Windows Firewall Notifier to Control and Troubleshoot Outbound Network Traffic

0

Windows built-in firewall has gotten better and better since its first debut in Windows XP SP1. Most of the security issues have been dealt with in the feature quite nicely. But there are still a few things that I wish it could do better, such as notification as well as troubleshooting. Since a lot more attacks are initiated from a computer inside the network calling outside address, it would be a lot helpful if there is a tool available to control and troubleshoot what’s going out. And that’s where I found this little 3rd party open source program could be very handy and useful.

Windows Firewall Notifier is a portable free network firewall tool that extends the default Windows embedded firewall behavior by displaying notifications to allow users to control over outgoing connections. It works on Windows Vista and above, compatible with both 32-bit and 64-bit editions.

Windows Firewall Notifier 2014 08 28 14 49 19 600x385 - Windows Firewall Notifier to Control and Troubleshoot Outbound Network Traffic

Download the tool from its CodePlex page, unzip it, and launch the console.exe file, you will see what’s coming.

First of all, you will be prompted by the Notifications Setting dialog box asking whether you want to enable or disable the notification. Basically, enabling the notifications means all outgoing connections will be filtered by the time you hit OK button. If you do not want to exam all outgoing connections but only to monitor them, choose “Do no enable the notifications” option.

Windows Firewall Notifier Notifications 2014 08 28 14 46 48 - Windows Firewall Notifier to Control and Troubleshoot Outbound Network Traffic

then, probably a few seconds after you hit OK button, you will see a stream of notification box popping up from the system tray corner asking for your permission to either Allow or Block outgoing connections.

Windows Firewall Notifier Notifications - Windows Firewall Notifier to Control and Troubleshoot Outbound Network Traffic

Clicking Advanced button at the bottom of the pop-up box will reveal more details about this outgoing connection, such as target port, target IP, path of the program, etc.

Windows Firewall Notifier Notifications details - Windows Firewall Notifier to Control and Troubleshoot Outbound Network Traffic

What’s a little behind scene is that the tool creates a task in Windows Task Scheduler, called WindowsFirewallNotifierTask, triggered by the built-in Windows Firewall event log entries. It will basically launches Windows Firewall Notifier whenever an outgoing connection is blocked by the Firewall.

WindowsFirewallNotifierTask Properties Local Computer 2014 08 28 15 34 40 600x452 - Windows Firewall Notifier to Control and Troubleshoot Outbound Network Traffic

To disable the notification and revert all Firewall Outbound rules back to default, click Notif. settings button, choose “Do not enable the notifications” option, and click OK.

Windows Firewall Notifier restore - Windows Firewall Notifier to Control and Troubleshoot Outbound Network Traffic

Verdict

Windows Firewall Notifier is a very handy useful network tool that adds a lot value to the built-in Windows Firewall, which gives you a lot more control to all your outbound network traffic. It’s especially useful to troubleshoot and pin down the program that sends unwanted outbound traffic to outside your network.

LEAVE A REPLY

Please enter your comment!
Please enter your name here