Personalizing Windows 8 : Protecting Yourself with Windows Firewall - Making Exceptions to Firewall Protection

1/16/2015 8:59:30 PM

When Windows Firewall is turned on and running, you don’t really have to do anything special to use it. It will be on constant vigil, automatically protecting your computer from hackers and worms trying to sneak in through unprotected ports. Ports for common Internet tasks such as e-mail and the web will be open and monitored so that you can easily use those programs safely.

Internet programs that don’t use standard e-mail and web ports may require that you create an exception to the default firewall rules for incoming traffic. Examples include instant messaging programs and some online games. When you try to use such a program, Windows Firewall displays a security alert like the one in Figure 1.

FIGURE 1 Windows Firewall security alert


The message doesn’t mean that the program is “bad.” It just means that to use the program, the Firewall has to open a port. If you don’t recognize the program name and publisher shown, click Cancel. If you want to use the program, first decide for which networks the exception will be allowed. For example, if the traffic is coming from another computer on your local network, select the Private Networks option. For traffic coming from the Internet, select Public Networks (you can select either or both, as needed). Then, click Allow Access. Allowing access for a program doesn’t leave the associated port wide open. It just creates a new rule that allows that one program to use the port. You’re still protected because the port is closed when you’re not using that specific program. The port is also closed to programs other than the one for which you unblocked the port. Should you change your mind in the future, you can always reblock the port, as described in the next section.

Manually configuring firewall exceptions (allowed apps and programs)

Normally, when you try to use a program (or an app) that needs to work through the firewall, you get a message like the example shown in Figure 1. Occasionally, you might need, or want, to manually allow or block a program through the firewall. If you have administrative privileges, you can do that via the Allowed Apps page shown in Figure 2. To open that page, click Allow An App Or Program Through Windows Firewall in System And Security (by the Windows Firewall item in Control Panel).

FIGURE 2 Windows Firewall Allowed Apps And Features


Items on the list with a checkmark beside them represent apps and features that work through the firewall. You’ll also see any exceptions you created in response to a security alert. For example, Trillian isn’t a Windows 8 feature, so you might not see that one. It shows in Figure 2 because we chose to allow access for it in response to the security alert shown back in Figure 1.

You probably aren’t familiar with most of the apps and programs listed in the Allowed Apps And Features list, so you should not select or deselect a box just by guessing. But you don’t need to guess, either. If you just leave things as they are, everything will be fine. If you later decide to use one of the listed features, you’ll be prompted at that point to allow access for the app or program if it’s necessary to do so.

Adding an app exception

You can unblock ports for apps and programs that aren’t listed under Allowed Apps And Features. You would do this only if specifically instructed to do so by an app or program manufacturer you know and trust.

If the app or program for which you want to create an exception isn’t listed under Allowed Apps And Features, you can do the following:

1. Click Change Settings and then click the Allow Another App button. When you do so, you see a list of installed programs that might require Internet access, as shown in Figure 3.

FIGURE 3 Add An App dialog box

2. Click the app or program that you want to add to the list. Optionally, if the program isn’t listed, but you know where it’s installed, you can use the Browse button to get to the main executable for that program (typically the .exe file).
3. Clicking the Network Location Types button lets you define the addresses from which any unsolicited traffic is expected to originate. For example, if you’re using a program that provides communications among programs within your local network only, you wouldn’t want to accept unsolicited traffic coming to that port from the Internet. You’d want to accept unsolicited traffic coming only from computers within your own network. When you click Network Location Types, you see the options shown in Figure 4. Your options are as follows:

FIGURE 4. The Choose Network Location Types dialog box.

  • Private: For home or workplace networks. If the program in question has nothing to do with the Internet, and is for your home or business network only, choose this option to block Internet access, but allow programs within your own network to communicate with each other through the program.
  • Public: For public networks, such as those in an airport or coffee shop. If you want the program to be able to connect to the Internet, choose this option.
4. Click OK to save your settings.

You can choose the scope for the program within the Allowed Programs And Features list just by placing a checkmark in the Home/Work (Private) or Public columns for the program.

