Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.

Windows 7: Win 7 Firewall... Perfect if it only did...

01 Jan 2010   #1

Windows 7 Pro
Win 7 Firewall... Perfect if it only did...

This is long winded so for those who just want to get to the point.. I have 2 issues

1) How can I determine what is being blocked by Windows Firewall's outbound rules so that I can create an allow rule?

2) How can I prevent a program from using an allowed program (like IE) to access the internet?

Now.... the things I love about the new Windows FireWall....

I am trying to stick with MS products since my computer runs so much smoother and faster than when running 3rd party Protection software. But there is a problem that I just can't seem to figure out and before I give up on MS products, I thought I'd ask.

Briefly put, I am a firm believer in completely turning off ALL inbound and outbound communication. I then open up only the ports I need, for the protocols I need, for the Applications that need them.

I will say that the approach that WF has taken is outstanding! All my dreams come true because I think it works the way it should... Block EVERYTHING unless I make a rule otherwise. This is so much cleaner.

To hit that point home, lets say that you want IE to be able to browse the web. But you want your Print Spooler to only have access to your network printer. For most firewalls you have to

1) Create a general rule that allows TCP traffic out on port 80 (HTTP),443 (HTTPS), and port 515 (Print Spooler)

2) You then have to go into your Application rules to block IE from using port 515 and the Print Spooler to block port 80 and 443.

... this can get messy real quick.

Instead, for WF, you just need to

1) Create a rule for IE and give it access to 80,443.
2) Create a rule for spoolsvc and give it access to 515


....... NOW FOR THE PROBLEM AT HAND .........

If I can not figure out a solution to these 2 items, I'm going to have to toss WF out the windows (pun intended) and go back to a 3rd party.

1) Whenever you perform a task that you actually WANT to get out to the internet, initially it will be blocked. Normally you then just look at the Firewall log and it will tell you what application is attempting to access what Address on which port using which protocol... you can then just create your rule..... The Log for WF is terrible and only shows you a dropped packette. It does not tell you what was trying to use the internet and therefore there is no way you can make a rule...

For example, if I had not known that to print I needed to allow spoolsvc.exe access to, TCP port 515 I would have never been able to determine that using the WF logs.

2) The one big flaw of WF is its lack of leak testing. (Zone Alarm is the only one I know that catches the following). Say I have a program that does not access the internet directly (which is blocked by default with Outbound set to BLOCK). Instead it launches IE and passes it a URL with the info. All the other firewalls I have tested allow this to happen.

For example, CCleaner is a great program and I trust it. However it has no business accessing the internet. However there is a link that says "check for updates" and when you click on this, it auto opens IE, takes you to the vendors website where it passes along the program version.

This could just have easily been a spyware program passing off data that it has collected... Sure you see IE open up but by then it is too data has been collected. (Like I said, Zone alarm is the only firewall I've seen that blocks this)

My System SpecsSystem Spec
01 Jan 2010   #2
Microsoft MVP

Windows 7 Ultimate 32bit SP1

You can use this free Firewall control Windows 7 Firewall Control : Sphinx Software
My System SpecsSystem Spec
01 Jan 2010   #3

Windows 7 & Windows Vista Ultimate

With Windows Firewall, GRC's Shields up shows my computer in complete stealth mode:

CCleaner does have periodic updates which you can check manually. However, when setting up CCleaner, it is simple enough to set it NOT to check for updates each time it is opened. It is important to read all of the screens when installing software.

You may also want to take a look at Microsoft MVP Deb Shindler's writeup What's new in the Windows 7 Firewall? and see if that helps.
My System SpecsSystem Spec


 Win 7 Firewall... Perfect if it only did...

Thread Tools

Similar help and support threads
Thread Forum
Windows Firewall disables itself every 5 or 6 hours "Wndows Firewall i
I have a problem with Windows Firewall disabling itself every 5 or 6 hours on my computer! Windows Firewall will automatically disable itself and give the following message "Windows Firewall is not using the recommended settings to protect your computer." with only one option "use recommended...
System Security
Windows Firewall starts with 3rd party firewall installed and active
Hi guys, Could anyone explain to me why Windows Firewall starts when I have Comodo Firewall installed and running? It makes me nervous! :confused: I have a fresh installation of Comodo Internet Security. The only reason I knew it was running was because I got the message after a reboot,...
System Security
Windows Personal Firewall service and Mcafee firewall not turning on
I have been dealin with this 2 days now and went through all the steps recommended by Microsoft... even downloaded Virtual tech for mcafee and FIx it for MS none worked. went to google to try to follow other advises and tried to do malware removal . after it i followed these steps: Download both...
System Security
What is the PERFECT desktop?
Show me your so called PERFECT desktops if you will, I am trying to get somthing simple yet professional. I was thinking of making the desktop plain black but it doesn't look very good as you can't appreciate the screens resolution. Anyway this is my current setup below................
eset firewall and anti virus or whats the best firewall with windows
IS the esset firewall any worth comparied to comando? or outpost or others? I know its mainly a anti virus with built in firewall but does is it worth it? is comando the best?
System Security

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 22:04.
Twitter Facebook Google+ Seven Forums iOS App Seven Forums Android App