Results 1 to 4 of 4

Thread: Windows update through built-in firewall

  1. #1
    Join Date
    Feb 2009
    Posts
    39

    Windows update through built-in firewall

    I was wondering for the Computer security since long time and i found some blogs on Internet and through that i was successful in activating the built-in firewall for outbound traffic, which was blocking everything except the set of rules assigned to allow traffic.But thats not enough I want to create the most restrictive rule to get Windows Update to work but only if I allow from any program and port to ports 80 and 443 does it work well as it should be. Is there any way I can restrict it further by specifying what programs are used? I have tried with Windows Update Client but still no success.

    Can anyone help me how should i go Ahead with this.

    Thanks for your help.

  2. #2
    Join Date
    Oct 2008
    Posts
    161

    Re: Windows update through built-in firewall

    According to my knowledge Windows Updates in Vista runs under a Service Host (svchost.exe). and for that every user who needs it has to allow "svchost.exe" to make outbound connections on ports 80 and 443. Windows Vista Firewall has an additional layer of protection for services that override any host process rules in the firewall so you will also need to set which specific service is allowed under each firewall rule. For windows updates the services are Windows Update and you might need Background Intelligent Transfer BITS as well.

    This is Bit difficult to understand and to understand that you have to go through lots of documentation reading,
    Hope this helps!

  3. #3
    Join Date
    Oct 2008
    Posts
    107

    Re: Windows update through built-in firewall

    Here i will provide you some Windows Firewall with Advanced Security:

    1. Add a new Outbound Rule
    2. Choose Program as the type
    3. The path should be %SystemRoot%\System32\svchost.exe
    4. Windows will give you a warning about additional security for services, just click Yes
    5. Choose Allow the connection
    6. Apply the rule to which ever type of connection you want, for testing I'd just leave the default which is all 3 checked.
    7. Give the rule a name of your choice and create the rule.
    8. Now double-click on the rule you just named.
    9. Under the Programs and Services tab click on Settings button
    10. Check Apply to this service and find and select Windows Update
    11. Click OK and Yes.

    we can also customize the rule according to our requirement we can also provide them some specifications only about the TCP and remote ports 80 and 443.

  4. #4
    Join Date
    Oct 2008
    Posts
    137

    Re: Windows update through built-in firewall

    Thanks for this great article!

    I’m trying to make it work, but with no success. Can you help me? I just installed latest orbited from trunk, and stompservice with easy_install. “echo -e ‘import twisted\nimport orbited\nimport stompservice\n’ | python -” shows no error, so i expect all the modules to be correctly installed. I had to change line 7 in index.html to look like “”, because it seems that orbited has moved the file stomp.js into this location. with WebDeveloper plugin for Firefox i can see that with this URL stomp.js is correctly found. The problem is that after starting data_producer, the bars aren’t changing =(
    Then, i changed js in index.html to include
    “stomp.onopen = function() {
    alert(’got connection’);
    };”
    instead of
    “stomp.onopen = function() {
    };”
    But i wasn’t alerted after i started data_producer again.
    I would greatly appreciate any help to sort this out, as i’m only a beginner with orbited, mostly being a python developer with no experience with js. If i can do any additional traces that would help you, i would obviously like to.
    Sorry for my English.

Similar Threads

  1. Replies: 5
    Last Post: 19-12-2011, 05:17 PM
  2. Replies: 6
    Last Post: 18-09-2011, 10:33 PM
  3. Bitdefender Firewall is blocking windows Update
    By MargareTi in forum Networking & Security
    Replies: 5
    Last Post: 11-06-2011, 11:45 PM
  4. Replies: 3
    Last Post: 15-10-2010, 01:41 PM
  5. Replies: 6
    Last Post: 27-08-2009, 09:56 AM

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
Page generated in 1,711,661,712.82624 seconds with 17 queries