Microsoft Security Essentials (firewall rules override)?

Discussion in 'other firewalls' started by pandlouk, Jul 20, 2010.

Thread Status:
Not open for further replies.
  1. pandlouk

    pandlouk Registered Member

    Joined:
    Jul 15, 2007
    Posts:
    2,572
    I am currently testing Microsoft security essentials and saw a strange of Windows 7 firewall.

    It took me 2 hours to figure out that, when Windows firewall 7 is set in Advanced Security mode (block outbound connections), MSE blocks tcp outgoing packets to remote port 5000 and probably other outgoing and incoming ports. And no info about these hardcoded rules are on microsoft knowledgebase or in the MSE help file .:mad:

    Does anyone know how to access MSE firewall rules and how to modify them?

    thanks in advance,
    Panagiotis
     
  2. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
    Last edited: Jul 20, 2010
  3. pandlouk

    pandlouk Registered Member

    Joined:
    Jul 15, 2007
    Posts:
    2,572
    Hi Cudni,

    -Thanks. I read it but it does not make much sense in this case.

    With Windows Firewall set in default allow outbound mode, communication to remote port 5000 is allowed with MSE realtime on.
    If Windows Firewall is set in block outbound mode, communication to remote port 5000 is blocked with MSE realtime on.
    Creating a rule for the UPnP services only fails.
    Creating a rule for every application fails.
    Creating a rule to allow all outgoing trafic versus the router or versus the whole lan range fail.

    No, the pc is clean. A fresh installation for testing the 64bit 7; it's time for me to migrate too.

    Panagiotis

    edit: ther rules are created and work but windows firewall still blocks the connections.
     
    Last edited: Jul 20, 2010
  4. pandlouk

    pandlouk Registered Member

    Joined:
    Jul 15, 2007
    Posts:
    2,572
    I finally manged to identify the problem.

    MSE does not block port 5000 directly but has a bug that manifests when multiple nics are connected in different type zones. The rules from the different zones seem to merge and there the problems start.

    Anyway, I contacted microsoft support about this. Hopefully they'll fix it in the upcoming versions

    ps. if one of the mods read this thread can close/lock it.

    Panagiotis
     
Loading...
Thread Status:
Not open for further replies.