Windows Firewall Service

DIY-Computer-Repair can help!

The Windows Firewall Service is a software solution.

The problem with a software solution is it can be changed or hacked. The best firewall solution is a Hardware solution such as a dedicated server or router.

With that said it is hard to carry your router around with you from place to place when you travel so the next best thing to not connecting at all is the built in Windows Firewall.

When the service pack 2 for Windows XP came out it included a Security Center, incorporated into the Security Center along with Automatic Updates, Virus notification, is the Window Firewall Service. If your computer is a desktop or you don't travel then a hardware solution is the best and you can use the Windows firewall in conjunction with the hardware if there is no other software solution. If your business has a hardware and software solution you will have to disable the Windows Firewall because it will conflict with the network hardware/software firewall of the business and you will not have access to the internet.

When you are traveling or don't have a hardware solution between your computer and the internet the best solution is to turn on the 'Don't allow exceptions' setting. You can do this from the Start/Control pane/Window Firewall. This is on the General tab on the first window. Check the 'On' (recommended) and then check the box 'Don't allow exceptions'.

By turning on 'Don't allow exceptions' setting the firewall will reject any queries in bound to your computer from outside, that is any program trying to contact your computer will be denied. This does not mean your computer is invisible on the internet, it means that any attempt to connect to your computer will be refused. This is a good thing because some virus/trojan/spyware programs try to contact computers, when they find one open the do their dirty work and infect the computer. On the other hand if your computer is already infected the firewall can not protect your system from contacting the virus / trojan / spyware home and giving away your data. Bottom line is keep it clean! Especially if you rely on the built in firewall.

Under the Exceptions tab you will find a generic list of programs that are allowed to send/receive from the internet, uncheck any boxes you don't use. You can add programs here that are not listed such as Eudora E-mail program, you need to know the ports for the program if you add them to the list, some programs will have the port assigned when they are installed and the Firewall program can read the ports from the registry entry.

Things you should know about the Windows Firewall service:

Both the Security Center and the Firewall services have to be running.

If you have Group Polices in a Domain environment they may disable the Security Center and Firewall, if this is the case then you will need to contact your Administrator to setup a 'roaming profile' that allows these services to run when you are not connected to the domain.

If you use a VPN (Virtual Private Network) to connect to your work or a special domain you have to know those ports to turn on the exception, this can not be read from the registry because it is not there, the ports for the VPN are located in the SAM file which you nor the Administrator of your domain can access.

If you are using a Hardware only solution (such as a home network with a router / firewall) you should use the Windows Firewall also, but if your network has a hardware and a software firewall solution and you use a 'Proxy' to get outside of the network for internet access it will interfere with your access, that is why most businesses that have a hardware and software firewall solution turn off both Windows Firewall and Security services.

Do It yourself Computer Repair E-Book

Thank you for visiting my web site, and please come back again.

Reqires the free
Flash Player
download it here

Custom Search