logo

Home page
Articles for Windows, Linux, OS X
Mac tips and articles
Mac tips
Windows 8 tips and articles
Windows 7 tips and articles
Vista Tips
XP Tips
Linux tips and articles
Read the blog
Online store
Windows, Linux, OS X programs
Links
About

Windows Vista Firewall Part 3: Lockdown

Part 1 | Part 2 | Part 3

We examined Windows Firewall in the Control Panel and saw how to check the status of the firewall and how to turn it on and off in the first part of this series. The settings are very simple and straightforward, but they are deceptive. In part 2 we looked at the advanced settings available in the firewall and saw that while inbound connections are blocked, outbound connections are not. What this means is that it is very difficult for a malicious person or program to break into your computer when you are connected to the internet or a local area network, but it is very easy for malicious software that is already on your computer to gather information about you that is stored on the hard disk drive and to send it out to someone on the internet. This sort of activity is very common for spyware, Trojans, viruses and other malware.

Windows Defender will prevent most spyware infections, but it is by no means infallible and there is still a very slight chance that spyware could infect your computer. Of course, anti virus software is not supplied with Windows Vista and so there is nothing to stop it infecting the system unless you have purchased some security software or have installed one of the free anti virus programs that are available on the internet. Even then there is a small chance that a virus, Trojan or other malware could infect the computer. It is important to realise that any program can send out information about you to someone somewhere on the internet and Windows Firewall in its default state will not attempt to prevent it, even though it says that it is turned on if you look at the settings in the Control Panel.

Outbound connections

Let's take a look at Windows Firewall's advanced settings again. Click the Start button at the left-hand side of the taskbar and then Control panel. Switch to Classic View by clicking the link on the left. Ignore Windows Firewall and instead you should double click Administrative Tools. (You must be logged on using an administrator account or you will be prevented from accessing any of the advanced features we will be describing. User Account Control may also display warnings, but you can click through them and continue.) When Administrative Tools opens, double click Windows Firewall with Advanced Security. It's at the bottom of the list of programs.

Windows Firewall

In the top left corner of the window that appears, select Windows Firewall with Advanced Security... (You'll probably find that half the title is chopped off because it's too long to fit in the left pane). In the middle pane, look down the list and click Windows Firewall Properties (scroll down if necessary). In the dialog that appears, select the tab of the profile that is active. The Private Profile is the one used when you are using a PC at home and are connected to the internet or a home network, so this is most likely the one you will need. The Domain Profile is often used by PCs in large companies, and the Public Profile might be used when you are using a laptop computer in a coffee shop, hotel or other public place with a Wi-Fi connection.

firewall3_2 (20K)

You will see that inbound connections are blocked and that outbound connections are allowed. This is a default state that is automatically selected by Windows Vista when it is installed. Click Allow and select Block from the drop-down list next to Outbound connections. Click OK to close the dialog and Windows Firewall will now block all outbound connections. In other words, none of the programs on the computer is allowed to connect to the internet or to other computers on the network. This is ultra secure because nothing can get in or out, but it is actually not very useful because you will not be able to browse the web using Internet Explorer and you won't be able to read your email. What you need to do is to instruct Windows Firewall to allow programs you trust to access the internet.

Go to previous page

Part 3, go to next page

              

Bookmark and Share

delicious (1K) del.icio.us

copyright