Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

What settings are best for firewalls


  • Please log in to reply
9 replies to this topic

#1 rp88

rp88

  • Members
  • 2,895 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:08:46 AM

Posted 13 June 2015 - 12:37 PM

I found myself looking at the settings of my firewall yesterday,this firewall is the one which comes built into windows 8. And I found myself wondering which settings are best for it. As a user who only connects to one network (my internet connection via an ethernet cable and a socket on the wall) I wanted to know what settings I should have my firewall set to, and whether the default ones are best or whether some things should be changed. I found that my firewall was set to only let through incoming connections which matched a "rule" (I guess these must be rules of ok things) and only let through outbound connections which did not match a rule (I guess these must be a blacklist of rules about risky and nasty things).

The key risk I am concerned about is that it might be possible for attackers to find a hole which they could use to run code and install malware. I believe this has something to do with "ports".

Can anyone provide a guide on the best way to set up the windows firewall under these circumstances, for a user who:
doesn't have a complex network,
doesn't use sharing of printers or other devices between multiple machines,
doesn't use wi-fi,
doesn't use any direct connectons between computers,
doesn't have any router,
doesn't have any special kind of modem,
gets his internet just by plugging a cable in between his machine and a socket,
doesn't use a microsoft account,
has a static IP address (whenever I look up what my IP is it is always the same),
doesn't use the windows store,
uses firefox as their browser most of the time and chrome sometimes,
does his emails through webmail interfaces (gmail),
sometimes uploads files to google drive via the browser for backing up,
sometimes downloads files via the browser but very rarely downloads new programs,
lets browsers,plugins, most programs and his and antivirus update themselves fully automatically,
has windows update set to check automatically but not download or install anything until he chooses to,
runs avast as his antivirus,
runs malwarebytes anti-exploit for some extra protection,
uses the free version of MBAM as an on demand scanner,
has UAC on it's highest setting,


It would be helpful to also know if the same advice for setting up the firewall applies to a windows 8.1 machine as well.

Thank You

Edited by rp88, 13 June 2015 - 12:42 PM.

Back on this site, for a while anyway, been so busy the last year.

My systems:2 laptops, intel i3 processors, windows 8.1 installed on the hard-drive and linux mint 17.3 MATE installed to USB

BC AdBot (Login to Remove)

 


m

#2 shelf life

shelf life

  • Malware Response Team
  • 2,645 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:@localhost
  • Local time:03:46 AM

Posted 18 June 2015 - 05:55 PM

Windows FW has come along way. No doubt there are other opinons but I think the Fw in its default configuration would be good enough.

 

 

find a hole which they could use to run code and install malware

Thats possible: your browser on a malicious web page.

In which case the firewall wont do any good.

But thats why you keep all your browsers, Java, Flash, plugins and Windows etc all up to date.

 


How Can I Reduce My Risk to Malware?


#3 rp88

rp88
  • Topic Starter

  • Members
  • 2,895 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:08:46 AM

Posted 20 June 2015 - 12:18 PM

I run noscript (and adblock plus and malwarebytes antiexploit) to deal with malicious java/flash/plugins/javascript/plugins on webpages. I believe that they together do a fairly good job for anti-driveby protection.


I've asked about my firewall here because I'm worried that although my browser is well protected there might be some sort of weakspot elsewhere which the firewall could cover but that my firewall isn't doing so. I would think that if my firewall wasn't set up well enough then all the scriptblocking in the world wouldn't be enough protection, that's why I wanted to check what the best firewall settings should be.

Thank You.

Edited by rp88, 20 June 2015 - 12:18 PM.

Back on this site, for a while anyway, been so busy the last year.

My systems:2 laptops, intel i3 processors, windows 8.1 installed on the hard-drive and linux mint 17.3 MATE installed to USB

#4 shelf life

shelf life

  • Malware Response Team
  • 2,645 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:@localhost
  • Local time:03:46 AM

Posted 21 June 2015 - 10:28 AM

The only way to go about this is to turn off/disable certain Windows services to lessen your potential exposure. No service running = no exposure on a port.

 

I did find this website that recommends disabling certain services that will help to secure your machine by disabling uneeded services and is for home users only. There is some info about Windows 8.

 

https://www.winhelp.us/disable-unneeded-services-in-windows.html

 


How Can I Reduce My Risk to Malware?


#5 rp88

rp88
  • Topic Starter

  • Members
  • 2,895 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:08:46 AM

Posted 21 June 2015 - 12:46 PM

So other than the possible advnatage gained by disabling certain un-necessary services (incase those services are exploitable) the default settings of the windows firewall on windows 8 and 8.1 are good?

Thanks

Edited by rp88, 21 June 2015 - 12:46 PM.

Back on this site, for a while anyway, been so busy the last year.

My systems:2 laptops, intel i3 processors, windows 8.1 installed on the hard-drive and linux mint 17.3 MATE installed to USB

#6 shelf life

shelf life

  • Malware Response Team
  • 2,645 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:@localhost
  • Local time:03:46 AM

Posted 21 June 2015 - 07:10 PM

In my opinion, yes.


How Can I Reduce My Risk to Malware?


#7 rp88

rp88
  • Topic Starter

  • Members
  • 2,895 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:08:46 AM

Posted 22 June 2015 - 11:11 AM

Thanks for your help.
Back on this site, for a while anyway, been so busy the last year.

My systems:2 laptops, intel i3 processors, windows 8.1 installed on the hard-drive and linux mint 17.3 MATE installed to USB

#8 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,576 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:46 AM

Posted 22 June 2015 - 05:51 PM

Windows FW has come along way. No doubt there are other opinons but I think the Fw in its default configuration would be good enough.

I agree with that.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#9 malynensi

malynensi

  • Members
  • 145 posts
  • OFFLINE
  •  
  • Local time:09:46 AM

Posted 23 June 2015 - 01:41 AM

tnx for the information, Learnt one thing new today. Always opt for VPN as I do not have to go through this settings in security in my laptop or tab. The easy way out :)



#10 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,576 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:46 AM

Posted 23 June 2015 - 05:05 AM

tnx for the information, Learnt one thing new today...

That is what BC is all about.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users