Question regarding Vista FW

To get outbound control in a simple and user firendly manner for the Vista FW there is a free application (Vista FireWall COntrol). Because a few experienced FW users I know, used the default Vista FW (they say it is a decent and fast FW), I have learned to use the Vista FW (FW.MSC) in a dumb ass way.

First installed Vista FW Control, started all of my application possibly needing internet access. Wrote down the programs and program paths asking for outbound. Then unistalled Vista FW Control.

Next I went to FW.MSC

First I changed allow to block for all outbound.

Then I started to create allow entries one for the update service of Vista, the others on a per application basis gotten from VFWC.

For future aps, I added a TEST TRUSTED RULE (which allows outbound for all programs and set to inactive). I use this when I install a trusted program, check what processes pop-up when I push an update buttom in task manager, and allow this program after setting the TEST TRUSTED RULE to inactive again).

I noticed the startup seems to be shorter (Vista FW control always pop-up some 5 secs later).


THIS IS MY QUESTION

What are the benefits of using FW.MSC over Vista FireWall Control?

The only one I have been told is that with FW.MSC the rules are valid right from boot up (that VFWC sets them when this program is loaded)

Could somebody explain?

 

Sorry for not answering your question directly but this is very interesting to me.

When I used Sphinx Vista Firewall control it always allowed Avira’s avnotify.exe no matter what settings I used. The startup delay sheds some light on that problem. Possibly avnotify.exe was connecting before the firewall control started.

Anyhow the firewall control came off my PC and the notifier was blocked using permissions.

I think I may try your method of using Vista’s built in control.

 

I'm still on XP but I'm interested in the Vista experience non the less...

Kees1958: Did you also make any rules for the localhost loopback? Or any proxies (if you have any?) Or did you just go by application permissions?

 

Guys,

To be honest, BigC inspired me to use FW.msc, because he was so positive on the default FW. So I have only applied program rules and the windows update service rule.

May be more experienced Vista FW members could join in and provide some set up tips.

Together with LUA the only leaktest it fails is DNS service call (loop back), so would be interesting to get this right also.

Regards Kees

 

Sigh... the deceptively named Vista Firewall Control DOES NOT INTERACT with the Vista Firewall. It is merely a simple application control "firewall" that can be run with the built in Vista firewall in it's default state (no outgoing control).

A real time control interface for the Vista Firewall is something that's sorely needed. Are there any coders working on Vista?

 

IIRC , the Vista Firewall alone does very poorly in leak tests and it doesn't check if the hash values change (if it even stores them) so allowed programs can easily be replaced by malware.

 

JSKYs - Vista Firewall
http://members.rushmore.com/~jsky/id34.html

Vista Firewall Control : Sphinx Software
http://www.sphinx-soft.com/Vista/order.html

 

please read the post, "Vista FW with LUA"

 

There web site claims differently, please supply info/links to proof your statement.

I repeat the question, what benefits do I have now I use FW.MS in stead of VFWC?

 

Interesting. I assumed it didn't use the Vista firewall infrastructure because it didn't add the newly made rules to the Vista Firewall rules list, but I see now that it just grabs the initial rules once then operates independently.

Reading more, it's really a frontend to the Windows Filtering Platform, not the Vista Firewall, so it's still a bit of a misnomer, but I guess they both work on the same internals.

 

Thx expresso,

So the only benefits I am aware of now are (fw.msc over VFWC)
a) the better startup time
b) the outbound rules are earlier active due to earlier start of Vista's FW service

By the way, we have increased bandwith due to competition between ISP (they increase bandwith without increasing prices), so my son is really happy with it on his Vista64 gaming rig. I have no idea whether this is due to Vista FW or increased bandwith.

Any other gamers using Vista FW two way?

regards Kees

 

Personally, I am. I feel that it's been much faster than Webroot or ZoneAlarm's free offerings. Granted I have not tried Comodo yet, but I do not feel like I need to since the Vista firewall seems to do the job without too many prompts or slowdowns.

I also get a better ping with the Vista firewall.

 

Yep,

To be honest I was a comodo critic, but from experience I have to admit they have the best firewall + HIPS package on Vista64 for normal usage (by a power user). CFW is also native 64 bits.

Vista FW two way is faster according to my Son

Thx for the info