Axiom Home Page Forums General Discussion The Water Cooler Linix Firewalls anyone?

Ok. I've been putting this off for a while...

In January I set up a stand alone Linex firewall (I'm the paranoid type) to improve the security of my internet connection.

It took a while, but I got it working except... windows update. Vista update fails when I try to run it through the firewall. I don't like the idea of turning off the firewall just to update Vista so now I gotta trouble-shoot.

I have the firewall set up so that it blocks everything inbound and have some custom rules to prevent certain types of attacks. I do not understand the implications of these rules as I set them up at the suggestion of others and followed their lead.

Does anybody out there know how Windows/Vista does its updates?

I guess my first step should be to turn off all the custom inbound rules and see if that makes things better. From there I would have no clue how to prodeed.

I think it's all outbound--machines behind my firewall (no inbound access without initiating an outbound connection first) can run Win Update just fine.

I agree. I admin a corporate firewall and outbound access on standard web ports (tcp port 80 and 443) should do it.

I'm still doing my best not to 'downgrade' from XP to Vista, snicker. However, what I would probably do is clear my firewall logs, run the Vista Update program, then consult the logs to see what ports and traffic types got denied as a result. You can then decide if you want to open those ports up.

Depends on how fluent your Linex firewall skills are at this time.

Also I wonder, have you tried the Windows Update Web page? I think you can invoke Vista updates from there as well. It may or may not change the traffic enough that it works better.

Hey, what's your IP, well just take a look from here. KIDDING!!!

Not very, and with recent job demands, it won't improve the way I had originally planned. Thats part of the problem, I just don't have a lot of time right now to dedicate to figuring stuff out myself.

I didn't think to clear the logs and try again. Too simple.

I also didn't think that there would be anything other than strait forward http requests, but given MS paranoia, you never know what they have added under the hood to make sure the transaction takes place in a 'safe environment'. I have no idea how they validate you as a user before proceeding with updates.

Sigh, I was gonna do this tomorrow, but now I have to work and its a shift switch over weekend.

Well, I finally had both the energy and motivation to tackle this over the weekend.

This morning I hooked the new pc up to the firewall, cleared the logs and left the room for a few minutes. I get back ready to fire up the update software and read through logs and...

Its all running just fine. No blocked connection atempts, no dropped packets. Go figure.

No blocked connection attempts ?????
Are you sure you are on the internet at all?

Just kidding, That's awesome!