Ever since using CIS I have always disabled the windows firewall. Now, using windows 7, I have disabled the windows firewall service rather than deconfigure any of the windows 7 firewall options.
I have encountered a couple of problems with having windows 7 firewall turned off:
Can not enable windows rdp server
Some installers (Rosetta stone for example) expect to find the windows firewall service active in order to add rules, otherwise the installer bails out.
I expect the Rosetta MSI installer will complete OK if windows firewall is turned on just whilst it installs. Incidentally, the fact an application can silently create windows firewall rules is disconcerting.
WRT to remote desktop server, is it the same sort of thing, or does it require windows firewall turned on all the time in order to work?
My work around, and it seems to have worked, was to temporarily enable the windows firewall service whilst I installed Rosetta stone and enabled RDP server. They both needed the firewall service up in order to create (in this case redundant) firewall rules. But neither application looks for the windows firewall service once running.
I then disabled the windows 7 firewall again.
Both Rosetta stone and inbound rdp connections work without the windows firewall service running.
I was surprised that Comodo did not alert me to an inbound RDP connection. Then, I spotted a firewall entry for ‘System’ wildcard that appears to encompass evertything in the windows/system(32) directory. This had a single rule to allow all inbound/outbound traffic. I have modified that rule to now to log and ask and I will add specific rules accordingly.
If it is the case that the windows firewall service must be running in order for certain things to work, then it defeats the object of accomodating 3rd party firewall applications (which windows does seem to recognise). Running two firewalls may work OK but it’s a waste of resources, must introduce some latency and is an administritive headache.
What would be good is if WFW allows rule creation whilst not actually running.
There are services listed there that are required by the firewall service itself.
But as I read it, that dialog shows there aren’t any services that depend on the firewall. Makes sense as I can’t see any reason why something would need it. That’s assuming it does nothing other than packet filtering.
Jake, I think this is a similar issue to that which I experienced installing certain applications and switching on server processes like rdp.
I believe windows will complain if you try to globally enable/disable shares whilst the firewall service is off. When turning on/off sharing, it is trying to create/delete certain firewall rules. Therefore, it’s only necessary to run the windows firewall service whilst you globally turn on/off sharing. Once activated, you can then delete and create print/file shares without re-enabling the windows firewall. I can confirm that I have accessible non-default shares that are still available whilst the windows firewall is off, even after reboot.