The best free firewall - Is Windows Firewall "fine" for a home user? The answer is "YES"

Windows Firewall

attributionName - Hemanth Yaji - Copyrighted under Creative Commons Attribution-Non-Commercial 2.0 UK: England & amp; Wales License

http://creativecommons.org/licenses/by-nc/2.0/uk

The ability of Windows Firewall to do network and Internet traffic scanning provided with Windows XP and Windows Vista is discussed here."It is shipped for free with Windows XP and Windows Vista, which could be found in Control Panel." The firewall in both 32 bit and 64 bit version of these operating systems has exactly similar configurations. Note that no firewall could filter a malware such as a virus. Only one firewall should be active at a time, because if there is more than one firewall, they could conflict with each other. It could be noted here that Windows Firewall is definitely one of the best free firewalls available now.

The Transmission Control Protocol/Internet Protocol (TCP/IP) allows for 65,536 possible data ports, so there are 65,536 possible doorways into a computer. Hackers could exploit the computers with vulnerabilities. They could enter through any of these ports if they are open. The Windows Firewall is capable to stealth all ports and they are invisible to a hacker from outside the computer. So the hackers are unable to find a way to enter a computer when this firewall is enabled.

· A firewall in a computer should not let in, unwanted traffic from outside and also be able to stop data, to go outside without consent, based on a set of filtering rules. Inbound filtering in Windows Firewall is enabled by default, on both Windows XP and Windows Vista. Certain sets of filtering rules are defined in Windows Firewall in Windows Vista to filter both inbound and outbound traffic. However Windows Firewall in Windows XP is capable to filter only inbound traffic and the outbound traffic is excluded from filtering. This firewall in Windows XP is unable to stop a private data from going outside a computer. Any application that is “already” installed could easily send data outside. Outbound traffic filtering should not be a problem on Windows XP, if an antivirus is already installed, because it is the job of an antivirus to stop such applications that send private data outside, from running.

· A firewall should not be closed by another application. Microsoft regularly releases updates to Windows Firewall to patch the vulnerabilities that let an application from stopping Windows Firewall.

How to configure Windows Firewall on Windows Vista for an outbound traffic?

Windows Firewall on both Windows XP and Windows Vista is turned on by default. To check the status of the firewall, go to Control Panel and open Windows Firewall. If it is turned off, turn it on. Now go to Control Panel, Administrative Tools and click on Windows Firewall with Advanced Security. It could be noted that the firewall is not enabled for outbound traffic. To configure outbound traffic, click on Windows Firewall Properties (Fig. 1). Select block for all Outbound Connections in Domain Profile, Private Profile and Public Profile (Fig. 2). Click on outbound rules as in Fig. 1 and click on New Rule as in Fig. 3. On the new window (Fig. 4), select Programs for What type of rule would you like to create? Select All Programs (Fig. 5) for Does this rule apply to all programs or a specific program. Select Allow the connection for What action should be taken when a connection matches the specified conditions (Fig. 6)?Tick all Domain, Private and Public for When does this rule apply (Fig. 7). Give a name for this rule (Fig. 8). With this rule,if any outbound activity is found suspicious, it would be blocked by the firewall, with a set of predefined outbound rules.

Network Locations – Home, Work or Public

The Network Location in Windows Firewall could be Home, Work or Public. Windows Firewall asks to select a Network Location during the first connection. This automatically sets the suitable firewall settings for the type of network that you connect to. When the Network Location is set, the computer would have an appropriate security level for that connection.

• Home or Work has to be selected when the connection to the Internet is made in a trusted location. The computer could now see other computers and the devices in the network, and allows other computers to see this computer. To turn this off when there is only one computer in a network, which is considered as safe, go to Network and Sharing Center found in Control Panel (Fig. 9) and click on Turn off network discovery.
• Public has to be selected when the connection to the Internet is made in an unsafe location such as coffee shops or airports. This location is designed to keep a computer from being visible to other computers. When this location is selected, the computer is hidden in a network, and unable to see other computers and the devices in the network, and other computers are unable to see this computer.

The location could be changed any time by clicking on Customize as in Fig. 9.

The Windows Firewall with both inbound and outbound protection would now look as in Fig. 10 which earlier looked as in Fig. 11.

Always make sure to have an encrypted wireless network by enabling Wired Equivalent Privacy (WEP) or Wi-Fi Protected Access (WPA). (For WPA, WPA2 is preferred.)

Additional Security for Home or Work (only for a computer "in" a network)

Tip 1: Disable the Server Service in a computer that is not going to host shared resources on a network: Go to Control Panel – Network and Sharing Center – Manage Network Connections – right click on Local Area Connection, choose Properties and deselect File and Printer Sharing for Microsoft Networks. As an extra security, go to Control Panel - Administrative Tools – Services and disable Server and Computer Browser.

To do this in Windows XP, go to Control Panel - Network Connections right click on Local Area Connection, choose Properties and deselect File and Printer Sharing for Microsoft Networks. As an extra security go to Control Panel – Administrative Tools – Services and disable Server and Computer Browser.

Tip 2: Remove the Administrative Shares: The administrators could access the root volumes of domain workstations and servers by appending a dollar sign ($) to the drive letter of each root volumes. A Registry hack allows removing those administrative shares manually from a Windows Vista or Windows XP computer that should not have those shares enabled due to security reasons. To enable this hack, open Registry Editor and browse to the following. Registry key:

HKEY_LOCAL_MACHINE – SYSTEM – CurrentControlSet – Services – LanmanServer -Parameters

Create two new REG_DWORD values as AutoShareServer and AutoShareWks, and set each value to 0. The administrative shares would be disabled after system restart.

Yaji