Unable change firewall settings

[sharon]

I am running Windows Vista Starter and I am having problems allowing
exceptions to work through my firewall. In particular I want to be able to
use Remote Assistance. I can check it in the exceptions list but when I try
to run it I get a message that tells me it is being blocked by Windows
Firewall.

I also have tried to turn the Windows firewall off completely but the “Turn
Windows Firewall on and off†screen is greyed out and so I cannot change that
setting either. There is a message on the screen that says “For your security
some settings are controlled by Group Policyâ€

I bought this pc a month ago. It was brand new and I set myself up as a
user. It is for home use only and has never been a part of a network.

I am the only user set up on my system and so am an administrator with full
rights.

I do not have any other firewall installed and I do not have a router either.

Could somebody help me please? As I am a novice in computer systems an
answer in non technical language would be very much appreciated.

If there is any other information that you require I will be pleased to give
it to you

Many thanks

 

[Chappy]

Hi

Try disabling the Windows Firewall Service itself, that's how I disabled it
to run another Firewall, since the built-in Windows firewall is kinda cr@ppy..

In Control Panel, Admin tools, click Services, scroll to Windows Firewall.
Dbl-clk it to open the properties, click Stop the Service and then set the
Startup Type to Disabled. Reboot and this should take care of that for you.
When you're done with Remote help be sure to reverse those settings...even
tho it's a cr@ppy firewall it's better than no firewall at all.

Dave

 

[Mr. Arnold]

Hi

Try disabling the Windows Firewall Service itself, that's how I disabled
it
to run another Firewall, since the built-in Windows firewall is kinda
cr@ppy..

If you have made this statement about the Vista FW/packet filter, then you
do not know what you are talking about.

In Control Panel, Admin tools, click Services, scroll to Windows Firewall.
Dbl-clk it to open the properties, click Stop the Service and then set the
Startup Type to Disabled. Reboot and this should take care of that for
you.
When you're done with Remote help be sure to reverse those settings...even
tho it's a cr@ppy firewall it's better than no firewall at all.

You do not know what you are talking about when it comes to the Vista
FW/packet filter.

I suspect that you have installed some kind of a 3rd party snake-oil crap
solution that's your security blanket that's trying to protect *you* from
*you* that it cannot do, with all the little bells and whistles.

What is it?

 

[Chappy]

LOL Mr Arnold....you're talking out of yous @ss!

I've been in the AV & security field for over 20 years, so I DO know what
I'm talking about.
I run Comodo Firewall Pro and if you need confirmation of just how bad the
Windows firewall is, check out the highest ranked Firewall testing facility,
Matousec http://www.matousec.com/projects/firewall-challenge/ and see for
yourself.

Snake oil crap....security blanket...you're Funny!!!
Except, I forgot to laugh because I know more about securing a Windoes box
than you'll learn in your lifetime...a$$hole

 

[Chappy]

Mr Arnold

I'm a HijackThis teacher and an Independent Malware tester for new & unknown
varients.
I was awarded a Lifetime membership to Virus Bulletin for my work. In case
you don't know what Virus Bulletin is...well, if you don't know then that
says it all about your security knowledge.

I have personally tested and written solutions for over 1000 Windows
Security Vulnerabilities. I currently have over 750 Trojans and Virus in my
testbed machine that I've fully decompiled and written signature files
for...what's your security experience? Running an AV scan weekly?
I also was a Beta tester for Eset with their Eset Security suite (Firewall
mostly), and Comodo V3 Firewall for 64bit.

Before you go shooting your wad again, maybe you should stop & think that
there are True security experts out there.

 

[Nonny]

Mr Arnold

I'm a HijackThis teacher and an Independent Malware tester for new & unknown
varients.
I was awarded a Lifetime membership to Virus Bulletin for my work. In case
you don't know what Virus Bulletin is...well, if you don't know then that
says it all about your security knowledge.

I have personally tested and written solutions for over 1000 Windows
Security Vulnerabilities. I currently have over 750 Trojans and Virus in my
testbed machine that I've fully decompiled and written signature files
for...what's your security experience? Running an AV scan weekly?
I also was a Beta tester for Eset with their Eset Security suite (Firewall
mostly), and Comodo V3 Firewall for 64bit.

Before you go shooting your wad again, maybe you should stop & think that
there are True security experts out there.

Mr. Arnold, consider yourself properly bitch-slapped.

 

[Dave]

My money is on Arnold.

 

[the]

Nonny wrote:

<snipped>

Nonny, why would make up such a lie about someone? There is obviously
something wrong with you, you have serious mental issues and you need to
be locked up.

