Windows7 firewall-how to figure out what ports to open

ulukai · 09 May 2009

So I have started to use windows7 RC and it's build in firewall. Until now i was on win xp with eset firewall. Everything is ok so far except two things:

1.) There doesn't seem to be anything like learning mode for win7 firewall, or is there? How em I supposed to make a rule for application if I don't know what port it needs to open? I know, one can use google, but this can get pretty anoying after a while. Log file also doesn't help much because it doesn't list application names. Is there some kind of 3rd party simple app which would monitor attepts for connection and tell me which port a specific application just tried to use so i could make a rule in windows firewall?

2.) It seems that win7 firewall is creating inbound rules automatically (at least for local applications), can i turn this behavior off?

Thanks.

Jacee · 09 May 2009

Download the "Free" version of Vista Firewall control ... it works with Win7
Vista Firewall Control : Sphinx Software

ulukai · 09 May 2009

Tried that and seems to only make it easier to create rules. Also it automatically enabled some windows default rules that i have disabled (for windows media player).

Edit:
Just to make it clear, I like the way win7 fw is controlled, I think I understand most of the fw stuff, I just need a simple way how to figure out which port a specific application want's to use and also how to disable automatic rule creation (so far i have noticed this behavior on inbound rules only).

ulukai · 11 May 2009

Hello, any more ideas? :)

jimbo45 · 11 May 2009

ulukai said:

Hello, any more ideas? :)

Try looking at the Port Forwarding utility in your Router -- this will often suggest ports to open - especially if you can control your router via a web (browser) interface rather than a command line. The utility might have a help function in it.

Generally if you need some sort of Http server then 80 and 8080 should be open, otherwise open ports for SSH, FTP, RDP if you use these functions (and if you have a mail server then SMTP port).

If you understand "Tunnelling" you can make your system more secure by choosing any port you like and "Tunnel" it to the "Real port" you need

This method is often used for example if you want to log on to a Home computer and the work place blocks the outgoing RDP Port. You use a standard port which IS open (normally SSH or HTTP are open) and tunnel those to your network.

There's documentation here

PuTTY Download Page

Here's how to bypass work Firewalls with Putty-- this is slightly old but the principle is the same.

Using PuTTY (and SSH) to Bypass Firewalls

Cheers
jimbo