Part-II (System based firewalls)
In part I, we grouped the systems in our network as trusted and unknown. So before viewing about server-based firewalls (in part 5), we are going to explore the options given to us by the following system based Firewalls. We will be prioritizing Windows OS here as it is the widespread commercial OS and is relevant to the concept of System based firewalls.
- Windows Firewall (Built in) ( In Part 2)
- McAfee Firewall that comes with McAfee total protection (Paid) (In Part 3)
- Zone-alarm Firewall (Comes free and is good). (In Part 4)
1) Windows Firewall
The standard firewall included in all versions of your Windows OS is known as windows firewall.
To access windows firewall , start > and type in search ” windows firewall” > choose windows firewall with advanced Security.
On the left panel, you have Inbound and Outbound rules.
So, w3hat are rules?
Microsoft website defines rules as:
Firewall rules allows a computer to send traffic to, or receive traffic from other programs or system services or computers. Firewall rules can be created to do one of the following actions for all connections that match the rule’s criteria:
- Allow the connection.
- Allow a connection only if it is secured through the use of Internet Protocol security (IPsec).
- Block the connection.
Rules can be written(created) for either inbound traffic or outbound traffic.
Rules that allow/block someone from sending data to your system ( For example:- A Software’s server sending data to your computer like Online Gaming). For most part Do not touch the Inbound rules. Some applications just stop working and if by mistake if someone blocks windows, it may crash.
Rules that allow your computer to send data to someone’s server ( eg:- your online game sending your movement to their server).
We will now be creating some rules to block a random program.
WAY-I ( For advanced Users):
- Select Outbound rules in the left task bar.
- In the right side task-bar click ‘new rule’.
- Select program and click next.
- Make sure you select the specific program path so that you wont end up blocking all your programs.
- Select the program’s .exe file Usually in default install location inside Bin ( Be extremely careful and block only malicious programs. You can try blocking IE if you are practicing %ProgramFiles% (x86)\Internet Explorer\iexplore.exe .
- Click next
- Select Block The connection and click next
- Let all 3 (Domain, private and Public) be checked in and click next
- Give name IE Block Test . make sure you remember this name so that u can delete this rule after this practice session.
- Click Finish
- Repeat the above steps creating a similar rule in the Inbound rules section.
- Restart your system ( May work sometimes without restarting too.)
Now Internet Explorer ( Not Microsoft Edge, the vanilla internet explorer ) will not be able to access internet.
To remove the rules, just right click IE block test rule in the inbound and outbound rules sections and click delete.
WAY-II (For basic users):
- start > search(only for older versions of windows) > windows firewall (Not The advanced Security one, click the ‘windows firewall’ app)
- On the left side task bar, click ‘allow an app or feature through windows firewall’.
- Check Whether your application is on the list. if so, then double click it and change the settings to block. (Never ever block window’s builtin applications unless you are sure about what you are doing)
- Else click add application and point it to that programs .exe file ( usually in c:program file( x86) (or) program files//program name (or) manufactures name.) and change settings to block and press apply.
Now the program you blocked will no longer have internet access.
Hope this part of Firewall Crash course was useful. In parts 3,4 we will explore some more powerful firewall software (both free and paid).
Comment your views/suggestions/opinions.