This is cache of http://pluralsight.com/blogs/keith/archive/2008/01/10/49871.aspx. Cache is the snapshot of article that we took when we index feed.
To see original page click here.
We are not affiliated with the authors of this article and not responsible for its content.
Windows Live OneCare Firewall and Software
2008-01-10 07:37:00 by Keith Brown in Security Briefs
 

I've recently installed Windows Live OneCare and generally have been very happy with it. I'm using the Family Safety option to help my kids access the Internet safely. But one thing that's been bugging me is the outbound firewall.

If your software is signed with a code signing cert issued by an authority that is trusted on the machine (e.g., Thawte, Verisign, etc.) you're good, because the firewall will automatically allow your software to access the Internet. But if you don't want to shell out the hundreds of $$$ it takes to get one of these certs, especially for homebrew software, you might try to do what I did and tell the OneCare firewall about your app. Under Advanced Settings, you can point at your EXE file and tell the firewall to allow it to make outbound connections. Sadly this doesn't seem to work very consistently. Here's a sample program that I could sometimes get this to work for, and sometimes not:

using System;
using System.Net;

class FetchMicrosoftHomePage {
    static void Main() {
        byte[] data;
        try {
            data = new WebClient().DownloadData("http://www.microsoft.com");
            Console.WriteLine("Microsoft's home page is {0} bytes long", data.Length);
        }
        catch (WebException x) {
            Console.WriteLine(x);
        }
    }
}

I've spent about an hour trying to figure out why I can only sporadically get the firewall to recognize this program, and I'm done now. FWIW, when it's not recognized, the firewall outputs a log message like this (you need to turn on detailed logging to see this, BTW):

There's a lot of people who will argue that an outbound firewall is useless, especially for non-techies. And a lot of people will argue the opposite point. I'm not here to argue either of these points, but I can say that this type of behavior makes it pretty hard for even highly technical people to use.

Since I'm personally in the, "outbound firewalls aren't that useful" camp, I fixed the problem on my own machine by adding four rules that allow all outbound TCP and UDP connections to all ports (I figured I needed four, since each rule only allows one protocol and you have to pick between local subnet vs. Internet). Then I shut off the prompts for "blocking" programs and everything seems to be working fine. But I wonder how many software developers will be running into deployment problems in home environments where lots of users are running this firewall.

 
Tags: firewall, onecare firewall, software, outbound firewall, firewall outputs, windows live onecare, homebrew software, people, highly technical people
 
 
 
 
 
TOP SEARCH
Expand / MinimizeClose Widget
  •  
RECENT SEARCH
Expand / Minimize
  •  
RELATED VIDEO
Expand / Minimize
SecurityRatty FAQ
Sergey Zarubin, 31yo
CISSP, CCSP
Moscow, Russia