Is enough if enable windows firewall for both home and public

Hi,
Will it be enough if i just enable the firewall on both private and public without making any additional settings.
Now even your network settings are attacked by programs from computers as well as routers. What are the additional settings that could be applied to default firewall settings to get secured browsing experience and could get protection from hackers and other commercial crooks, who invade the dns nowadays.
I also want that i do not want any abnormal behaviour when i set the settings tightly

Hi, why no reply for my query. Is it not a concern. If you enable all outbound, then you are running the risk of leak. If you block all , you are running the risk of no normal internet activity. so, i ask

Short answer: NO. You need to configure the rules of the firewall to match exactly your programs and typical usage. There is no way a default configuration of anything could know what do you use on your computer.

Long answer: Windows Firewall default settings are a disaster waiting to happen, plain and simple. To begin with, outgoing blocking is disabled, and for incoming connections, the rule set is extremly permissive, allowing pretty much everything (as well the outgoing rules too, but those are ignored by default). This allows normal working for all the built-in compontents but provides no protection at all in practice.

To actually get some benefit from a firewall you need to configure the rules carefully to allow connections you know from programs will do, and nothing else. A firewall sole purpose in life is precisely to mess with network activity and drop everything not explictly allowed.
Therefore, to get some benefit from a firewall, you must learn some basics about networking, protocols, ports and how programs you use use them, then set the rules accordingly to allow the minimum fundamental connectivity.

jraju said:

I also want that i do not want any abnormal behaviour when i set the settings tightly

Then you must learn what network operations do you use exactly and add those rules. Firewalls protect you because the use a black-list approach (block everything not trusted), so you must state what things are to be trusted and what else can be blocked. It involves a little of trial and error, and failures may occur from time to time.

jraju said:

who invade the dns nowadays

A firewall doesn't protects against DNS-based attacks. To use internet pretty much every operation will go though a DNS server, then you need to allow acces in the firewall. But a firewall in itself cannot determine if the responses from DNS queries are legitimate or have been tampered with, all it does is to allow them or block them althogether.

jraju said:

If you enable all outbound, then you are running the risk of leak. If you block all , you are running the risk of no normal internet activity

Exactly. The extreme opposites are possible, that's why configuration is the core of a firewall protection and determines how much it protects and how much it interferes. What I like to do is to start with an empty rule set (effectively blocking everything incoming and outgoing) then progressively create rules to allow each and every programs as they need network access and work correctly. A little of trial and error is involved in the process.

Hi, I want clues regarding windows firewall.
Your link relates to general malware tips. There was no mention of controlling outgoing traffic in general firewall settings.
If your internet is not safe, then every malware, trojan, and what not would creep in to your computer to damage.
I also think that windows allow some ports to be opened always, as otherwise, you would not get internet access.
Probably one is attacked either thro ping, http and ftp traffic. Are there any way to check these kind of intrusions. Hope you understand, what i want

Hi, Aleja, Thanks for your tips. But is it not a tedious exercise to control each programs , whether to allow or not. Ofcourse, windows firewall pops up to show, that some access is blocked from a site, allowing some thing and alert you to allow or disallow.
In these days of router attacks, you might have known that grc.com was down for a couple of days, due to ddos attacks. He is an expert and his site is attacked.
If only windows firewall configurations are managed effectively these attacks would have been avoided.
I checked my internet access with grc.com and everything was said to be stealthy.
But i know, router and windows allow certain ports open, as otherwise, we would not get internet access.
I also know that these ports are 80, and 21 http and ftp ports. Port 80 is said to be open in all the circumstances. Then how to manage these ports in firewall.
This post would seem to be out of subject, but if only i know how to configure the firewall with out affecting the normal browser experience , then it would be a kind of security measure everybody could hope to follow.
If i use personal firewalls, then there is a risk of what they will do. First , i think it will stop, the windows firewall at the first instance, which is somewhat risky to do.
So many authors have dealt with so much things, but regarding configurations of firewall only few touch upon, fearing that would block usual internet access. A newbie could not know, whether his internet is affected by trojan, etc.etc. I want to know