Win Firewall Question

I 'heard' that Win Firewall is so bad that turning it on is like putting on a 'Hack Me' sign. If one has a DSL router, why would one need an additional firewall anyway? I can see if it was as office with more than one PC on the LAN; but this is a home PC with perhaps a laptop and a video phone on the LAN. It's an old Dell XPS; so I don't need any extra stuff running.

Hi

Actually it is not that bad. The problem is that you can't easily configure it for monitoring outgoing connections. By default it only blocks incoming connections. If you are a safe surfer then that should be plenty. That depends if your router has a firewall. If it does it will only block incoming attacks to your network. It will not block malware from spreading within the network.

Thank you Buttons!

Yes, my router has a firewall; but I thought ALL routers 'behaved' as hardware firewalls.

I use MSE, SAS pro and SpywareBlaster; but keep Win Firewall turned off mainly to conserve 'clock-ticks' on my old Dell XPS.

You're welcome.

Cool. Nope the two are very different. Hardware firewall is usually in a router or separate piece of hardware(why it's called a hardware firewall) and only protect your network from attacks or unwanted access. A software firewall blocks connections made to the computer.

I would recommend turning it on if you have other computers on your network as a hardware firewall will not protect you if another computer downloads something bad that spreads. Windows Firewall will help protect you and shouldn't have any impact on performance.

My laptop has been dropped jus' one(!) too many times
So the only thing left on my '☺network☺' is a video phone.

I can't imagine how Win firewall can run without 'stealing' clock-ticks from my 'pot bellied pig' CPU intensive database generating program (feg). But if it can provide a measurable bit more safety; I will gladly turn it back on. What's a few 'clock-ticks' when feg has already logged about 100 days of CPU time and it's only about ¼ finished with the desired 'partial' database???

It shouldn't use any more cpu or resources then you have now. Even if you disable the Firewall the service is still running so it's likely that you won't even notice when you turn it on.

Hi Buttons!

I took your advice and turned Win Firewall back on. Sure enough, TaskMan didn't show any additional processes running. And Process Explorer didn't indicate any Firewall process that could be killed either; so you're absolutely correct.

I found this very interesting article with some very interesting comments:

http://www.zdnet.com/blog/berlind/screen-gallery-when-is-a-firewall-not-a-firewall-when-its-vistas-built-in-firewall/331

For some reason, I don't 'feel' any more secure having it on. My HDD got hit by some Bot attack last year (DEC2010). It filled it up with 'Invisible' files leaving me jus' 1%! And I don't mean files with the 'hidden' attribute set!! So, I jus' went ahead and reformatted to be safe. At the time, I wasn't running any 'real time' protectiion; only the free Avira and SpywareBlaster and a host of 'on demand' and 'on line' scanners. However, I did have the 'free' Avira set to 'guard' against incomming/outgoing files. I remember getting some 'strange' ALERT about my PC being infected. I didn't touch anything; but immediately Rebooted. Too Late!!!

HI bob_deloach!

Cool. Yep it's built right into Windows and it's processes which is why you shouldn't see any performance loss.

I see. You may take a look at using a host file and Malwarebytes' antimalware pro. A host file is an address book Windows uses to connect to websites and by using something like MVPS or HPHOSTS you can avoid advertisements and block connections to malicious sites. The host file doesn't run all the time as it's just a text file. I use HostsMan which updates the hosts files for me so I don't have to download it myself.

Hi again Buttons!

What I jus' found out ain't Cool at all! Even though my system scored 10 both with and without Win Firewall, I can't seem to stop stuff from getting OUT!!! You can download the test here:

http://www.matousec.com/downloads/

Found the following on ATT's Firewall:
========================================================
Settings

Security
Check to enable the features below:

Stealth Mode
Block Ping
Strict UDP Session Control
Inbound and Outbound Control
Checking the box allows the associated traffic type through the firewall.

Outbound
HTTP
HTTPS
FTP
Telnet
SMTP
DNS
NetBIOS
POP3
IMAP
NNTP
IRC
H323
All Other Protocols Inbound
Remote Management
NetBIOS
=======================================================-

All of the OUTBOUND are checked except NetBIOS. Don't want to uncheck them all because my daughter's video phone's got to use something. Couldn't find ANYTHING about outbound in Win Firewall.

If you've got any ideas, I'm all ears. In the meantime, I'll keep experimenting and surfing; looking for solutions. I've only got the free ver of Antimalware for an 'on demand' scanner. I'll look into that 'Host' thingee after this 'BIG' problem is solved. If an unknown, undetected trojan gets IN, then it can send ALL my stuff OUT!!!

Windows Firewall by default does not support outbound connections. Unfortunately from the research I've done it's no easy task and requires a lot of expertise and no general guide on the subject of setting it up. Might take a look at Sphinx WindowsFirewallControl. It's a very small and lightweight tool that uses the Windows Web Filtering Platform.