question about firewalls and windows7 and later

Discussion in 'other firewalls' started by LMHmedchem, Feb 24, 2016.

  1. LMHmedchem

    LMHmedchem Registered Member

    Feb 8, 2012

    My understanding is that from windows 7 on, all internet access is routed through a windows api. This was supposed to make windows more secure my allowing the OS to monitor and control all connections. My question is weather or not this architecture allow for Microsoft programs to be blocked or not. Since all access is though a windows api, it seems as if it would be pretty easy for windows to have a separate method to allow Microsoft programs to connect, even if they were "blocked" by third party firewall software.

    One reason I am suspicious of this is that long ago, I used the Norton firewall. I had many Microsoft applications such as office set so that the firewall would block access. I happened to be running an external packet sniffer once and I noticed that there was allot of traffic to Microsoft and was able to confirm that the Norton firewall was allowing Microsoft applications to connect even where there was an explicit rule set up to block such connections. Even port explorer showed that when I started up an office application, there was an immediate connection from that application to Microsoft where data was sent and received. I'm sure that most of this was update checks and such, but when I create a rule, I expect the software to implement that rule, not allow exceptions to their business partners who have paid to keep from getting blocked. Also, if there is an exception for Microsoft, others will learn how to make use of it.

    At any rate, I am interested to know if windows 7+ users have tested this, meaning installed a third party firewall, set Microsoft applications to block, and observed using an external monitor to see if applications can still connect or not.

  2. amarildojr

    amarildojr Registered Member

    Aug 8, 2013
    I haven't tried this, but I agree with you: when I set or configure something, I expect this something to work.

    Personally, if that was the case with your OS, I'd buy a simple 30$ router to put in front of the connections. Most of them make blocking addresses pretty easily.

    Or, in a simpler way, try adding MS's servers to the hosts file.
  3. Brummelchen

    Brummelchen Registered Member

    Jan 3, 2009
    from my knowledge HOSTS file do not work für special microsoft addresses due security reason.
    at least i dont care if people like wearing alu helmets or lock their system down to death because they dont trust the installed OS. simple as - if you dont trust - dont use it.

    and as chefkoch wrote - windows 10 can be bypassed