Vista Firewall OUTBOUND Rules

Discussion in 'Main Lounge' started by Bill Maxwell, Jul 25, 2007.

  1. Bill Maxwell

    Bill Maxwell

    Joined:
    Jul 25, 2007
    Messages:
    5
    Likes Received:
    0
    I am trying to learn how to use the Vista Firewall - Advanced Security Settings.

    I want to block Outbound Connections for all programs except internet explorer.

    I went into Outbound Rules and set up a new rule as follows:

    Rule Type - Program

    Program - This Program Path - %programFiles%\InternetExplorer\iexplorer.exe

    Action - Allow the connection

    Profile - Ticked all three

    Name - Internet Explorer

    Then in Private Profile - STATE - Outbound Connections, I change it from Allow (Default) to Block.

    I am NOT on a Domain and connect to the net using a Dlink ADSL router DSL 502T.

    After all that IE will not connect. If I change the state of Outbound Connections back to Allow all is fine.

    What have I done incorrectly or left out?
     
    Bill Maxwell, Jul 25, 2007
    #1
    1. Advertisements

  2. Bill Maxwell

    Jason

    Joined:
    Sep 26, 2005
    Messages:
    2,081
    Likes Received:
    0
    Location:
    Chicago,IL
    This is a good question, many people can probably benefit from this:

    First you can't just create a blanket rule that prevents any traffic from leaving the computer. Doing so would serve the same purpose as unplugging the network cable from the computer. There are a number of internal Windows functions that must be able to send outbound packets in order to perform even the most basic networking functions. Therefore, you will have to be careful about how you filter outbound packets.

    Here is a Guide I found online for setting up outbound protection. You must set up the rules on a per port or per program basis. It's not as simple as just saying "block all outbound".

     
    Jason, Jul 26, 2007
    #2
    1. Advertisements

  3. Bill Maxwell

    Bill Maxwell

    Joined:
    Jul 25, 2007
    Messages:
    5
    Likes Received:
    0
    Thanks for the reply. I did find one thing that stopped Internet Exploer for connecting and that was my antivirus program AVAST. I set up a rule allowing AVAST to connect, and now I can get on the net. Howver like you said some services are blocked and I am still trying to figure them out. Windows Update will not connect and Windows Defender will not update.
     
    Bill Maxwell, Jul 26, 2007
    #3
  4. Bill Maxwell

    Jason

    Joined:
    Sep 26, 2005
    Messages:
    2,081
    Likes Received:
    0
    Location:
    Chicago,IL


    If you follow the tutorial above, and when it comes time to pick a program vs. a service, select service and you should be able to select Windows Update and allow that to connect. Defender should be a on a per program basis.
     
    Jason, Jul 27, 2007
    #4
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.