InstantForum.NET v4.1.4Windows Vista Forumhttp://vistaforums.com/Forum/Admin@VistaForums.comFri, 20 Nov 2009 18:42:32 GMT20http://vistaforums.com/Forum/Topic3769-15-1.aspx[quote][b]Opteronguy (1/30/2008)[/b][hr][quote][b]Jason (2/6/2007)[/b][hr]Out of the box Vista's firewall looks like a regular xp port over. When in reality it now check both incoming and outgoing packets unlike xp. [b]By default all incoming packets are allowed since no default rules are set.[/b] To change this go to your run command type "mmc" and go to "file" &gt; "add snap in" and find "advanced windows firewall settings". Go ahead and add this now you can naviate all your rules for both incoming and outgoing traffic. Enjoy![/quote]<br><br>This seems dumb to me and goes against what a firewall is all about. Shouldn't it BLOCK all incoming packets by default? The exception to this is if the PC has initiated a connection outbound, in which the firewall has a port opened to allow the connection out and thus traffic will be allowed back in since the PC will be awaiting a response. <br><br>That is unless it really doesn't do what you mentioned here and does in fact act like an SPI firewall.[/quote]<br><br>No, you certainly don't want all inbound connections blocked. You will lost lots of functionality especially when it comes to interfacing with other devices on your network. If you have 1 computer in your whole house you may be able to do this but I don't recommend it. BTW- I don't think Vista's firewall is smart enough to know that you initiated an outbound connection, and therefore allow the proceeding inbound to come in. It just uses ACL's to allow and disallow activity on certain ports. So basically if you block all inbound connections even if you try to browse the web anything sent back to your computer from a webserver will be blocked..meaing no internet.Wed, 27 Feb 2008 12:09:25 GMTJasonhttp://vistaforums.com/Forum/Topic3769-15-1.aspx[quote][b]Jason (2/6/2007)[/b][hr]Out of the box Vista's firewall looks like a regular xp port over. When in reality it now check both incoming and outgoing packets unlike xp. [b]By default all incoming packets are allowed since no default rules are set.[/b] To change this go to your run command type "mmc" and go to "file" &gt; "add snap in" and find "advanced windows firewall settings". Go ahead and add this now you can naviate all your rules for both incoming and outgoing traffic. Enjoy![/quote]<br><br>This seems dumb to me and goes against what a firewall is all about. Shouldn't it BLOCK all incoming packets by default? The exception to this is if the PC has initiated a connection outbound, in which the firewall has a port opened to allow the connection out and thus traffic will be allowed back in since the PC will be awaiting a response. <br><br>That is unless it really doesn't do what you mentioned here and does in fact act like an SPI firewall.Wed, 30 Jan 2008 22:24:05 GMTOpteronguyhttp://vistaforums.com/Forum/Topic3769-15-1.aspxCould also try the free version of Vista FW Control from Sphinx Software, which offers application control to the Vista FW in both x32 and x64 versions.Sun, 25 Nov 2007 03:54:10 GMTstevehaz_ukhttp://vistaforums.com/Forum/Topic3769-15-1.aspxTo know more about what are possible with Vista Firewall,<br><br>[i]Start-->Administrative Tools-->Local Security Policy-->Windows Firewall with Advanced Security[/i]<br><br>You can write inbound and outbound rules. For me it seems that the Vista firewall is better than XP SP2 Firewall :)Sat, 01 Sep 2007 08:50:55 GMTastala"vista"http://vistaforums.com/Forum/Topic3769-15-1.aspx<br>How does Vista map Firewall Rules to Exceptions ? On enabling/disabling one Exception, the status of multiple rules gets changed.<br><br>Where are details about Exceptions stored? Are they stored [b]distinct [/b]from Firewall Rules in the registry?<br><br>From where can I retrieve basic firewall Configuration info as can be seen in the [b]Control Panel > Windows Firewall[/b] interface or using the [b]netsh firewall context[/b] to list Program Exceptions?<br><br>Wed, 01 Aug 2007 23:33:01 GMTGalehttp://vistaforums.com/Forum/Topic3769-15-1.aspxMost excellent! Thanks!Tue, 13 Feb 2007 07:47:42 GMTBistrohttp://vistaforums.com/Forum/Topic3769-15-1.aspxThanks for the tip!Mon, 12 Feb 2007 17:21:05 GMTw59cb83xhttp://vistaforums.com/Forum/Topic3769-15-1.aspxOut of the box Vista's firewall looks like a regular xp port over. When in reality it now check both incoming and outgoing packets unlike xp. By default all incoming packets are allowed since no default rules are set. To change this go to your run command type "mmc" and go to "file" &gt; "add snap in" and find "advanced windows firewall settings". Go ahead and add this now you can naviate all your rules for both incoming and outgoing traffic. Enjoy!Tue, 06 Feb 2007 11:51:40 GMTJason