9

The built-in Windows firewall seems to only block incoming ports, but not any outgoing traffic.

I am looking for an application to install on an xp machine which can be configured a way to block all outgoing connection attempts.

I want to still allow incoming connection attempts on a few ports for testing.

Improve this question
5
  • Huh, should be possible to block all outgoing traffic according to this answer: How to block all traffic but one IP in Windows Firewall?
    – slhck
    Commented Oct 8, 2011 at 18:22
  • 2
    Ack, I voted to close thinking it was a dupe fo the other. It has the answer, except it's for Windows 7, and this is XP. I don't think there's actually a way to (as) easily block all outgoing traffic with XP's firewall, but there may very well be? I don't have an XP machine handy to check.
    – Ƭᴇcʜιᴇ007
    Commented Oct 8, 2011 at 19:05
  • Ah, but then again, this is Windows XP – can anyone confirm this is the same? @techie007 Hah, hivemind.
    – slhck
    Commented Oct 8, 2011 at 19:05
  • Pretty sure there is no way to do it in XP. Please suggest a 3rd party application which works for this purpose.
    – steampowered
    Commented Oct 8, 2011 at 22:08
  • Agnitum Outpost - you can try even Free version for this functionality
    – Lazy Badger
    Commented Oct 9, 2011 at 2:44

4 Answers 4

Reset to default
5

Comodo Personal Firewall is a free replacement for the Windows Firewall that will query whether you want an application to be able to make outbound connections the first time that application is used. You will also be able to allow programs to open incoming ports so you should be fine there too.

It's pretty comprehensive, you can (I believe) add the most commonly used applications during setup, so Firefox, IE and most email programs are not blocked by default.

The configuration is relatively straightforward and the baloon popups that appear when an application tries to access the network were quite informative when I used it last.

Unless you want Antivirus as well try to make sure that you only download the Firewall installer, their site makes it a bit too easy to get both by mistake.

Improve this answer
4
  • Thank you, I plan to try this during the week and I'll report back if it is successful. I expect it will work great.
    – steampowered
    Commented Oct 9, 2011 at 13:25
  • This worked perfectly. I spent way to much time trying to get the AVG 2011 firewall to work in the past. The Commodo firewall allowed me to make my granular rules exactly like I wanted, and this solved my problem. Thanks!
    – steampowered
    Commented Oct 13, 2011 at 22:28
  • If you want bloat and slowness, install this.
    – Codebeat
    Commented Dec 21, 2014 at 3:23
  • @Erwinus at the time I wrote this Comodo was relatively lightweight and bloatware free and though I do understand that it has gotten worse it is still a valid option. If you have any alternatives then feel free to post a new answer.
    – Mokubai
    Commented Dec 21, 2014 at 9:09
4

There's no way to do what you want with the firewall built into Windows XP. You'll need a third party firewall to do that.

Improve this answer
2
  • I edited the question to make it less of a software-recommendation, but the OP asked for a way to do it, even with a third-party app. They even said that it does not seem to work with the built-in firewall. So maybe you could suggest some application that would effectively allow them to do this.
    – slhck
    Commented Oct 8, 2011 at 19:13
  • Can you please suggest a 3rd party app?
    – steampowered
    Commented Oct 9, 2011 at 0:33
4

To get the level of fine grain control you're looking for I would recommend checking out kerio v2 firewall. Back in the day when I still had WinXP setups this was my firewall of choice due to its light resource usage, effectiveness and ease of use.

Note that Kerio is a rule-based packet filtering firewall -- the rules you setup are processed in a top-down first-to-match fashion. Packets that don't match any of the rules are automatically dropped into the ether. Even though it's no longer supported it still remains to be a very effective firewall. In fact, if you've ever tweaked Win7's built-in firewall you'll find many interface and functionality similarities with Kerio.

If you decide to try it out you might find these links helpful:

Improve this answer
1
  • I would prefer not to use an app which hasn't been supported since 2004 if there is something available which is still being supported.
    – steampowered
    Commented Oct 9, 2011 at 14:34
0

If you are at all familiar with using the command prompt, here are steps to do this yourself:

  1. Open the command prompt by typing cmd into the Start → Run dialog

  2. View the current settings of your firewall, including firewall exceptions, by typing in the following command:

    netsh firewall show config

  3. Now to go to the Firewall command sub-console (context) by typing the following commands (hit Enter after each one):

    netsh

firewall

    You're now in the Firewall sub-console (context).

  4. Now type help and hit Enter. The last 5 or 6 rows displayed are the Firewall Context commands. You're interested in the command set, therefore, type set /? and hit Enter, to view its functionality. And finally, type set portopening and hit Enter, and you'll see the syntax required to open or close ports in your firewall.

It may be easier to read the syntax by highlighting the text (mouse-down then drag over the text), copying it (Ctrl+C) and pasting it into Notepad or Wordpad.

Here are a couple helpful port identification Web sites/pages:

  1. All ports and their primary uses
  2. All ports and corresponding services
Improve this answer
1
  • 1
    Your steps don't really make a great deal of sense. Many are not actual steps but is an attempt to explain a specific command. There is also the added fact we don't like signatures here at Super User.
    – Ramhound
    Commented Feb 1, 2013 at 13:42

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .