Windows Vista Firewall: Bidirectional Protection

by Pablo Martinez.
Share
|
Homepage | Submit your article | Contact | TOS
More articles on windows  

You are here: Categories » Computers and technology » Windows

If you access the Internet using a broadbandcable modem or DSLservice, chances are, you have an always-on connection, which means there's a much greater chance that a malicious hacker could find your computer and have his way with it. You might think that with millions of people connected to the Internet at any given moment, there would be little chance of a "script kiddy" finding you in the herd. Unfortunately, one of the most common weapons in a black-hat hacker's arsenal is a program that runs through millions of IP addresses automatically, looking for live connections. The problem is compounded by the fact that many cable systems and some DSL systems use IP addresses in a narrow range, thus making it easier to find always-on connections.

When a cracker finds your address, he has many avenues with which to access your computer. Specifically, your connection uses many different ports for sending and receiving data. For example, web data and commands typically use port 80, email uses ports 25 and 110, the File Transfer Protocol (FTP) uses ports 20 and 21, the domain name system (DNS) uses port 53, and so on. In all, there are dozens of these ports, and every one is an opening through which a clever cracker can gain access to your computer.

As if that weren't enough, attackers can check your system to see whether some kind of Trojan horse virus is installed. (Malicious email attachments sometimes install these programs on your machine.) If the hacker finds one, he can effectively take control of your machine (turning it into a zombie computer) and either wreak havoc on its contents or use your computer to attack other systems.

Again, if you think your computer is too obscure or worthless for someone else to bother with, think again. A typical computer connected to the Internet all day long will be probed for vulnerable ports or installed Trojan horses at least a few times a day. If you want to see just how vulnerable your computer is, several good sites on the Web will test your security:

The good news is that Windows Vista includes an updated version of the Windows Firewall tool that debuted in Windows XP. This program is a personal firewall that can lock down your ports and prevent unauthorized access to your machine. In effect, your computer becomes invisible to the Internet (although you can still surf the Web and work with email normally).

The main change in Vista's version of Windows Firewall is that the program is now bidirectional. This means that it blocks not only unauthorized incoming traffic, but also unauthorized outgoing traffic. If your computer does have a Trojan horse installed (it might have been there before you installed Vista, or someone with physical access to your computer might have installed it), it might attempt to send data out to the Web. For example, it might attempt to contact a controlling program on another site to get instructions, or it might attempt to send sensitive data from your computer to the Trojan's owner. A bidirectional firewall can put a stop to that.

The Windows Firewall in Vista also supports the following new features:

  • The IP Security (IPSec) protocol

  • Environments that use only Internet Protocol version 6 (IPv6)

  • Both incoming and outgoing firewall exceptions

  • Exceptions applied to specific computers and users

  • Exceptions applied to many different protocols (not just TCP and UDP)

  • Exceptions applied to both local and remote ports

  • Exceptions applied to specific interface types: location area network, remote access, or wireless

  • Exceptions applied to specific Vista services

  • Command-line support for controlling the firewall

From this list, you can see that Vista's firewall is a far more sophisticated tool than any of the versions that shipped with XP or its service packs. Reflecting that sophistication is a powerful new interface for working with Windows Firewall settings, exceptions, and monitoring. It's called Windows Firewall with Advanced Security (WFAS), and it's a Microsoft Management Console snap-in. To load it, press Windows Logo+R, type wf.msc, and click OK. The new Windows Firewall with Advanced Security snap-in offers sophisticated firewall-management features.

The home page of the snap-in presents an overview of the current firewall settings, as well as a number of links to configure and learn about WFAS. This snap-in configures the firewall by setting policies and storing them in two profiles: The Domain Profile is used when your computer is connected to a network domain; the Standard Profile is used when your computer is not connected to a domain.

The scope pane contains four main subbranches:

  • Inbound Rules This branch presents a list of defined rules for inbound connections. In most cases, the rules aren't enabled. To enable a rule, you right-click it and then click Enable Rule (or you can click Enable Rule in the Action pane). You can also create your own rules by right-clicking Inbound Ruless and then clicking New Rule. This launches the New Inbound Rule Wizard. You can create your own firewall exceptions for inbound (shown here) and outbound traffic.

  • Outbound Rules - This branch presents a list of defined rules for outbound connections. As with inbound connections, you can enable the rules you want to use and create your own rules. Note, too, that you can customize any rule by double-clicking it to display its property sheet. With this property sheet you can change the program executable to which the rule is applied, allow or block a connection, set the computer and user authorization, change the ports and protocols, and specify the interface types and services. Use an exception's property sheet to customize all aspects of the exception

  • Computer Connection Security You use this branch to create and manage authentication rules, which determine the restrictions and requirements that apply to connections with remote computers. Right-click Computer Connection Security and then click New Rule to launch the New Authentication Rule Wizard. Use the New Authentication Rule Wizard to set up a new authentication rule.

  • Monitoring This branch shows the enabled firewall settings. For example, the Firewall subbranch shows the enabled inbound and outbound firewall rules, and the Connection Security, Rules subbranch shows the enabled authentication rules.

Share
Leave a comment or ask a question
Total comments: 0

Windows Disclaimer

  • The e-articles directory is not responsible for any and all copyright infringements by writers and authors. If you suspect the information contained by this page for any copyright infringements, please contact us to investigate the issue
Enhance SATA Disk Performance in Windows7 - You can improve the performance of your SATA hard drive by enhancing write caching. If you are not sure whether or not you have an SATA drive in your computer, please check with your manufa (more...)
Speed up Your External Hard Drives in Windows7 - The default setting in Windows 7 disables write caching for external drives. This is done so that you can remove an external drive at any time without data loss. If you are willing to eject your dr (more...)
Use Windows7 ReadyBoost to Speed up Programs - Using Windows ReadyBoost is a great way to improve the performance of your computer when doing your day-to-day tasks. What is ReadyBoost? ReadyBoost uses a USB thu (more...)
Make Windows7 Shut Down Faster - As you install programs on your computer, it slows down-we all know that. However, what you may not know is that the programs install services. Windows is "kind" enough to patiently wait for these (more...)
Activate Hidden Regional Themes in Windows7 - Windows 7 is a worldwide operating system and Microsoft made a really good move by adding regional wallpapers into the operating system. When you choose your region settings, the appropriate theme (more...)
Windows7 :: Save Your Settings as a Theme - When you are satisfied with the appearance of your windows desktop, you can save the settings as a theme. A theme incorporates the following settings: • Color and appea (more...)
Windows 7 Set Views for all Folders - Windows 7 does a pretty good job at analyzing the content of a folder to determine how it should display the files. 98% of the time I want to see the details of the files and I don't care for thumb (more...)
Customize Folder Icons in Windows 7 - In this tutorial, you'll learn how to customize your folder icons in Windows 7. To change your folder icons: 1. Right click on the folder you want to customize the i (more...)
Windows 7 :: Sync System Clock with Internet Time - Just as in Vista, you can synchronize your clock with an internet-based server in Windows 7. This will ensure that your computer date and time is always correct. Having the correct time is essentia (more...)
Scan Your Drive for Duplicate Files - Do you have thousands of photos, documents, songs, etc, on your hard drive? If you do, you'll likely have duplicates all over the place. In this tutorial, you'll learn how to search for duplicates (more...)
 
free content
    Copyright © 2006 - 2012 e-articles.info.
The texts, articles and tutorials in the directory are property of their respective owners and authors.