Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

New VPN, New Questions re: Firewall


  • Please log in to reply
5 replies to this topic

#1 chiiibill

chiiibill

  • Members
  • 122 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:48 PM

Posted 12 September 2017 - 03:15 PM

Trying out a new VPN (Perfect Privacy) that seems to have very good overall reviews (no leaks, no logs or 'Five Eyes' links, adv. features, etc). Expensive but feature rich..

 

For example: https://restoreprivacy.com/perfect-privacy-review/

 

However, They claim that 3rd party firewalls interfere with the VPN firewall and kill switch protection (I'm using KIS). They recommend that when using VPN I turn off KIS firewall and allow Windows  FW rules to return.

 

See here: https://www.perfect-privacy.com/blog/2016/10/17/resolving-conflicts-vpn-firewall/

 

Also, they passed on this unusual article! : http://robert.ocallahan.org/2017/01/disable-your-antivirus-software-except.html

 

Any thoughts before I take the leap?

 

Thanks


Edited by chiiibill, 12 September 2017 - 03:36 PM.


BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 49,603 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:02:48 PM

Posted 14 September 2017 - 06:18 AM

If Perfect Privacy recommends turning off KIS firewall and allowing Windows firewall, I see no problem with that since Windows built-in firewall is sufficient. I do not agree with the article to disable your anti-virus especially for the novice user.
.
.
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Microsoft MVP Reconnect 2016
Windows Insider MVP 2017
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 chiiibill

chiiibill
  • Topic Starter

  • Members
  • 122 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:48 PM

Posted 14 September 2017 - 10:51 AM

Thanks again for the reply, quietman7.

 

As a novice i always wonder about windows firewall not dealing with potentially harmful outgoing info. In an ideal world one should be 'perfectly' scrupulous when on a pc but mistakes are occasionally made.

 

Also, i believe the last article suggested relying only on the Windows FW/AV programs.  But again, speaking as a novice, the windows AV does not seem to perform as well as others in 3rd party testing.


Edited by chiiibill, 14 September 2017 - 03:08 PM.


#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 49,603 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:02:48 PM

Posted 14 September 2017 - 04:17 PM

By default in Windows Firewall, most (not all) outbound filtering is turned off (outbound connections are allowed) and inbound filtering is turned on (inbound connections are blocked/not allowed). Why? This is what Microsoft has to say:

Matt Parretta, a former spokesperson for Microsoft's PR agency, Waggener Edstrom, offered this defense: "If we turned on outbound filtering by default for consumers, it forces the user to make a trust decision for every application they run which touches the network....they will be prompted on the first launch of every application that touches the network: Instant Messaging, IE, e-mail, Windows Media, iTunes, every self-updating app such as Adobe, and so on. Unless they click 'allow', the app will be broken and won't function properly. The out of box experience would be poor, and they would soon be desensitized to the prompts."

Although most outbound filtering is disabled, Windows Firewall does provide limited outbound filtering which users may not be aware of as it is essentially invisible.

Jason Leznek, Microsoft senior product manager, told Computerworld that outbound filtering rules "are enabled by default for core Windows services as part of Windows Service Hardening, which enables the firewall to understand specific behaviors Windows services should have, and block them if they are doing something unexpected (ie, via an exploited vulnerability). Windows Firewall also protects the computer by blocking certain outgoing messages to help prevent the computer against certain port scanning attacks."

Outbound filtering can be configured to provide an additional layer of security and it does provide corporate and business administrators control over applications (i.e. peer-to-peer file sharing) they may want to restrict. Any such applications that require outbound access must be added to the rules list by using the firewall with the Advanced Security Microsoft Management Console (MMC). Configuration may be confusing for some and there is no practical way to to configure outbound filtering to stop all unwanted outbound connections. Inbound filtering can be turned on or off and through various tabs and configuration settings.
.
.
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Microsoft MVP Reconnect 2016
Windows Insider MVP 2017
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#5 chiiibill

chiiibill
  • Topic Starter

  • Members
  • 122 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:48 PM

Posted 14 September 2017 - 07:37 PM

Thanks for the clarification and links for further reading.

 

Much appreciated.



#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 49,603 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:02:48 PM

Posted 14 September 2017 - 07:40 PM

You're welcome. Happy reading.
.
.
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Microsoft MVP Reconnect 2016
Windows Insider MVP 2017
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users