Vista Firewall ??????

  • Thread starter Thread starter Davcal
  • Start date Start date
D

Davcal

Vista Firewall, a bit of a misnomer. One small step above XP's one way
Firewall.
it may stop a lot of stuff incoming, but very little outgoing.
In fact everything MS and the PC manufacturer, among others
wants outgoing, goes out, unknown to you.
Go to www.grc.com and download their free Leaktest software.
It's very small, and you'll realize how much you need a proper Firewall.
PC.Tools Firewall Plus, free for Vista, will do the trick...
That along with Avast free Anti-Virus for Vista will keep you safe.
I'd also use a Router for peace of mind...
 
Davcal said:
Vista Firewall, a bit of a misnomer. One small step above XP's one way
Firewall.
it may stop a lot of stuff incoming, but very little outgoing.
In fact everything MS and the PC manufacturer, among others
wants outgoing, goes out, unknown to you.
Go to www.grc.com and download their free Leaktest software.
It's very small, and you'll realize how much you need a proper Firewall.
PC.Tools Firewall Plus, free for Vista, will do the trick...
That along with Avast free Anti-Virus for Vista will keep you safe.
I'd also use a Router for peace of mind...
Click to expand...

Though you're right about the inadequacy of the Microsoft-supplied Vista
firewall, PCTools Firewall is not an acceptable alternative as it will block
access to machines on the local lan and there is no easy fix. I've tried a
number of supposedly Vista-compatible firewalls and have yet to find one
that (1) works and (2) doesn't bring the machine to a screeching halt
whenever there's network activity.
 
Vista Firewall, a bit of a misnomer. One small step above XP's one way
Firewall.
it may stop a lot of stuff incoming, but very little outgoing.
Click to expand...

What's the purpose of stopping outgoing? Are you paying per byte?
In fact everything MS and the PC manufacturer, among others
wants outgoing, goes out, unknown to you.
Click to expand...

If you are right about that, no third party firewall will be able to
do anything about it anyway.
Go to www.grc.com and download their free Leaktest software.
Click to expand...

For what purpose exactly? It's one of the oldest leak tests there is.
No firewall is fooled by that anymore. They are very questionable
against modern malware though.
It's very small, and you'll realize how much you need a proper Firewall.
PC.Tools Firewall Plus, free for Vista, will do the trick...
LOL

That along with Avast free Anti-Virus for Vista will keep you safe.
Click to expand...

No add-on software will keep you safe. A resonable security concept
and common sense will.
I'd also use a Router for peace of mind...
Click to expand...

If it makes you feel better, go ahead....
 
Davcal said:
Vista Firewall, a bit of a misnomer. One small step above XP's one way
Firewall.
it may stop a lot of stuff incoming, but very little outgoing.
In fact everything MS and the PC manufacturer, among others
wants outgoing, goes out, unknown to you.
Go to www.grc.com and download their free Leaktest software.
It's very small, and you'll realize how much you need a proper Firewall.
PC.Tools Firewall Plus, free for Vista, will do the trick...
That along with Avast free Anti-Virus for Vista will keep you safe.
I'd also use a Router for peace of mind...
Click to expand...

Attempting to control outbound traffic as a means of malware control is
pointless. There are many ways malware can bypass it. If your purpose is
to control non malware apps, then that can be done with Vista's firewall.
 
With all due respect "Mr. aka B Nice", you have no idea what you are
talking about.
Please do a little research, before answering posts...
 
I think you'll find if you read the help files that you can run it in a
LAN.
I do it right now. Check out the "Applications & Advanced rules
Settings"
Then check under Settings/Adapters and adjust accordingly.
You have to do a little work, but it will...
 
Rock..My purpose is to control anything that wants to enter or leave my
PC.
In other words, I will decide what and when, not MS, HP, or whatever...
After I set up the PC Tools Firewall, I couldn't believe the stuff that
was trying to
access the Internet. PC Tools Firewall at least gives you the option of
allowing or not.
All due respect Rock, You being a MS-MVP know full well what I am
talking about...
 
With all due respect "Mr. aka B Nice", you have no idea what you are
talking about.
Click to expand...

