Doubts regarding outbound firewall on 7..

I've been using Win 7 for 8-9 months now with just the in-built firewall at default settings (no real outbound protection), so i thought today i should enable outbound protection as well as its already provided.

After setting it to the required level and configuring some services that were provided in a very helpful guide here at wilders, i have a few questions:

a)I have enabled access to windows update, MSE updates (BITS), error reporting and Time sync on svchost.exe,
but when i look at my task manager there are just so many services running under it that i can't help but have doubts regarding how many more services do i need to enable outbound access?? So far i haven't come across any problems though.

b)I gave Win7 firewall control free a try and it had prompted me for 'system' accessing the internet. I have since uninstalled it as i did not find it so useful apart from some prompts. Should i enable access to system in the firewall (if yes then how?) or am i ok without giving it access?

c)Is enabling access for ICMP needed or can i live without it?

Please do care to go through my post. Thanks a lot for your time.

 

The Windows built-in Firewall has no outbound popup dialog! (Home premium here)
The only option is to set all blocked by default and let them out with rule.
you only need the firewall service.

the poor w7fc is only inbound/outbound yes - but no ports and no zones.
you should get pc tools firewall instead.
w7fc uses the WFP windows filtering protocol als winwall, but have its own settings!

ICMP is important for some protocols
http://en.wikipedia.org/wiki/Internet_Control_Message_Protocol
if there were default settings you should not touch them unless you know what to screw.

 

Thanks for the reply Brummelchen, i'm familiar with the fact that i have to allow all the applications that i want. I've done that but i'm just not sure which of the many services running under svchost.exe do i need to allow internet access (other than the ones i've listed), or should i just allow svchost.exe to access the internet as a whole??

Another doubt is the process known as 'system' that always wants to access the internet, which w7fc prompted me for. How should i allow it in windows 7 firewall? Or should i just leave it without access as i am not encountering any problems right now....

 

Are you sure you want outbound control anyway?

(Outbound protection doesn't exist, it is just outbound control, you can only interpret outbound protection in terms of don't let keyloggers call home or something like that, but that only matters AFTER you have been (inbound) infected.)

 

Matthijs5nl, I very well know about this fact , i've never been infected or even came across a virus in quite some time, well except for infected usb drives, but still they couldn't infect me.

I have been using my system with just the windows firewall (even when i was on xp) for quite some time, but now when outbound protection is already provided with 7, i figured what the hell its just added protection; as i do a lot of financial transactions on my system its good to be more secure.

 

i mentioned above - you only need firewall service

none of these - and none of these affect your purpose or firewall service.
again: the firewall service has NO outbound popup.

PS
i have only 26 services running (ms only, and 5 additional, 31 all together).
(no win7 network, only a proper working lan 7<>xp)

 

Punch,

check out this thread for Vista's fw. It applies nicely to Win 7's as well:

https://www.wilderssecurity.com/showthread.php?t=239750