Theories on Windows Vista Firewall

Discussion in 'other firewalls' started by DVD+R, Jul 25, 2007.

Thread Status:
Not open for further replies.
  1. DVD+R

    DVD+R Registered Member

    Joined:
    Aug 2, 2006
    Posts:
    1,979
    Location:
    The Antipodes
    Some speculation on whether the Windows Vista Firewall is adequate, and does it provide exceptable protection have often been raised, and whether 3rd Party Firewalls should be installed :cautious:

    Well the Simple answer is "YOUR DAMN SMOKEY IT DOES" I know because Yesterday I fiddled around with Some Advanced Inbound/Outbound Connections, and ran several Online tests. it passes all but the leaktest on pcflank, everything stealthed, and on Shields Up it does the same. If your paranoid about the Media Hype on Leaktests, then by all means buy a 3rd party firewall, but if your Penny Wise and not so much worried about who leaks and who doesnt, then Keep your Sheckles in your Pockets, and Trust Windows Firewall, It Works, and It Works Very Well :ninja:
     
  2. King Grub

    King Grub Registered Member

    Joined:
    Sep 12, 2006
    Posts:
    814
    I didn't think anyone doubted its ability to protect from inbound attacks and intrusions.
     
  3. fce

    fce Registered Member

    Joined:
    May 20, 2007
    Posts:
    758
    window firewall is leaking like Niagara Falls.
     
  4. TairikuOkami

    TairikuOkami Registered Member

    Joined:
    Oct 10, 2005
    Posts:
    2,509
    Location:
    Slovakia
    If you do not have an infected PC and your PC can not get infected, then you do not need an outbound protection at all, so WF will be good enough. ;)
     
  5. PoetWarrior

    PoetWarrior Registered Member

    Joined:
    Apr 16, 2007
    Posts:
    335

    I returned to Vista's firewall after discovering Returnil. These two programs make for a great internet experience. Being behind a router doesn't hurt either.
     
  6. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    O rly? I just installed ZoneAlarm. And what it does? Nothing. All ports closed and some even read this OPEN. WTF!? Freakin Windows firewall does miles beter job.
    Stupid ZA trash omg:rolleyes: Stupid CheckPoint:rolleyes:
     
  7. ccsito

    ccsito Registered Member

    Joined:
    Jul 27, 2006
    Posts:
    1,579
    Location:
    Nation's Capital
    I installed ZA on an old laptop which hadn't been used for nearly 5 years and immediately went to Microsoft's website to download any updates. I immediately got bombarded by over 200 communication alerts just by starting the update action alone. :mad:
     
  8. Diver

    Diver Registered Member

    Joined:
    Feb 6, 2005
    Posts:
    1,444
    Location:
    Deep Underwater
    Interesting...

    I was wondering how good the protection was. Upgrading applications did not require user action, which concerned me. However, certain net enabled programs like Tor required that Tor, Vidalia and Privoxy be given outbound permission, where other firewalls only asked for Tor. This led me to believe it the Vista FW was smarter than I originally thought.

    There is still the possibility that new malware will seek to disable the Vista FW as it will be the one most likely to be in use. That is why users need to be careful with those UAC prompts.
     
  9. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,873
    Location:
    SW. Oklahoma

    Windows firewall in vista with the advanced scurity does a fine job of filtering outgoing traffic as well as incoming. Only the windows firewall in XP doesn't filter outgoing traffic.
     

    Attached Files:

    Last edited: Jul 25, 2007
  10. TairikuOkami

    TairikuOkami Registered Member

    Joined:
    Oct 10, 2005
    Posts:
    2,509
    Location:
    Slovakia
    I know, but I still take the WF as "the best firewall", because its inbound protection, which protects users and they even do not know about it. The inbound protection is the only thing, that most people really need. Common users would not know to handle an outbound protection and skilled user does not need it. ;)

    I think, that it was wise from MS to let the outbound protection disabled by default, because there would be some people for sure, who would seek the way to disable it, just becuase it would ask anything, and they would most likely disable WF completelly and that would not be good, at least not for them. :)
     
  11. GES/POR

    GES/POR Registered Member

    Joined:
    Nov 26, 2006
    Posts:
    1,490
    Location:
    Armacham
    Ive always wondered this myself and still do. This would be the only reason for me to switch. I can also imagine that kind of malware would also be targeted at other widely used brands such as za,lns,etc.

    Anybody knows if such malware exists in the wild?
     
  12. TairikuOkami

    TairikuOkami Registered Member

    Joined:
    Oct 10, 2005
    Posts:
    2,509
    Location:
    Slovakia
    Disabling WF after restart can be done via simple script, but unlike in XP, UAC prompt will appear in Vista, because by default only admin can modify registry.
    Code:
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MpsSvc]
    "Start"=dword:00000004
    You can find the command to stop it right away as well as disabling notification about inactive firewall in the Security center, but UAC will ask (admin action).

    Some security software can be disabled like this, by removing startup entry or even ending it via taskmgr, so using a self-protected software is recommended.
    I guess, that you are loking for this: Firewall termination defense scoreboard explanation, there are similar tests about AV and so on, but I can not find it, sorry.
     
  13. Diver

    Diver Registered Member

    Joined:
    Feb 6, 2005
    Posts:
    1,444
    Location:
    Deep Underwater
    My main concern with having the FW disabled is social engineering. During the installation process for a program UAC is lifted and the installer can do whatever it wants. Install some crap free program and you could be infected. As I mentioned before, malware authors are disabling AV's and FW's but it is usually going to be the most popular ones, and the built in Vista FW qualifies.

    Perhaps this is just as much about whether outbound protection is any good. For it to be relevant the PC must be subject to a zero day attack that gets past the AV but does not disable the FW. Leak test as you desire, but a FW that is turned off will leak like crazy and leave the machine unprotected against inbound worms.

    With a router you have a back up, but a notebook on a public network is without that level of protection.
     
  14. TairikuOkami

    TairikuOkami Registered Member

    Joined:
    Oct 10, 2005
    Posts:
    2,509
    Location:
    Slovakia
    Disabled firewall in Vista is not that bad, since Vista is quite secure by default, but as you pointed out, it is social engineering, which users have to worry about.
    Social engineering is the simplest, but the most effective "malware". It is so simple to email people, that they have to email their password and 10-50% will do so.
     
  15. QBgreen

    QBgreen Registered Member

    Joined:
    Jan 1, 2005
    Posts:
    627
    Location:
    Queens County, NY
    Sorry to run off topic (and slightly juvenile! :D), but this thread just reinforces my very good decision to leave Vista on the shelf. PU!
     
  16. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,873
    Location:
    SW. Oklahoma
    The Firewall in Vista is actually pretty decent. And how do you know your decision to leave Vista on the shelf is a good one unless you have actually tried it. Unless you are that kind of person that listens to and believes all the malicious and stupid gossip concerning anything new. I have been in computers and computer security for decades and I see nothing wrong with Vista, actually it is running very well with no big bad surprises.

    bigc
     
  17. DVD+R

    DVD+R Registered Member

    Joined:
    Aug 2, 2006
    Posts:
    1,979
    Location:
    The Antipodes

    Shut Up fce :p I already said it wasnt Leakproof, and thats not the topic at hand anyways :p
     
  18. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    Ha, ZoneAlarm is even worse. I mean Windows Firewall at least makes you stealthed and checks for server acting apps. ZA checks all programs but constantly keeps doors wide open. WTF!? Are they dumb? I rather use Windows Vista firewall instead...
     
Loading...
Thread Status:
Not open for further replies.