapeared would have made an option to allow only some specific connections to remote IPs. For situations like this: I noticed from connection window that svchost.exe was blocked to my ISP DNS servers after I had shut down the cable modem and turned it on. PC reboot would have worked, but with a rule made that would not have been needed and safer. You can make rules for svchost.exe restricted to say dnscache service, but not not to the needed remote IPs.

Once the cable modem is on and the DNS things got, I can safely shutdown my computer with TW blocking everything and the connection seems good after I turn TW to normal protection when I am back to my account knowing everything has been blocked. Rebooting the computer after some possibly dangerous network activity I want to avoid. Always the shutdown instead.

I_Got_Tazed
join:2014-03-18
Freeport, IL

1 edit

I_Got_Tazed to bcool

Member

to bcool
l.i

bcool
Premium Member
join:2000-08-25

bcool

Premium Member

Linux?

mmainprize
join:2001-12-06
Houghton Lake, MI

1 recommendation

mmainprize to bcool

Member

to bcool
Windows firewall is full featured but is lacking a GUI, that is where binisoft WFC comes in and it makes it easy to set and see rules.
I have been using WFC for a few years and i recommend it to all running windows firewall.
You must buy a license to get the good features but it is well worth it.

sfogliatelle
We Is Whut We Am
Premium Member
join:2002-05-29
Baton Rouge, LA

sfogliatelle to bcool

Premium Member

to bcool
I've recently read a couple of articles on the merits of Windows Firewall, using it as it is with its own built-in settings tweaks.

Because of its' ability to work well with Windows Firewall I too had given thought to Binsoft's Windows Firewall Control, but the site adds the caution of installing it if Avast is also being used on the same machine (Windows Firewall is incompatible with software proxies, like Avast! Web Shield and Avira WebGuard).

Like you, I feel the performance of 7's firewall leaves little for me to criticize, but this being America, where endless choice is king, I continue to look.

therube
join:2004-11-11
Randallstown, MD

therube

Member

Just ran across this, Windows Firewall Notifier (untested).

sfogliatelle
We Is Whut We Am
Premium Member
join:2002-05-29
Baton Rouge, LA

sfogliatelle

Premium Member

This looks interesting. One small detail that escaped me while reading about it was the author's suggestion to place it in a shared folder such as Program Files. My pc is Windows 7 64bit. What I'm unsure of is *which* Program File folder to drop it in.
85160670 (banned)
"If U know neither the enemy nor yoursel
join:2013-09-17
Edmonton, AB

85160670 (banned) to mmainprize

Member

to mmainprize
AFAIK ..... sinced Vista, M$ windows FW very solid just we like to enhanced EMET come to play for the X-tra Layer protection ¿

bcool
Premium Member
join:2000-08-25

1 edit

bcool to therube

Premium Member

to therube
said by therube:

Just ran across this, Windows Firewall Notifier (untested).

Yes... I have this but as of yet have not been willing to set up realtime notification module. I use it for the moment as an on demand birdseye view of active connections. Of course that renders it little better a than plain vanilla port scanner

NOTE: I've been a couple of weeks at least now on Windows Firewall, Avast! Free, Malwarebytes Pro along with dear ol' Windows Defenders. I can find no current information (accent on current) suggesting that Windows Firewall's performance is adversely affected by running the latest Avast! Free. The four (4) programs I mention above seem to play together very well on my system. I do confess openly though that I keep on the sidelines the latest ZoneAlarm Free installation file (v130_208_000) just in case I really, really get spooked.