 

[Mr. Arnold]

LOL Mr Arnold....you're talking out of yous @ss!

I've been in the AV & security field for over 20 years, so I DO know what
I'm talking about.
I run Comodo Firewall Pro and if you need confirmation of just how bad the
Windows firewall is, check out the highest ranked Firewall testing
facility,
Matousec http://www.matousec.com/projects/firewall-challenge/ and see for
yourself.

That is BS you're talking about Comodo.

Something like that junk Comodo is not even a FW. It's a machine level
packet filter that protects at the machine level. That junk you're talking
about doesn't fit the definition of FW. That junk doesn't not separate two
networks. A FW will protect from the network it's protecting from usually
the Internet and the network it is protecting the LAN. A FW sits at the
junction point between the two networks.

In either case, a FW must have have two network interfaces. One interface
must face the network it is protecting from, and the other interface must be
facing the network it is protecting. It doesn't matter if it is a hardware
device such as a FW appliance or a host based network FW running on a
secured/locked down gateway computer, with the gateway computer using two
NIC(s).

A FW segments networks and reduces the risk of damage between networks.

What is being talked about are FW(s) and some junk like Comodo and other 3rd
party solutions are not FW(s).

http://www.more.net/technical/netserv/tcpip/firewalls/

Snake oil crap....security blanket...you're Funny!!!

Well, that's exactly what they are 3rd party snake-oil solutions that
introduces more security i8ssues/risks to the machine.

Except, I forgot to laugh because I know more about securing a Windoes box
than you'll learn in your lifetime...a$$hole

Sure you do. So you know how to lock down a machine whether it be a
workstation or server running IIS with the machine facing the public
Internet. You know how to secure/lockdown the O/S, IIS, file system,
registry and user accounts for a machine that's facing the public Internet.

I would much rather use the Vista packet filter or FW if you like and IPsec,
with the Vista packet filter being an intergrated part of the O/S which will
hold connections to a newtork until its FW/packet filter is up and running
before inbound or outbound connections can be made based on filtering rules
set, which can be done by the advanced features of the Vista packet filter,
if I need be.

http://articles.techrepublic.com.com/5100-10878_11-6098592.html

I also like to use IPsec in a supplement fashion behind the Vista packet
filer in case its packet filter or any 3rd party packet filter, which most
won't even call a 3rd party solution a packet filter, is taken out or
circumvented on the machine.

http://www.petri.co.il/block_ping_traffic_with_ipsec.htm
http://www.analogx.com/CONTENTS/articles/ipsec.htm
http://support.microsoft.com/kb/813878

That's when any machine I have has a direct connection to the modem and to
the Internet. When the machines are behind my Watchguard FW appliance, the
Windows and Linux machins have no need to run a FW/packet filter.

BTW, I have been doing this since 1971, and I am still going strong in
Information Thecnology.

 

[Mr. Arnold]

Mr Arnold

I'm a HijackThis teacher and an Independent Malware tester for new &
unknown
varients.
I was awarded a Lifetime membership to Virus Bulletin for my work. In case
you don't know what Virus Bulletin is...well, if you don't know then that
says it all about your security knowledge.

Ooo we, I am happy for you.

I have personally tested and written solutions for over 1000 Windows
Security Vulnerabilities. I currently have over 750 Trojans and Virus in
my
testbed machine that I've fully decompiled and written signature files
for...what's your security experience? Running an AV scan weekly?
I also was a Beta tester for Eset with their Eset Security suite (Firewall
mostly), and Comodo V3 Firewall for 64bit.

I am happy for you.

Before you go shooting your wad again, maybe you should stop & think that
there are True security experts out there.

I don't think you're one off them, and if you must show your wares, then I
think I could beat you if I choose to do so.

And I am a programmer, and I have been doing it since 1980, and I came to
the MS platform in 1996. Everything you're talking about, I could probably
beat it. All it takes is the user with the happy fingers that will point and
click on everything under Sun, which is not that hard to do.

http://www.foxnews.com/story/0,2933,274314,00.html

Detection software using signature files must know about the signature that
it must detect. If the signature is unknown, then the signature file is
useless on zero day exploits. And on top of that, a serious malware threat
is going to hide itself and most likely have itself hosted by a legitimate
process running on the machine such as SVChost.exe or DLLhost.exe.

I had a poster come into the FW and Security NG talking about the small
company she was consulting at had an exploit running on the MS O/S Small
Business server that was affecting IIS that circumvented all that stuff
you're talking about, which even the experts were indicating to toss at it,
and she tossed the kitchen sink at it and could find nothing. I gave her
the proper tools and showed her how to find the exploit when even the
security experts in the NG couldn't do it, which was because of my
programming expertise that I could help her.