IP Addresses on Home/Office Networks
When you set up a network using the Network Setup Wizard , each computer is automatically assigned a 192.168.0.x IP address, where x is unique to each computer. For example, if the computers are sharing a single Internet connection, the first computer may receive the address, and the subsequent computers will also have addresses in that same address space.
All computers will have the same subnet mask of The subnet mask just tells the computer that the first three numbers are part of the network address (the address of your network as a whole), and the last number refers to a specific host (computer) on that network. The 192.168 . . . addresses are often referred to as private addresses because they cannot be accessed directly from the Internet.
To see the IP address of a computer on your local network:
1. Go to that computer, display the desktop, press Windows+X, and choose Command Prompt.
2. At the command prompt, type ipconfig /all and press Enter. You see the computer’s IP address and subnet mask listed along with other Internet Protocol data.

Disabling, changing, and deleting exceptions

The check boxes in the Allowed Apps And Features list indicate whether the exception is enabled or disabled. When you clear a check box, the exception is disabled and traffic for that program is rejected. This makes it relatively easy to enable and disable a rule for a program on an as-needed basis because the program name always remains in the list of exceptions.

To change the scope of an exception in your exceptions list, click the check box in the Private or Public column, as needed. To remove a program from the exceptions list, and stop accepting unsolicited traffic through its port, click the program name and then click the Remove button.

You cannot remove the default programs from the list — only those you have added.
- Personalizing Windows 8 : Protecting Yourself with Windows Firewall - Introducing Action Center
- Personalizing Windows 8 : Protecting Yourself with Windows Firewall - How Firewalls Work
- Windows Server 2012 : Managing Users and Data with Dynamic Access Control - Automatic File Classification
- Windows Server 2012 : Managing Users and Data with Dynamic Access Control - Auditing
- Windows Server 2012 : Managing Users and Data with Dynamic Access Control - Access Denied Remediation
- Xbox LIVE and Windows 8 (part 3) - Xbox Companion
- Xbox LIVE and Windows 8 (part 2) - Xbox Games
- Xbox LIVE and Windows 8 (part 1) - Xbox LIVE Accounts
- Xbox Games with Windows 8 : Finding and Acquiring Desktop Games
- Xbox Games with Windows 8 : Finding and Acquiring Games for Windows 8
- First look: Apple Watch

- 10 Amazing Tools You Should Be Using with Dropbox

- Sigma 24mm f/1.4 DG HSM Art

- Canon EF11-24mm f/4L USM

- Creative Sound Blaster Roar 2

- Alienware 17 - Dell's Alienware laptops

- Smartwatch : Wellograph

- Xiaomi Redmi 2
- How to create your first Swimlane Diagram or Cross-Functional Flowchart Diagram by using Microsoft Visio 2010 (Part 1)

- How to create your first Swimlane Diagram or Cross-Functional Flowchart Diagram by using Microsoft Visio 2010 (Part 2)

- How to create your first Swimlane Diagram or Cross-Functional Flowchart Diagram by using Microsoft Visio 2010 (Part 3)
Popular tags
Video Tutorail Microsoft Access Microsoft Excel Microsoft OneNote Microsoft PowerPoint Microsoft Project Microsoft Visio Microsoft Word Active Directory Biztalk Exchange Server Microsoft LynC Server Microsoft Dynamic Sharepoint Sql Server Windows Server 2008 Windows Server 2012 Windows 7 Windows 8 Adobe Indesign Adobe Flash Professional Dreamweaver Adobe Illustrator Adobe After Effects Adobe Photoshop Adobe Fireworks Adobe Flash Catalyst Corel Painter X CorelDRAW X5 CorelDraw 10 QuarkXPress 8 windows Phone 7 windows Phone 8 BlackBerry Android Ipad Iphone iOS
Top 10
- How To Install Android Market & Google Apps On Kindle Fire
- How To Make Ubuntu Look Like Windows 7
- How To Add A New Account in MS Outlook 2013
- Get Android & Mac OS X Style Gadgets For Windows 7 & Windows 8 With XWidget
- How To Activate Microsoft Office 2013
- How To Install Actual Facebook App On Kindle Fire
- How To Create, View And Edit Microsoft Office Files On Kindle Fire
- Download Attractive Business PowerPoint Templates For Free At SlideHunter
- How To Use And Enable Hibernate & Sleep Mode In Windows 8
- How To Get Microsoft Office 2013 Trial Product Key From Microsoft