Is the Vista Firewall that good?

  Coff 16:16 08 Jul 2007
Locked

What you think of the contents of this article click here entitled "New Windows Vista Firewall Fails on Outbound Security"? I only use Vista from time to time and have the firewall turned off so I don't have the experience to know if the contents of the article are valid or not, However, I've noticed a posting or two on the Forum stating that the Vista firewall is as good as any other third party firewall.

"...... as shipped, the Windows Firewall offers little outbound protection, and it's not clear how outbound protection can be configured to protect against spyware, Trojans and bots."

"......by default, most outbound filtering in the Windows Vista firewall is turned off. In addition, there may be no practical way to use outbound filtering to stop all unwanted outbound connections."

"Competing firewalls such as ZoneAlarm, the Norton Personal Firewall and the McAfee Internet Security Suite offer user-configurable outbound protection, also known as outbound filtering. When Microsoft reworked its firewall for Windows Vista, it added the ability to perform outbound filtering. But by default, most outbound filtering in the Windows Vista firewall is turned off. In addition, there may be no practical way to use outbound filtering to stop all unwanted outbound connections."

"......Microsoft claims that the firewall can block some malware. But Leznek, (Microsoft senior product manager), concedes that it cannot block all malware, and he claims that a more effective approach than outbound filtering is to use antispyware such as Windows Defender, which the company claims will stop malware from being installed on the PC in the first place."

There's another article click here entitled "Windows Vista half-cocked firewall".

  crosstrainer 16:20 08 Jul 2007

It's not perfect, that's for sure...I use Spybot Search And destroy (Version 1.4 for Vista) and adaware as well as antivirus to secure vista, and I must confess that i have yet to visit my online banking accounts, leaving that to my other PC (XP) and laptop.

  Kate B 17:09 08 Jul 2007

Much more sensible to ensure that malware that might phone home doesn't get on to your machine in the first place.

  skidzy 20:56 08 Jul 2007

Granted the Vista outbound protection is very limited,however if used with Malware/Spyware blockers such as Defender and Spywareblaster this will reduce the chance of trojans and spammers dialing out.

After quite a lot of reading on this issue,it seems creating the blocking rule is quite complex as you need the knowledge of every bit of malware around.Basically an impossible task.

However,i have configured some of the exceptions and to date all is well with no problems.

As most of us know here,its down to the user and what they decide to do about internet protection.

First advice i would give is:

Uptodate Antivirus and check the Firewall is enabled.
Secondly get those blockers Defender and Spywareblaster to mention two.
Defender auto updates.
Spywareblaster,manual update.

And basically watch what you download and where from and scan before opening.

I would add and have come across this,is to check what connections have been allowed in the Firewall settings/Advanced and remove any that are not known.

Finally,common sense.If anyone wishes to visit those ...lets say iffy sites,they deserve everything they get.

  Coff 22:40 08 Jul 2007

Thanks all three of you for your replies.

I don't run anti-spyware apps (or an anti-virus for that matter) in real time to provide protection - I use System Safety Monitor and that allows me to control which programs are allowed to run. If Trojan.exe suddenly wanted to run then it would be blocked. I use a router which provides inbound protection and the network rules in System Safety Monitor to control which programs call out .That's why I have little or no experience of the Vista firewall. (I do have anti this that and the other programs which I use to scan downloaded software so I'm not suggesting you shouldn't have them - I have three anti-virus programs but none of them run in real time.)

After a bit more reading, the Vista firewall does appear to be good at preventing hijacked services from calling out by using security identifiers for each service. That protection is turned on by default. I found another article which explains why the full outbound protection in the Vista firewall is not turned on by default. The article is over a year old but still relevant I think click here

""..... Microsoft has received strong feedback from its customers, especially from large organizations and government departments, saying that they would like to manage this feature from an administrator level.""

It's a bit of a dry subject isn't it really. Go on, admit it.

  skidzy 22:59 08 Jul 2007

" It's a bit of a dry subject isn't it really. Go on, admit it ".

No..ha ha

It has been a bit of landslide against the Vista firewall recently,possibly why Zonealarm have released there Vista version.

Your system is probably unique to a select few,sounds similar to the hyper os setups...but not for the general users out there.

Why has MS made the Firewall to hard to configure,surely there could have made it similar to Zonealarm with the allow/deny prompts and the trusted zones allowing/removal of services etc.

For those unaware how to check if certain ports are open on there Vista machines,i would recommend running Shields up click here though this is not fool proof it can help some against inbound attacks.

  Kate B 23:50 08 Jul 2007

ZoneAlarm was always going to release a Vista version - it makes money through security software. You can't say that because ZoneAlarm has a Vista version out that it automatically follows that Vista's firewall is poor.

  skidzy 00:00 09 Jul 2007

If your post is aimed at me,i never said Vista's firewall is poor ! to be truthful,i like it.
However if you wish to configure the firewall,it is difficult as opposed to ZA.

Most know Zonealarm would release there Vista version in due course,it is only now it coincides with the bad Vista reports.

  Kate B 00:27 09 Jul 2007

Not aimed specifically at you, skidzy, a general remark, sorry if you felt got at.

I think Vista's firewall is fine.

This thread is now locked and can not be replied to.

Elsewhere on IDG sites

Best phone camera 2017

Stunning new film posters by Hattie Stewart, Joe Cruz & more

iPad Pro 10.5in (2017) review

28 astuces pour profiter au mieux de votre iPhone