I get Your system has achieved a perfect "TruStealth" rating without a firewall??

[truthseeker]

I run Vista, and when I turn OFF Vista firewall and have NO firewall on at all, grc.com reports:

Your system has achieved a perfect "TruStealth" rating. Not a single packet — solicited or otherwise — was received from your system as a result of our security probing tests. Your system ignored and refused to reply to repeated Pings (ICMP Echo Requests). From the standpoint of the passing probes of any hacker, this machine does not exist on the Internet. Some questionable personal security systems expose their users by attempting to "counter-probe the prober", thus revealing themselves. But your system wisely remained silent in every way. Very nice.

How is this possible when I dont even have a firewall ON?

And my broadband modem has a firewall option which is turned OFF.

So what is going on?

I was going to install COMODO, but it seems I do not need a firewall at all. Why is that?

[Diver]

2 possibilities:

1. The windows firewall is on by default and was not turned off.

2. The broadband modem has a built in NAT.

[truthseeker]

Quote:

Originally Posted by Diver

2 possibilities:

1. The windows firewall is on by default and was not turned off.

2. The broadband modem has a built in NAT.

The windows firewall is 100% OFF! So we can exclude that.

However, my modem does have NAT on.

What exactly is NAT and how does NAT work like a firewall?

[LoneWolf]

Network Address Translation
here and here

[truthseeker]

Quote:

Originally Posted by LoneWolf

Network Address Translation
here and here

Well it seems I do not need a Vista Firewall then as I get perfect stealth report from grc.com

What other site can I check my windows? Any other site that does firewall and security checking?

[QuinnK]

Quote:

Originally Posted by truthseeker

Well it seems I do not need a Vista Firewall then as I get perfect stealth report from grc.com

What other site can I check my windows? Any other site that does firewall and security checking?

Sometimes a router will leave DNS or port 113 open, but most current routers will give a stealth rating when checked. A router by definition will have NAT as part of it's normal function (unless it's disabled for specific purpose), and will act as a hardware firewall because of that. A router works fine as an incoming firewall, better than XP and Vista at default incoming only, simply because hardware is not subject to some of the by-pass possibilities of software. That doesn't give you any outgoing protection though (program control) or any HIPS function, both of which are usually provided by a good software firewall. Vista firewall can be configured for outgoing.

Quinn

[MikeNash]

Quote:

Originally Posted by truthseeker

Well it seems I do not need a Vista Firewall then as I get perfect stealth report from grc.com

What other site can I check my windows? Any other site that does firewall and security checking?

If you have a NAT'd router (seems you do) then you are pretty much covered for unsolicited inbound connection attempts.

For outbound connections - you can run a series of tests here: www.Matousec.com

[truthseeker]

Quote:

Originally Posted by QuinnK

Sometimes a router will leave DNS or port 113 open, but most current routers will give a stealth rating when checked. A router by definition will have NAT as part of it's normal function, and will act as a hardware firewall because of that. A router works fine as an incoming firewall, better than XP and Vista at default incoming only, simply because hardware is not subject to some of the by-pass possibilities of software. That doesn't give you any outgoing protection though (program control) or any HIPS function, both of which are usually provided by a good software firewall. Vista firewall can be configured for outgoing.

Quinn

How can vista Firewall be configured for outgoing? I cant find that feature anywhere after 30 mins lookings.

I know Vista Firewall protects againnt incoming data but NOT outgoing.

So how can I configure Vista Firewall to check outgoing data?

Thank you

[QuinnK]

Quote:

Originally Posted by truthseeker

How can vista Firewall be configured for outgoing? I cant find that feature anywhere after 30 mins lookings.

I know Vista Firewall protects against incoming data but NOT outgoing.

So how can I configure Vista Firewall to check outgoing data?

Thank you

Google 'configure Vista Firewall'

That should tell you all you need to know about Vista firewall, there's also configuration on it in the Vista help.

Quinn

[Diver]

I have made some posts on that in the last year, they should not be too hard to search out. Its not that easy as the firewall was designed to enforce corporate IT policy, rather than prevent malware from doing sneaky things to impersonate a trusted application and call home. If you are worried about leaks, get something else like Comodo 3 or PCTools. If all you want to do is keep some media players from phoning home, it will do the job.

Hint: the first rules needed are windows update and internet explorer. Windows update can be identified as a service in the rrule rather than a program. Outbound filtering is turned on via the control panel under administrative tools (or the vista equivalent, I am on XP ATM.

[Bubba]

Quote:

Originally Posted by truthseeker

How can vista Firewall be configured for outgoing?

From the Windows Vista Help page....Allow a program to communicate through Windows Firewall

[acr1965]

If nothing else, you can try the Vista Firewall Control. There is a free and paid version. I made a post about VFC on another blog and got a free license for the full version within a day or so.

http://www.sphinx-soft.com/Vista/index.html

[truthseeker]

I found a webpage that tells me exactly how to configure Vista Firewall for outgoing traffic:

http://technet.microsoft.com/en-us/l.../bb877967.aspx

To configure advanced settings for the new Windows Firewall, you must add the new Windows Firewall with Advanced Security snap-in to an MMC console by doing the following:

1.

From the Windows Vista or Windows Server "Longhorn" desktop, click Start, type mmc, and then press ENTER.
2.

In the MMC console window, click File, and then click Add/Remove Snap-in.
3.

In the Available snap-ins list, click Windows Firewall with Advanced Security, and then click Add.
4.

When prompted to select the computer to manage, click Local computer, click Finish, and then click OK.

[truthseeker]

Quote:

Originally Posted by acr1965

If nothing else, you can try the Vista Firewall Control. There is a free and paid version. I made a post about VFC on another blog and got a free license for the full version within a day or so.

http://www.sphinx-soft.com/Vista/index.html

Wow, I downloaed the free version and installed it.

It seems great! If I am not mistaken, it blocks ALL outgoing traffic and data. And when I loaded firefox, thunderbird etc, they were all blocked, HOWEVER, a nice little message box popped up asking if I want to allow that program outgoing flow of traffic.

Looks great and exactly what I was looking for.

Does this mean that I only need the FREE version to now have Vista work as a incoming and outgoing firewall?

Does this program do the work for me, saving me having to manually enable the advanced settings for Vista Firewall?