Advanced Windows Firewall Rules: block outbound connections by default.

Discussion in 'other firewalls' started by AlexC, Mar 15, 2013.

Thread Status:
Not open for further replies.
  1. AlexC

    AlexC Registered Member

    Joined:
    Apr 4, 2009
    Posts:
    1,280
  2. The Red Moon

    The Red Moon Registered Member

    Joined:
    May 17, 2012
    Posts:
    3,872
    I believe windows update uses the BITS service for automagically downloading updates.I regard this service as a bit unsafe and ive disabled it without any adverses effects.I just run a windows update check manually usually on the second tuesday of every month but can be done when you wish.

    The windows firewall looks an incredibly customizable firewall and offers more configurability than most but it isnt the easiest of firewalls to tame.
     
  3. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    Yes, it will prevent it from working. You'll need to create a rule to allow both UDP* (DNS/53) and TCP (80, 443) for the process svchost.exe and bind it to the service Windows Update.

    * If necessary.

    You could use one of those Windows Firewall applications that allow you to intercept outbound connections, create the needed rules for Windows processes and your applications, then ditch those firewall applications. (If it makes your life any easier, of course.)
     
  4. AlexC

    AlexC Registered Member

    Joined:
    Apr 4, 2009
    Posts:
    1,280
    Thanks! :thumb:

    I'll probably opt for manual updates (allow all outbound connections only while Windows is getting and installing the updates, and after it finishes, block again outbound connections by default)
     
Loading...
Thread Status:
Not open for further replies.