Living With the Vista Firewall (Outbound Filtering)

Discussion in 'other firewalls' started by Diver, Oct 4, 2007.

Thread Status:
Not open for further replies.
  1. Diver

    Diver Registered Member

    Joined:
    Feb 6, 2005
    Posts:
    1,444
    Location:
    Deep Underwater
    There are some nice things about the Vista firewall. Low resources, already there in the OS and a nifty way of handling moving from network to network. No compatibility problems that I can find either.

    When outbound filtering is enabled it is difficult to configure because it blocks outbound connections silently. So far, this is what I am doing to cope with this:

    1. Make a rule for USB loobpack (UDP out to 127.0.0.1) This allows most application rules to be TCP only instead of all IP.

    2. Use TCPview to identify applications that are trying to connect outbound. This has one major flaw. If the app in question attempts an outbound connection and then errors out before you can get a look at TCPview, you have no Idea what happened. Anyone know of something that works better than this?

    3 Developing a methodical approach.

    a. Some apps are obvious like web browsers.

    b. Others are less obvious, but they either halt, dont do what they are supposed to do or give an error message. These include things like CD rippers that contact CDDB or the Tor/Vidalia/Privoxy package.

    c. Some AV programs are rather troubling as they have many executables. They seem to work correctly, but do you really know if they will fail because of a blocked outbound connection. You can check the publisher's website, but often the information is confusing. In many cases a component will need web access for some little used function that might never be revealed even with a typical personal firewall pop-up system. I believe in the near future the publishers of AV's will give better advice on this issue as Vista becomes more popular.

    d. Web installers are a special case. Adobe flash will give an error message on a fresh install, but install incorrectly on an upgrade install. I wasted half a day on this one. Java gives an error message on the web install. For some of these complex web based installations, the best thing to do is temporarily disable outbound filtering. Fortunately, these are the only two that are commonly used and delivered this way.


    If you have any ideas on this topic, I would like to hear from you. If your recommendation is to try another firewall (out of the rather meager choices available for Vista) I would rather not hear from you.
     
  2. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    You can install Flash, Shockwave, Java and Silverlight offline :)
    Java (Choose offline installer)
    Shockwave
    Flash for Firefox
    Silverlight (Choose save to disk)
    :D :D :D
     
    Last edited: Oct 5, 2007
  3. Captn

    Captn Registered Member

    Joined:
    Mar 3, 2004
    Posts:
    5
  4. Diver

    Diver Registered Member

    Joined:
    Feb 6, 2005
    Posts:
    1,444
    Location:
    Deep Underwater
    Lucas,

    I have used these installers. Its a work around when all else fails. Turning off outbound filtering is a work around as well.

    Captn

    I ran Sphinx for a day, but really could not understand what it was doing. What I really want is something like tcpview, but it logs selectively, so I can check the log and see what is trying to phone home.
     
Loading...
Thread Status:
Not open for further replies.