Firewall rules question

Discussion in 'other firewalls' started by Mike6080919395, Aug 5, 2011.

Thread Status:
Not open for further replies.
  1. Mike6080919395

    Mike6080919395 Registered Member

    Jul 16, 2009
    Is it neccessary to give msseces.exe a firewall rule at all?

    I created a block all rule that only gives it remote port access to ports 80 and 443, but I don't know if its even neccessary since I can't actually see it scanning webpages in its interface when I open them. Does security essentials even scan web traffic as you browse the web? Is this rule neccessary at all? The individual updates to this program seem to be tied directly into the windows updates firewall rule.
  2. alexandrud

    alexandrud Developer

    Apr 14, 2011
    MSE do not offer web shield against rogue and malicious websites unless the website will download or load content that is malicious.
  3. siberianwolf

    siberianwolf Registered Member

    Feb 15, 2009
    i don't think you should modify any settings of the fw sw for any other trusted security software. it's best to leave it as is.
  4. m00nbl00d

    m00nbl00d Registered Member

    Jan 4, 2009
    msseces.exe is the process for Microsoft Security Client User Interface. You could try and see if you can still update MSE by opening its GUI (graphic user interface) and manually check for definition updates.

    Other than that, I don't think it needs to communicate with the Internet.

    You should give permissions to Network Inspection System (NisSrv.exe), though.

    This article should let you know how to create the firewall rule for it -

    Take a look where it says Application Layer Protocols Supported by NIS.

    If you have scheduled a task to automaticlally search for and update definitions, make sure whether or not you'd need to allow MpCmdRun.exe (ports 80, 443) and any other MSE process that may be blocked.
  5. Escalader

    Escalader Registered Member

    Dec 12, 2005
    Land of the Mooses
    There MAY be a bit of confusion here.

    MSE is NOT in and of itself a firewall (FW) so users just exploit it's settings to control it's functions as a scanner.

    A proper FW product will only have rules for the executables that need access to the www plus those exe that are allowed by the user. FW's should not allow access for those that do not need access. No rule no access.

    This means that IF exe's do not need access it should not have a rule and users should not assume they do and try to out think them.

    But MSE does update to get new definitions and logic improvements thus access is needed. Sometimes vendor products hard-code access to their own web sites right in to the code and you will not see a rule request.

    I don't know what FW you are using but when you set it up it should have asked for all permissions as it went through it's learning curve.

    My own experience is that many products ask for the www and don't need it. In those cases I just deny them.
Thread Status:
Not open for further replies.