It was due to the knowledge I passed on how to find it, and the ability to
use the proper tools and go look.

<http://www.windowsecurity.com/artic...d_Rootkit_Tools_in_a_Windows_Environment.html>

But if I had known what I do now, I would just told her to flatten the
drive. If the O/S can be fooled then anything that runs with the O/S like
detection software that you're harping about can be fooled to with exploits
still left undetected on the machine.

http://technet.microsoft.com/en-us/library/cc512587.aspx

I use Eset, and if you have anything to do with Eset, then I might be
kicking Eset to the curb and finding something else.

 

[Chappy]

It was due to the knowledge I passed on how to find it, and the ability to
use the proper tools and go look.

As you so "Intelligently' state...Ooo, I'm so happy for you.

I use Eset, and if you have anything to do with Eset, then I might be
kicking Eset to the curb and finding something else.

Well, then you're not a complete moron I guess.


I don't come here looking to Flame or Be flamed by anyone. I simply stated
what is very commonly known about the Windows Firewall, it sux and is easily
defeated by even the most basic firewall exploits.
It has no real Advanced rules interface so anyone but the basic user finds
out in a hurry just how unfriendly it is to work with.
If you read the testing done at Matousec for Firewalls for Windows Platform
and the testing modules used, you'll see very clearly that it's a very
complete test of a firewall's capabilities in today's OS with the multiple
attack vectors available.
You won't find a more intense & comprehensive suite of testing on firewalls
available for the Win platform anywhere and the results speak fo themselves.

The current version of the Win firewall scores miserable 5% but at least
that better than the first version which was the only firewall to score a
perfect 0 out of a possible 9625 points.
If after reading the test methods and results @ Matousec, you still wish to
put your faith in the Windows Firewall than that's certainly your prerogative
friend. Myself I would rather have one that I can configure to my personal
needs, and one that at least scores a 95% in the latest tests. And I try to
get others to at least have a look at the tests and make a choice for
themselves after getting a bit of information regarding how todays firewalls
can be circumvented and what firewalls can catch these exploits.

You're a programmer, I'm a programmer. You've done this since whenever, I
1st used a computer in 1973 that was bigger than my cottage and ran on punch
cards....big deal. That means nothing today and means nothing about our
respective knowledge bases.
When it comes to my security and the security of others, I prefer to have
the best possible and that's why we both use Eset Nod32 (excellent choice Mr
Arnold) but I'll taks Comodo over the Win Firewall in a heartbeat. May I
suggest that you at least look into it?

When I beta tested the Eset ESS and their firewall, I was in constant
contact with the Eset engineers as I reported over 12 bugs to them. I made
several suggestions to them and they replied that they weren't able to get
these into the first iteration of their firewall, they weren't able to make
it too complex yet and meet their internal deadlines, but they were
definitely going to be implemented in V2 if possible. Because of the lack of
configuration and certain other matters, myself and other beta testers for
Eset couldn't use their suite as it was released and we went to Comodo for
their beta testing. The difference was measurable and it shows in how the
Eset Security Suite firewall performed in the Matousec tests compared with
Comodo Firewall Pro.

In any case, you can type "this" and I can type "that" and both of us can
continue this crap forever if we wish too, but I've been doing these forums
far too long to want to get into that kind of wasteful fluff and I believe
you have also.
So in the end, if you wish to use the Win Firewall...again, I wish you luck.
But if you're going to recommend it to others, at least have some testing
results to back it up so the users can make an informed & educated decision.

Dave

 

[Chappy]

Oh yes, I forgot I wanted to comment on this statement.
it must detect. If the signature is unknown, then the signature file is
useless on zero day exploits. And on top of that, a serious malware threat
is going to hide itself and most likely have itself hosted by a legitimate
process running on the machine such as SVChost.exe or DLLhost.exe.

Yep, you are correct there, and that's why they have a heuristics engine,
but they still require sig files don't they and those sig files have to be
able to recognize many aspects of behavior as well.
Some AV programs still fail the VB100% tests even after they've been given
the testing sig files well in advance, so as that tells you also, it's not
everything to have the sig files, they have to be implemented properly as
well and that's the differences between an Eset quality AV and the garbage
AV programs available (hello AVG)
And please, you're telling me basic malware techniques that have been well
known for years...of course I know that. I've seen almost every available
obfuscation technique in my day..I went thru the LOP.com heydays with the
HijackThis team when they threw over 100 different variants at us every
single day from over 25,000 partner sites. Those guys were committed I tell
ya and we estimated they probably made over $100,000.00 a month with their
malware and they weren't happy about us specifically targeting their
operations, but we were just as committed and kept them on the run for over 3
years until we finally broke them up. Well, along with the Authorities that
is, but we were responsible for Spybot S&D and HijackThis keeping users clean
of their crapware.

