Question about software firewalls

Toggle sidebar Toggle sidebar
D

Doomer

Diamond Member
Dec 5, 1999
3,721
0
0
I'm no expert on firewalls but it seem to me that all the software fire come with a list of exclusions. that is, a list of programs that it will allow to connect to the internet without question. for instance, I have no dout that Microsofts firewall makes no effort whatsoever to block any MS apps from accessing the web.

Are there any firewalls available that will block absolutely everything EXCEPT those apps that you explicitly allow to connect? Also, is there any way to determine the purpose of windows componets connecting to the web? Everytime I print, spooler.exe trys to connect to comcast (my isp). i have no idea how this bit of magic is occuring because I never installed any comcast SW on this computer.
 
A

Atheus

Diamond Member
Jun 7, 2005
7,313
2
0
Yea, windows generates all kinds of wierd traffic. If you want to watch it you need a packet sniffer like ethereal, just start capturing all packets and then do whatever causes the suspicious activity. The resulting output will tell you everything that just went through your network card.

For the record, it does not try to connect to anything outside the network when i print, just the machine where the printer is hosted. How did you determine it's the spooler?
 
jonesthewine

jonesthewine

Senior member
Dec 30, 2003
689
0
76
Are there any firewalls available that will block absolutely everything EXCEPT those apps that you explicitly allow to connect?


Just open the firewall program, go to "internet Applications List" or the equivalent and change the settings from "full access" or to "no access" or "inbound only" or outbound only" for the apps that you want to regulate. The default settings make it easy for newbs to get up and running without having to manually configure everything. Regarding spooler.exe, lots of programs try to phone home...just deny it. I have no idea why it's trying to phone home.
 
D

Doomer

Diamond Member
Dec 5, 1999
3,721
0
0
Originally posted by: Atheus
Yea, windows generates all kinds of wierd traffic. If you want to watch it you need a packet sniffer like ethereal, just start capturing all packets and then do whatever causes the suspicious activity. The resulting output will tell you everything that just went through your network card.

For the record, it does not try to connect to anything outside the network when i print, just the machine where the printer is hosted. How did you determine it's the spooler?
Click to expand...

Thanks, I'll check out ethereal. ZA Pro is telling me that spooler.exe is trying to connect to comcast (did a ip lookup to determine it was comcast.

Thanks jones. I tried Outpost and it was the most straightforward of all the firewalls I've seen as far as controlling individual apps goes. The problem I had with it was that it would block a couple of app even tho they were in the trusted list. I couldn't find any way to get around this so I had to dump it. Also, Outpost used the word "trusted" and, being the dummy I am, I'm not sure if "trusted" is the same as "allow". given that these 2 programs were still blocked even tho they were in the "trusted" list created doubt in my mind, LOL.
 
JackMDS

JackMDS

Elite Member
Super Moderator
Oct 25, 1999
29,553
430
126
The concept of Updating through the Internet and keep Programs, OS, Drivers, etc., updated is in general a good concept.

However, the combo of Business Greed (using the connection for data mining) and Users ?paranoia? make it a None functional asset.

Almost all software that is currently produces has the capacity to connect to the Internet, and many are installed with the ?Feature? On.

So just as if we have Traffic Lights, Toll boots etc., we need a Firewall and spend few seconds on allow or disallow information (programs) to go out to the Internet.

It is a hassle but it does not deserve shedding too many tears about it.

Basic Protection for Broadband Internet Installation.

As for your printer, it might be some thing in the printer's drivers that initiate a connection. Look at the Driver's Setting and see if there is some thing that can be disables (like check for updates).

:sun:
 
D

Doomer

Diamond Member
Dec 5, 1999
3,721
0
0
Thanks JackMDS. Actually, it's the spooler.exe that's trying to connect. I thought it was part of win XP but i guess i could be wrong.
 
JackMDS

JackMDS

Elite Member
Super Moderator
Oct 25, 1999
29,553
430
126
Originally posted by: Doomer
Thanks JackMDS. Actually, it's the spooler.exe that's trying to connect. I thought it was part of win XP but i guess i could be wrong.
Click to expand...
The Spooler is initiated by the Printer's Drivers, try to temporary uninstall the printer drivers.

:sun:

 
You must log in or register to reply here.

TRENDING THREADS

COMPANY
RESOURCES
FOLLOW
Top Bottom