• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Using Windows Firewall to block Home-Phoning

lopri

lopri

Elite Member
I've used all 3 licenses (NIS) I purchased and I just need one more system to cover, so I figured I'd try the new Microsoft Security Essentials. Unfortunately it doesn't looks to have a firewall, so I figured I'd take this opportunity to learn how to use Window's built-in firewall functions.

The function I'd like get to work is selectively blocking applications' phone-homing behaviors. I looked at the advanced configuration in Windows Firewall (Windows 7), and it's somewhat daunting to me for a noob like me. With other firewalls I've used in the past I could simply navigate to an .exe and 'block outbound connections'.

I believe the same can be done using Window's built-in firewall, but I don't know how. Is there any tutorial, or any tips?

Thanks!
 
BTW the OS is Windows 7 Pro.

Edit: Do I have to create a separate (yet the same) rule for each application I want to block? That seems a little inconvenient. Can I create a rule and apply it to all the apps of my choosing?
 
Last edited:
I don't do outbound filtering. Try setting it to all programs, and see if you can whitelist what you want when prompted.

Alternatively, you could block 2 apps, then find where that information's kept, and add the rest in the same format. I don't know if that's possible, but it's worth a look.

Third choice is not to worry about it. If you trust your installed apps, you shouldn't need to give permission. If you don't trust them; why are they on your computer?
 
Thank you for the suggestions. White-listing would be practical, were I savvy enough to know what all the svchost.exe's do or some other unidentifiable (to my knowledge) executables are for. But I'll keep that in mind.

WRT the 3rd choice, well, let's face it. It's not that simple these days when all the applications want you to register, update, buy something else, or otherwise gather your usage information, etc. I don't need PowerDVD trying to access to Cyberlink server every time I insert a Blu-Ray disc, and I don't want a surprise Adobe update telling me I need to reboot in the middle of something. I think just about every other program today wants to phone-home in some manner, and it is not only annoying but also infringes on my privacy.
 
As lxskllr points out, many legitimate applications need two way communication, therefore needing both inbound and outbound ports.

Which explains why I want a firewall with readily accessible log files. I am not worried about my legitimate applications, I want my log files to show me what illegitimate applications I don't know I have are doing.

And then even if I can't kill the illegitimate applications, I can easily block what they are doing in terms of leaking my data out to third party sources. Sometimes it takes some research to identify the IP's they communicate with, but still they can't hide from my log files.
 
Thank you for the link, lxskllr. It was very informative.

I still don't know if I can apply a same rule to multiple apps, though. It looks like the only way to selectively block outbound traffic is to make a separate rule for every app that I want to block.. I guess I'll have to start looking for a security suite on the cheap.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top