Home page
Articles for Windows, Linux, OS X
Mac tips and articles
Mac tips
Windows 8 tips and articles
Windows 7 tips and articles
Vista Tips
XP Tips
Linux tips and articles
Read the blog
Online store
Windows, Linux, OS X programs

Windows Vista Firewall Part 3: Lockdown

Part 1 | Part 2 | Part 3

Create more rules

What you now need to do is to repeat these steps and create rules for any other programs that need to access the internet. Click New Rule on the right, select the Program option, choose This program path and click the Browse button. Select the program on the disk drive, choose the Allow the connection option, tick when it applies, name it and the rule is done.

It is quite a tedious task if you have a lot of software on the computer that needs internet access and it has to be said that most third party firewalls handle this rule-making exercise much better. Most firewalls will tell you when a program needs to access the internet by displaying a pop-up message on the screen and it will ask you whether you want to block it or allow it. Selecting Block or Allow buttons automatically creates the rule within the firewall software. Windows Firewall does not do this and you must manually create rules for specific programs or they simply won't work. So if you block all outbound connections and then discover that a certain program won't work, it probably means that you need to create a rule that allows it internet access.

Blocking outbound connections is great for security, but you will find that many programs don't work or have limited functionality until a rule is created for them. The tediousness of the procedure is a bit irritating, but try it and see. If you can build sufficient rules, you will have a very secure computer, but if you can't be bothered creating them all you should just turn outbound connections back on. Windows Firewall will still block inbound connections, so you'll have some protection, it just won't be complete.

To turn on outbound connections again, in the main Windows Firewall with Advanced Security window, select Windows Firewall... in the top left pane and then click Windows Firewall Properties half way down the middle pane. Click the profile tab you need, such as Private Profile, and set Outbound connections to Allow (default).

More advanced options

Double click one of the rules you have created to display the Properties dialog. Some of the tabs and options are very advanced and are for experts only, but on the General tab you can change the name of the rule and enable or disable it. The Scope tab is useful too and it enables you to limit the program to specific IP addresses. Every computer on the internet or a local area network has an IP address and it consists of four numbers between 0 and 255 like this:

You can specify the IP addresses that the program can access on the Scope tab. This isn't useful for internet access, but suppose you had a game that allows you to play against another person on a network. You could enter the IP address of the computer into the Scope box and the program would then access only the computer specified. It would not be able to access any other computer on the local area network or the internet. It's useful if you want to keep security very tight.

Part 3, go to previous page

Part 3, go to next page


Bookmark and Share

delicious (1K) del.icio.us