Ok, that's my last here. Have a Good Day everyone, and to you also Mr Arnold.

Dave

 

[Chappy]

Sorry, this is required.

I do have to apologize, I didn't have time to read the entire replies from
you and I just noticed that you indeed have put links into your post to
relevant articles and pretty much most of them I've read before.
Still doesn't change my opinion of Comodo or Win Firewall, and I probably
won't change yours either, so as is now and always will be when software
solutions are involved...nobody agrees on everything and everyone has an
opinion. To each their own, but I suggest you not go "Name calling" as you
did in your original reply, and you'll find yourself in less arguments and
your blood pressure will thank you for it. You have no clue about the person
on the other end, and you are not the only long time computer guy out there
either, and by far are not the best. Then again neither am I, and I don't
claim to be anyway.

I'm outta here, this has gotten old fast.
Dave

 

[John Amendall]

I'm outta here, this has gotten old fast.

It soitanly has.

 

[Mr. Arnold]

As you so "Intelligently' state...Ooo, I'm so happy for you.

Well I am. I am glad you can ware that big security badge on your chest,
that doean't mean anything to me.

Well, then you're not a complete moron I guess.

No I am not, which who you thought you were conversing with and I am far
from that.

I don't come here looking to Flame or Be flamed by anyone. I simply stated
what is very commonly known about the Windows Firewall, it sux and is
easily
defeated by even the most basic firewall exploits.

The same thing can be said about Comodo or any 3rd party solution, which I
am going to tell you that what you're talking about are not FW solutions.
They are NOT firewalls.

I don't come here either to look for trouble. But what I don't like is
someone popping his or her mouth giving out mis-information on something
they really don't know how to use.

It has no real Advanced rules interface so anyone but the basic user finds
out in a hurry just how unfriendly it is to work with.

I don't know what you're talking about when it comes to the Vista FW/packet
filter, which does have Adv packet filtering rules interface, which is just
a little more shophistcated than doing some mouse pointing and clicking on
some 3rd party clicking solution for idiots.

If you read the testing done at Matousec for Firewalls for Windows
Platform
and the testing modules used, you'll see very clearly that it's a very
complete test of a firewall's capabilities in today's OS with the multiple
attack vectors available.

And I am going to tell you again, that the solutions you are talking about
are NOT firewalls. They are machine level packet filters that protect at
the machine level. I only want something like the Vista FW/packet filter or
any solution of this nature to do one thing, which is to stop unsolicited
inbound traffic from reaching the services running on the machine and set
filtering rules for inbound and outbound traffic when needed, by port,
protocl, IP or subnet mask, which the one on Vista does very well.

If the packet filter or (FW if you like) starts going beyond that with a
bunch bells and whistles in it in areas it has no business being in, then
that is not FW or packet filter technology. And that junk in 3rd party
solutions can be circumvented and defeated.

You won't find a more intense & comprehensive suite of testing on
firewalls
available for the Win platform anywhere and the results speak fo
themselves.

Everyone has got one which was put out there for the clueless home user to
give them a false sense of security wrapped up in their security blanket.

The current version of the Win firewall scores miserable 5% but at least
that better than the first version which was the only firewall to score a
perfect 0 out of a possible 9625 points.

I don't agree with the assesments. And FW(s) are NOT suppose to be in the
area of or doing malware fuctionality. A FW(s) job is the stop unsolicted
inbound traffic from reaching services running on the computer, and if need
be, the ability to set packet filtering rules to stop inbound or outbound
packets.

If after reading the test methods and results @ Matousec, you still wish
to
put your faith in the Windows Firewall than that's certainly your
prerogative
friend. Myself I would rather have one that I can configure to my personal
needs, and one that at least scores a 95% in the latest tests. And I try
to
get others to at least have a look at the tests and make a choice for
themselves after getting a bit of information regarding how todays
firewalls
can be circumvented and what firewalls can catch these exploits.

And I can configure the solution on Vista to fit my personal needs. What I
don't need is the snake oil useless crap in 3rd party solutions which can
easily be circumvented and defeated trying to be a stops all and ends all
solution that it can not be and can be fooled.

You don't see that garbage in FW's that run on Linux nor do you see that
garbage in the Vista FW/packet filter.

