Since Windows 7 already comes with its own firewall, I prefer not to install a 3rd party one.
However, when I started trying to set it up, I quickly discovered that it's much less user-friendly than any personal firewall I have ever seen (e.g. Sygate for XP, Comodo for Windows 7, etc.)
Instead of being configured by default to block all Internet inbound and outbound traffic (i.e. not LAN), and then prompt you whenever unauthorized program tries to “call home”, it seems to allow all outbound traffic… (which is a spyware paradise).
I tried to configure it like a “ standard personal firewall” but this task turned to be anything but trivial:
First, I was greeted by having to select one of three profiles:
Domain | Private | Public:Domainis n/a because I don’t use a domain controllerPrivateis me! (yes, I have a tiny LAN)Publicis n/a because my Windows 7 laptop is only connected through my router/firewall
So I proceeded with the following:
Domain :All blocked (changed outbound from default)Private :Inbound blocked, outbound allowed (keep defaults)Public :All blocked (changed outbound from default)
Yet, I keep seeing all sorts of programs “calling home” without Windows firewall ever prompting or even notifying me about it.
Any idea how I can proceed from here? Is it possible at all to use the Windows 7 firewall to effectively control outbound traffic?
Answer
By default, Windows Firewall with Advanced Security allows all outbound network traffic.
To block the network traffic for prohibited programs, you must create an outbound rule that blocks traffic with specific criteria from passing through Windows Firewall with Advanced Security.
Alternatively, you can change the default outbound action to block, and then create outbound allow rules to allow required traffic. This technique is demonstrated in this TechNet article.
No comments:
Post a Comment