Windows Firewall Rule / Log analyzer?

Discussion in 'other firewalls' started by LuckMan212, May 20, 2010.

Thread Status:
Not open for further replies.
  1. LuckMan212

    LuckMan212 Registered Member

    Joined:
    Aug 19, 2004
    Posts:
    252
    Hi guys,
    I came up empty on this- I am searching for a tool (freeware preferred but open to shareware too) that will analyze the logs from the built-in Firewall of Vista/Win7/Server2008. I am looking for log analysis as well as possibly ruleset analysis (de-duplication!)

    Anybody know of anything like this? Closest thing I could find was a product called "FireSec" but it looks to be quite old and doesn't specifically say anything about supporting Vista, let alone Windows 7.

    thanks for any tips. :cool:
     
  2. wutsup

    wutsup Registered Member

    Joined:
    Sep 20, 2009
    Posts:
    630
    Location:
    United States
    i think windows firewall already has built in logging. you just have to enable it. but i forget how lol. i think you have to go to the advanced tab in the firewall settings.
     
  3. LuckMan212

    LuckMan212 Registered Member

    Joined:
    Aug 19, 2004
    Posts:
    252
    right--- i'm not looking to enable the logging-- I am looking for a tool that I can use to analyze the logs. Also wanting something that can look at my ruleset and consolidate / clean up duplicate entries. I have some programs that add redundant FW rules during each install, so I wind up with 6, 7, 10 or sometimes more rules that are all duplicates. Cleaning them up manually seems like a drag so I was hoping there was some kind of tool....
     
  4. gerardwil

    gerardwil Registered Member

    Joined:
    Jan 17, 2004
    Posts:
    4,748
    Location:
    The Netherlands
  5. LuckMan212

    LuckMan212 Registered Member

    Joined:
    Aug 19, 2004
    Posts:
    252
    thanks. :)
    I checked out that list, seems like the only one that's compatible with the built in fw of Win7 is WallWatcher. Going to give it a try.

    still looking for something that can analyze rulesets and perform deduplication. not sure if such a thing exists.

    do people here on wilders generally run something other than the built in windows fw? if so, what is the reason? are there specific vulnerabilities in the windows firewall that make something else a better solution? this is not an A vs B question, but I just don't see that many comments here about the windows firewall (vista/7 -- not the personal firewall of XP)
     
Loading...
Thread Status:
Not open for further replies.