Funny enough that was the exact same impression I got of you judged on
your initial post. It's not the first clueless attack on the windows
firewall I've experienced.
Please do a little research, before answering posts...
Click to expand...

Please get a little clue before posting in the first place.
 
Rock..My purpose is to control anything that wants to enter or leave my
PC.
In other words, I will decide what and when, not MS, HP, or whatever...
Click to expand...

MS is in charge of the very O/S which just happens to be the highest
authority on your machine. Please try and understand that if they are
determined to "phone home" without you knowing about it, nothing will
prevent them from doing so. If you have so many worries about that you
shouldn't be running windows in the first place.

All due respect Rock, You being a MS-MVP know full well what I am
talking about...
Click to expand...

I think he knows what he is talking about.
 
Rock..My purpose is to control anything that wants to enter or leave my
PC.
In other words, I will decide what and when, not MS, HP, or
whatever...
After I set up the PC Tools Firewall, I couldn't believe the stuff that
was trying to
access the Internet. PC Tools Firewall at least gives you the option of
allowing or not.
All due respect Rock, You being a MS-MVP know full well what I am
talking about...
Click to expand...
"Rock" wrote
Click to expand...

Like I said, if you are trying to control malware that's already on your
system from calling out, it's too late. There are many ways malware can
bypass any software firewall from inside. If the intent is to control non
malicious software from going outside, the Vista firewall can be configured
to do that.
 
there is a 3rd party application called
VistaFirewallControl
to assist in setting the outbound rules for vista firewall.
you can turn it on without any help, but creating the rules is difficult.
this program makes it easy.



(e-mail address removed)



Vista Firewall, a bit of a misnomer. One small step above XP's one way
Firewall.
it may stop a lot of stuff incoming, but very little outgoing.
In fact everything MS and the PC manufacturer, among others
wants outgoing, goes out, unknown to you.
Go to www.grc.com and download their free Leaktest software.
It's very small, and you'll realize how much you need a proper Firewall.
PC.Tools Firewall Plus, free for Vista, will do the trick...
That along with Avast free Anti-Virus for Vista will keep you safe.
I'd also use a Router for peace of mind...
 
Davcal said:
Vista Firewall, a bit of a misnomer. One small step above XP's one way
Firewall.
it may stop a lot of stuff incoming, but very little outgoing.
In fact everything MS and the PC manufacturer, among others
wants outgoing, goes out, unknown to you.
Go to www.grc.com and download their free Leaktest software.
It's very small, and you'll realize how much you need a proper Firewall.
PC.Tools Firewall Plus, free for Vista, will do the trick...
That along with Avast free Anti-Virus for Vista will keep you safe.
I'd also use a Router for peace of mind...
Click to expand...


I passed grc's 'Shield's Up' test with 100% , using Vista's Firewall,. but
thanks for asking.
 
Davcal said:
Vista Firewall, a bit of a misnomer. One small step above XP's one way
Firewall.
it may stop a lot of stuff incoming, but very little outgoing.
In fact everything MS and the PC manufacturer, among others
wants outgoing, goes out, unknown to you.
Click to expand...


And this was news to you? That's why most of us always recommend the
use of a 3rd party firewall.

Go to www.grc.com and download their free Leaktest software.
It's very small, and you'll realize how much you need a proper Firewall.
Click to expand...


Gibson is a very poor source for computer security advice. Gibson has
been fooling a lot of people for several years, now, so don't feel too
bad about having believed him. He mixes just enough facts in with his
hysteria and hyperbole to be plausible. Despicably, Gibson is assuming
a presumably morally superior pose as a White Knight out to rescue the
poor, defenseless computer user, all the while offering solutions that
do no good whatsoever.

Perhaps you should read what real computer security specialists
have to say about Steve Gibson's "security" expertise. You can start here:
http://www.grcsucks.com/



--

Bruce Chambers

Help us help you:



They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety. -Benjamin Franklin

Many people would rather die than think; in fact, most do. -Bertrand Russell
 
Davcal said:
I think you'll find if you read the help files that you can run it in a
LAN.
I do it right now. Check out the "Applications & Advanced rules
Settings"
Then check under Settings/Adapters and adjust accordingly.
You have to do a little work, but it will...
Click to expand...