And I am going to tell you once again that the junk you are talking about
are NOT FIREWALLS.

You're a programmer, I'm a programmer. You've done this since whenever, I
1st used a computer in 1973 that was bigger than my cottage and ran on
punch
cards....big deal. That means nothing today and means nothing about our
respective knowledge bases.

So? You tossed up your BS 20 years of experience like a badge and I did the
same.

When it comes to my security and the security of others, I prefer to have
the best possible and that's why we both use Eset Nod32 (excellent choice
Mr
Arnold) but I'll taks Comodo over the Win Firewall in a heartbeat. May I
suggest that you at least look into it?

When I beta tested the Eset ESS and their firewall, I was in constant

That's were Eset went out of control with chasing the money was a real
disappointment. Eset has no business with anything to do with FW technology,
NONE.

contact with the Eset engineers as I reported over 12 bugs to them. I made
several suggestions to them and they replied that they weren't able to get
these into the first iteration of their firewall, they weren't able to
make
it too complex yet and meet their internal deadlines, but they were
definitely going to be implemented in V2 if possible. Because of the lack
of
configuration and certain other matters, myself and other beta testers for
Eset couldn't use their suite as it was released and we went to Comodo for
their beta testing. The difference was measurable and it shows in how the
Eset Security Suite firewall performed in the Matousec tests compared with
Comodo Firewall Pro.

I don't care about any of that and no ridiculous security suite will ever
see the light of day on any machine I own nor will some junk like Comodo
ever be installed on any machine of mine either, ever.

In any case, you can type "this" and I can type "that" and both of us can
continue this crap forever if we wish too, but I've been doing these
forums
far too long to want to get into that kind of wasteful fluff and I believe
you have also.

Well you need to stop right now, because I am not impressed with you.

So in the end, if you wish to use the Win Firewall...again, I wish you
luck.
But if you're going to recommend it to others, at least have some testing
results to back it up so the users can make an informed & educated
decision.

I don't need testing results, because testing results are a dime a dozen for
the crapware solutions running on the Windows workstations.

 

[Mr. Arnold]

Oh yes, I forgot I wanted to comment on this statement.

it must detect. If the signature is unknown, then the signature file is
useless on zero day exploits. And on top of that, a serious malware threat
is going to hide itself and most likely have itself hosted by a legitimate
process running on the machine such as SVChost.exe or DLLhost.exe.

Yep, you are correct there, and that's why they have a heuristics engine,
but they still require sig files don't they and those sig files have to be
able to recognize many aspects of behavior as well.

Which I knew you were going to toss out there, the heuristics , and it can
be fooled like anything else that runs with the O/S that can be fooled.

Some AV programs still fail the VB100% tests even after they've been given
the testing sig files well in advance, so as that tells you also, it's not
everything to have the sig files, they have to be implemented properly as
well and that's the differences between an Eset quality AV and the
garbage
AV programs available (hello AVG)

I like this Eset promotion here, which has nothing to do with FW technolgy
that you started harping about.

And please, you're telling me basic malware techniques that have been well
known for years...of course I know that.

I didn't say that you didn't know that.

I've seen almost every available
obfuscation technique in my day..I went thru the LOP.com heydays with the
HijackThis team when they threw over 100 different variants at us every
single day from over 25,000 partner sites. Those guys were committed I
tell
ya and we estimated they probably made over $100,000.00 a month with their
malware and they weren't happy about us specifically targeting their
operations, but we were just as committed and kept them on the run for
over 3
years until we finally broke them up. Well, along with the Authorities
that
is, but we were responsible for Spybot S&D and HijackThis keeping users
clean
of their crapware.

I am happy for you. You do wear it like a badge.

It can all be and does get defeated if the right exploit can get there and
is executed.

 

[Mr. Arnold]

<snipped>

Man, get out of here with this garbage. Comodo, Commodore or Commode
whatever you want to call it is junk. You started right of of the gate with
the name calling in a Windows Vista NG.

<Your statement that set off the fireworks.>

Try disabling the Windows Firewall Service itself, that's how I disabled it
to run another Firewall, since the built-in Windows firewall is kinda
cr@ppy..

<end>

The other links I provided which I know you know nothing about firewalls was
to reinforce to you that the junk Comodo is not a FW.

The other links about IPsec is another measure to protect the O/S and works
very well with the Vista FW/packet filter, which most don't know about it.

You have done three things well here:

1) You beating your chest.
2) Your two bit promotion of Eset.
3) Your two bit promotion of Commode.

You come back again with this nonsense, and you're going to face me again.