Specifying Services for the Firewall


  1. Posts : 3
    Windows 7 Home Premium
       #1

    Specifying Services for the Firewall


    I want to take my firewall security to another level, but I am having a hard time trying to figure out how to connect to the internet.

    I have svchost.exe and iexplore.exe as my two programs that I want to get through the firewall, but I only want to specify the services that those programs need to just access the internet, as that is all I use internet explorer for. I just found it scary that allowing all programs and all services for those files through the firewall would enable remote hosting, file sharing or other network things that would compromise the security of my computer as the services allow for that to happen.

    So what I have been doing is adding a new rule for every service I wish to add for that file and I can't seem to figure out the services I need to access the internet. That's the first step I want to do. The second step would be figuring out how to find the services required for Malware Anti-Bytes so it can update the database virus and software on my computer, as I assume it needs some services to change the files on my computer. I have Filehippo and Adobe passing through firewall with outbound rules, and I made it so there are no inbound rules to prevent anybody from coming in, but I just want to be sure that nothing outside my permission goes outbound.

    I just want to know what the minimum services that are required for svchost.exe, iexplorer.exe and Malware Anti-bytes, so I can access the internet and update virus software or get other software updates running like Adobe, while closing the loopholes on those services to prevent them from running when they don't have too. Also, if there are any other suggestions, that would be great.

    Thanks.
    George
      My Computer


  2. Posts : 1,102
    OEM Windows 7 Ult (x64) SP1
       #2

    Hi::)

    Welcome.

    You wrote:

    GeorgeJungle said:
    o. The second step would be figuring out how to find the services required for Malware Anti-Bytes so it can update the database virus and software on my computer, as I assume it needs some services to change the files on my computer. <snip>
    I just want to know what the minimum services that are required for svchost.exe, iexplorer.exe and Malware Anti-bytes <snip>
    George
    I'll leave it to others more expert in security matters to provide specific advice about your intended approach.
    And Malwarebytes Anti-Malware ("MBAM", not "Malware Anti-bites") is NOT an anti-virus. It is an anti-malware application designed to run alongside an anti-virus for layered protection.

    However, the generic instructions for "whitelisting" or "excluding" Malwarebytes Anti-Malware in one's AV and firewall are as follows:

    Code:
    Please exclude the following files from your Antivirus Software for your version of Windows:
    
    
    For 32 bit versions of Windows XP, Windows Vista, Windows 7 & Windows 8 & Windows 10:
    
    
    • C:\Program Files\Malwarebytes Anti-Malware\mbam.exe[/*]
    • C:\Program Files\Malwarebytes Anti-Malware\mbamdor.exe[/*]
    • C:\Program Files\Malwarebytes Anti-Malware\mbampt.exe[/*]
    • C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe[/*]
    • C:\Program Files\Malwarebytes Anti-Malware\mbamresearch.exe[/*]
    • C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe[/*]
    For 64 bit versions of Windows Vista, Windows 7 & Windows 8 & Windows 10:
    • C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe[/*]
    • C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamdor.exe[/*]
    • C:\Program Files (x86)\Malwarebytes Anti-Malware\mbampt.exe[/*]
    • C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamresearch.exe[/*]
    • C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe[/*]
    • C:\Program Files (x86)\Malwarebytes Anti-Malware \mbamscheduler.exe[/*]
    Note: If you are using a software firewall besides the built in Windows Firewall, you'll need to exclude MBAM.EXE, MBAMSERVICE.EXE and MBAMRESEARCH.EXE from it, as well. Note: Once that's done, please make sure that if either of those programs has any sort of web filter, that you add the following as a trusted site:
    HTML Code:
    data-cdn.mbamupdates.com
    Hope this helps,
    MM
      My Computer


  3. Posts : 3
    Windows 7 Home Premium
    Thread Starter
       #3

    Thank you Moxie,
    I actually want to include Malwarebytes in the firewall, but with the intention to exclude services rather than allow all services for that specific program. I see services being another layer for the firewall.

    My intention is to know a standard for windows services that are allowed for anti-malware programs or anti-virus software or just a file updates that I wish to download, as I am looking for the general standard of these say 8 services that are required to do the update. So I can just apply x services to the file in the firewall to allow for that program to work, as that is all I want is for the program to work without the unnecessary services. I just know that the web browser interacts with the firewall differently then a software update would and I just want to know what services that I need allow through the firewall based on how the program interacts with the internet.

    Thank you.
    George

    *** Sorry. My bad. Include and exclude makes me forget if it goes through or not. Excluding things means leaving it out, but I am including the Malwarebytes in the outbound rule to exclude it from the firewall as I am already blocking all outbound connections and I got a little confused. My bad. Maybe you understand my confusion, as maybe you are confused as to what I just said. My bad again.
      My Computer


  4. Posts : 3
    Windows 7 Home Premium
    Thread Starter
       #4

    I just want to eliminate the ability for all inbound connection possibilities to be removed. It is a personal computer and I do not have to share files on a network or remote host, or peer networking. Stuff like that. I just want to block all incoming connections that can come from a process, but still have it so I can use my computer without any issues of something blocking its use. I just think if the process to peer network or home group is enabled, then a program can use that service as it runs in the background and I wouldn't know about it and I don't need it. It would signal that someone else is doing that and I want to block that.

    That's the intended goal.
      My Computer


 

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 06:41.
Find Us