I spent an hour or two on the PC Tools Firewall forum. The suggested "fix"
was to import a rule that didn't work on my machine. This was, perhaps, a
month ago. Has the program been updated?
 
Davcal said:
Vista Firewall, a bit of a misnomer. One small step above XP's one way
Firewall.
it may stop a lot of stuff incoming, but very little outgoing.
In fact everything MS and the PC manufacturer, among others
wants outgoing, goes out, unknown to you.
Go to www.grc.com and download their free Leaktest software.
It's very small, and you'll realize how much you need a proper Firewall.
PC.Tools Firewall Plus, free for Vista, will do the trick...
That along with Avast free Anti-Virus for Vista will keep you safe.
I'd also use a Router for peace of mind...
Click to expand...

Vista's packet filter and this thing you're talking about, another packet
filter, both of them are machine level packet filters.

They are not firewall solutions.

A firewall meets this specification.

<copied>

What is a firewall?

A firewall protects networked computers from intentional hostile intrusion
that could compromise confidentiality or result in data corruption or denial
of service. It may be a hardware device or a software program running on a
secure host computer. In either case, it must have at least two network
interfaces, one for the network it is intended to protect, and one for the
network it is exposed to.
A firewall sits at the junction point or gateway between the two networks,
usually a private network and a public network such as the Internet. The
earliest firewalls were simply routers. The term firewall comes from the
fact that by segmenting a network into different physical subnetworks, they
limited the damage that could spread from one subnet to another just like
firedoors or firewalls.

<copied>

That router you're talking about comes closer to being a firewall than that
personal/machine level packet filter will ever be that you're talking about.
 
PTravel said:
I spent an hour or two on the PC Tools Firewall forum. The suggested
"fix" was to import a rule that didn't work on my machine. This was,
perhaps, a month ago. Has the program been updated?
Click to expand...

Followup: I just took a quick look at the PC Tools Firewall forum. The
problem remains. The "solution" is to allow packets from any private IP
address, e.g. pass 192.168.0.0 to 192.168.255.255. That's no solution at
all for a laptop which, routinely, will be logged onto airport and hotel
LANs. I certainly don't want access to my machine by anyone else on a
public network.

Sorry, but PC Tools Firewall still isn't ready for primetime.
 
Followup: I just took a quick look at the PC Tools Firewall forum. The
problem remains. The "solution" is to allow packets from any private IP
address, e.g. pass 192.168.0.0 to 192.168.255.255. That's no solution at
all for a laptop which, routinely, will be logged onto airport and hotel
LANs. I certainly don't want access to my machine by anyone else on a
public network.

Sorry, but PC Tools Firewall still isn't ready for primetime.
Click to expand...

Re PC Tools Firewall Plus, you can be very specific and granular in the
rules you create. You could allow packets from a specific IP only, or a
narrow range of IP's. You don't have to open up the whole private address
space (192.168.0.0-192.168.255.255) to allow traffic on your LAN.
 
Victek said:
Re PC Tools Firewall Plus, you can be very specific and granular in the
rules you create. You could allow packets from a specific IP only, or a
narrow range of IP's. You don't have to open up the whole private address
space (192.168.0.0-192.168.255.255) to allow traffic on your LAN.
Click to expand...

And, again, that won't work for a laptop that travels. I have no way of
knowing in advance the base IP for a hotel or airport LAN, nor do I have any
way of knowing whether it will be the same as the base IP I use for my own
LAN at home. It's really far too much trouble to log in to a foreign LAN,
check the IP assigned by the DHCP server, create a rule for PC Tools and
then remove the rule when I'm done. No one is going to do that.

As for opening up the IP space on my LAN, I can limit the range of my DHCP
server, but I like to group devices by IP range. For example, my routers
are 192.168.10.1-10, my printers start at .50, computers with fixed IPs
begin at .100 and DHSP-assigned computers begin at .150. My servers start
at .200, and my TIVO is at .237. That's an awful lot of rules to accomodate
a firewall that has an eccentric design that serves no rational purpose.
 
Back
Top