Hi everybody!

Just finished with ports blocking function (outbound protection is already done and tested). What are the initial ports need top be closed with firewall by default? I assume, 445 and 139 must be there any case, what else?

TCP 135、139、445、593、1025
UDP 135、137、138、445

If one follows the program WWDC, then the ports 135,137,138, 5000 should also be closed.

139? NetBios is quite important thing if I remember it correctly...

NetBIOS allows users to obtain general access to files or devices.

One question Ilya, apologies if it has been answered before, but will it be possible to turn off this firewall function? I already use Outpost Firewall and I know that you should not have two firewalls active.

Good question. I would also like to be able to turn this firewall off. I do hope this will be possible because I already have a firewall.

Ilya for example this is a restricted ports list from OA Free:

http://www.tallemu.com/webhelp3/FWAdv.html

Edit:
You can also ask Stem from Wilders he is FW expert.

1. If you already have a firewall, teher is no need to buy or use Personal Firewall version. HIPS version will be still available and will not increase its cost.
2. Yes, both INbound and Outbound filters can be switched off separately.

Thanks, Creer, just sent a message.

Ilya, we can drop third-party firewall altogether when (DW firewall component) tested, proven, and final release? Is it to be used with Windows firewall?

edit: changed 'posts' to 'ports' in the topic.

Thanks for both answers. :)

1. I believe- yes. But you can check the software by yourself and make a clear decision.
2. There is no need to switch of built-in Windows firewall.

This upcoming version will be terrific in XP. Also, I thought you were just concentrating on outbound protect since XP, Vista, and Win 7 have inbound by default. Removing inbound protection would lighten the resource demand on DefenseWall, wouldn't it?

Later...

Hi Ilya Rabinovich,

NetBios ports such as TCP 135, TCP & UDP 137, TCP & UDP 138, TCP 139 and TCP & UDP 445 are important for local area network (LAN) file sharing. All of them should not be exposed to the Internet. You can get information of those ports from shields up !!

http://www.grc.com/port_135.htm
http://www.grc.com/port_138.htm
http://www.grc.com/port_139.htm
http://www.grc.com/port_445.htm

1. Unfortunately, inbound protection with XP-W7 is implemented very interesting way. If you are in the Ethernet environment, it unlocks 139 and 445 ports (printer/file sharing and SMB). So, if your computer is locating within Ethernet network (so-called home networks), it may be vulnerable. See Kido, for instance.
2. Switching Inbound off will not dramatically improve the performance as it is requires to switch it on and off on the fly. So, it's implemented like a simple data field (on/off).

Ilya, it might be an idea to have an option to configure it for "direct to internet" or "home lan option" that way people who have a lan setup behind router and do internal file sharing between the computers could easily configure it for that situation. Likewise, anyone connecting directly to the internet could easily configure it to block all ports as file sharing would not be needed and having those ports exposed would not be a good thing.

I was thinking about such the profiles too. But I have no idea about ports should be with that profiles.