New
#31
Firewall configuration
I've read through this thread and scanned through all the ones that were linked herein. The one thing that nobody mentioned is the fact that the Windows firewall comes pre-configured to ALLOW all outbound traffic. The links that pointed to posts that detailed how to configure rules to allow outbound traffic from specific programs/ports neglected to mention that you ALSO need to change the default allow behavior to "block" outbound connections that do not have a rule defined to allow the connection.
You can learn how to configure it here: Ensure Two Way Protection with Windows Firewall | PC Security
However, if you change the default behavior to "block" outbound connections by default, then you will need to configure a rule for each program and/or port that you want to allow an outbound connection. This will give you basically the same experience you get with ZoneAlarm... you may get frustrated because you are going to have trouble at first, until you get everything configured.
Why block outbound connections? Simple. Someone earlier posted about problems with trojans from torrent downloads. You can get trojans from many places... even from trusted websites that have been hacked. The outbound firewall blocking won't prevent the trojans from being installed on your system... but it will prevent the trojan from being able to connect to a server on the internet (which would allow it to potentially send your personal information to thieves)... and it will prevent a worm from propagating to other computers on your local network. Now, I know many of you are thinking... "But my anti-virus software should protect me from the trojan." Yes, and the operative word here is "should". However, as any computer security expert will tell you... it is best to have multiple levels of defense in case one of them doesn't catch the virus/worm/trojan/etc.
Is Windows Firewall easier and less frustrating? Yes... because it doesn't protect you from outbound connections in the default configuration. This means that you won't get those irritating pop-ups asking you if it's OK for some program to access the internet... and it also means that programs can access the internet without your permission or knowledge.
Can Windows Firewall be configured to be just as secure as third-party firewalls? Yes, it can. In fact, it can be configured to be MORE secure than some of them. However, it is not as easy to configure as a firewall like ZoneAlarm. ZoneAlarm, by default, blocks all inbound and outbound traffic. During installation, it asks you if you want to automatically configure common programs to be allowed outbound connections (e.g. Internet Explorer, Outlook, Media Player, etc). Then, when a program that has not been configured tries to make an outbound connection, ZoneAlarm prompts you and allows you to configure it to always allow or always block that program... all without having to open the Control Panel to make the change.