Vista Firewall Allows Inbound & Outbound Blocking
- 10
- Add a Comment
Microsoft has provided us with a firewall since Windows XP. But with Windows XP the service by default was not activated. This required us users to find the secret settings to get the free protection built into XP. When Vista arrived Microsoft by default had the firewall activated by default. But the protection was for inbound traffic only which it blocks. But outbound blocking by default was set to allow, not block.
So when I read this article from about.com on how to activate outbound protection my first response was ‘why’? Why isn’t outbound by default set to block? Why is this advanced interface hidden?
Here is what you can do to activate the outbound firewall in Vista:
Get Two-Way Firewall Protection
No desktop should be without a personal firewall, but even if the Security Center says you’re protected, you may not be. The Windows Firewall within Vista blocks all incoming traffic that might be malicious or suspicious–and that’s good. But outbound protection is not enabled by default. That’s a dangerous situation if some new malicious software finds its way onto your PC. Microsoft did include the tools for Windows Vista to have a true two-way firewall, but finding the setting is a little complicated. (Hint: Don’t go looking the Windows Firewall settings dialog box.)
To get two-way protection in Windows Vista, click on the Start button; in the search space, type wf.msc and press Enter. Click on the Windows Firewall with Advanced Security icon. This management interface displays the inbound and outbound rules. Click on Windows Firewalls Properties. You should now see a dialog box with several tabs. For each profile–Domain, Private, and Public–change the setting to Block, and then click OK.
I can only venture a guess that Microsoft might of been reluctant to make this feature easy to find, since they may have felt that the average user would of struggled getting it to work properly.
What do you think?
Comments welcome.
10 Comments
Najlepsze Programy, Recenzje, Informacje. » Blog Archive » Vista Firewall Allows Inbound & Outbound Blocking ~ The Blade by …
March 9th, 2009
at 12:23pm
[...] Original post by Ron Schenone [...]
Bruce
March 9th, 2009
at 1:29pm
I’ve been using the built in Vista firewall ever since I purchased my HP notebook but I let the free Vista Firewall Control from Sphinx-soft.com take care of all the configuration and monitoring. Works like a charm and takes the burden off the technically challenged old guys like myself. Actually, I was so impressed by the free model, I threw some money at Sphinx and upgraded to the “Pro” version.
Ron Schenone
March 9th, 2009
at 1:55pm
Hi Bruce,
Thanks for the link. I’ll give it a try.
Aryeh Goretsky
March 9th, 2009
at 9:30pm
Hello,
Just as historical point, wasn’t the unidirectional Internet Connection Firewall (ICF) a part of Microsoft Windows XP RTM that was disabled, and its replacement, Windows Firewall, from XP SP2, enabled by default?
From vaguely personal experience, it seems that firewall user interface design is fairly difficult, because you are essentially asking users who may not be very familiar at all with their computer, let alone networking, to make some very finely-grained adjustments to the packets of data flying around through the TCP/IP stack. I think that concern, along with some calculations about support costs for having technicians repair users’ self-inflicted injuries, plus associated negative PR, have far more to do with why the feature is prominent and enabled than any complaints about monopolistic behavior from firewall vendors.
Regards,
Aryeh Goretsky
Ron Schenone
March 10th, 2009
at 4:33am
Hello Aryeh,
Thank you for the correction.
I am going to experiment with software that Bruce has recommended to see if it relieves some of the pain associated with ANY software firewall.
All the best, Ron
Snowball TiVo ~ Windows Fanatics
March 10th, 2009
at 5:52am
[...] The Vista firewall blocks both inbound and outbound traffic. [...]
Using Vista Firewall Outbound Protection The Easy Way ~ The Blade by Ron Schenone, MVP
March 10th, 2009
at 2:11pm
[...] wrote an article about how to turn on outbound firewall protection for Windows Vista firewall [here] and asked for [...]
Josef
March 10th, 2009
at 10:14pm
Hi Ron,
Your outbound firewall tip works also with the new Windows 7 Beta. Thanks a lot!
On a side note , since you’re an M.S. MVP, could you put out a shout to the Win7 developement team and tell them to put the artsy build 7000 Control Panel Task Pane as well as the ‘Control Panel Home’ icon, back into their subsequent builds?
The plain, ‘new improved’ pane style is terrible! Granted, the small and large Contol Panel icon selection ability in Build 7022 is great, but bringing back the former Task Pane would be the icing on the cake!
Lastly, why can’t Microsoft have the MSCONFIG System Configuration Utility be resizeable, like it was back in Win98 days? That and the above complaint would make me switch over to Win7 from XP when it finally gets released. Would love to hear from you! Thanks!!!
dan bromberg
March 12th, 2009
at 5:51pm
…and what are the benefits of blocking outgoing packets for a single PC home user? Thanks for your article but I think it should’ve provided more motivation for me to reconfigure.
Bill Carrigan
March 13th, 2009
at 12:00pm
The BIG benefit is to YOU! Try as we may to stay secure, it’s entirely possible for a worm or Trojan to take up residence on your computer. That’s bad enough, but if the &%#@ thing can ‘Phone Home’ or send copies of itself to everyone in your address book, that’s WORSE!
IMHO keeping your passwords and account numbers safe, and your good name from being vilified by your friends, should be reason enough to enable it. Of course, that makes the assumption that you don’t already have a third-party firewall up and running.
Nothing personal, but I teach my Internet Security students that there are only 2 types of people on the Internet- those with firewalls and DUNCES. It’s really better to be safe than sorry.
Good luck.