firewallnetworkingwindowswindows 7
I have noticed that Windows Firewall only blocks incoming traffic, for example, if I tried to listen on port 12345, it will display a warning dialog asking me if I want to allow it.
However, if I tried to connect to any IP on any port it will not display any warning. So does anyone knows why it does not block outgoing traffic also?
I am using Windows 7 Ultimate 64-bit.
The proper way to accomplish this is to configure Windows Firewall to block all outgoing traffic by default, and then only allow the incoming connection(s) you want.
To do that, click on Windows Firewall with Advanced Security in the left pane, and choose Windows Firewall Properties from the right pane. Next to Outbound connections, choose Block. Then, click OK.
Once you've done that, just delete the block all outgoing traffic rule and you should be all set.
Comodo Personal Firewall is a free replacement for the Windows Firewall that will query whether you want an application to be able to make outbound connections the first time that application is used. You will also be able to allow programs to open incoming ports so you should be fine there too.
It's pretty comprehensive, you can (I believe) add the most commonly used applications during setup, so Firefox, IE and most email programs are not blocked by default.
The configuration is relatively straightforward and the baloon popups that appear when an application tries to access the network were quite informative when I used it last.
Unless you want Antivirus as well try to make sure that you only download the Firewall installer, their site makes it a bit too easy to get both by mistake.
Best Answer
The Windows 7 firewall can.
The Windows XP firewall it seems couldn't block outgoing How do I block all outgoing ports in Windows XP firewall?
The Windows 7 Firewall can block outgoing
see where it says "outbound rules" outbound means outgoing
And look at the text under domain,private and public
It states the default policies.. so for inbound, it's a whitelist (that's stricter), for outbound it's a blacklist (that's more lenient).
A blacklist means let everything through unless it's listed to not be let through.
A whitelist means block everything unless it's listed to be let through.
So a whitelist would be more permissive. Like what at a real life event would be called 'by invitation only'. So the packet arrives if it's on the list it's allowed in and the firewall has done its thing for that packet, if the packet is not on the list then continue with the instruction to just block everything. A blacklist is equivalent to when everybody is invited unless they're on a list of people not allowed to come. So a packet arrives, if it's on the blacklist then you block it and the firewall has done its thing for that packet, otherwise, continue to the next instruction which is to allow everything.
For outbound, the default of a blacklist enables you to browse the web easily. The outbound rule is by default the more permissive one.
For inbound, the default is a whitelist.. So if you run any servers(i.e. listening), then a client(i.e. computer initiating a connection) can only reach them, if you have allowed it to.
You can change these policies. And you can add or remove or change rules in the list of rules, for inbound or for outbound.