Win Firewall Inbound Rules (TCMD 16.x)

#1
Hi,

after install Take Command 16 64-bit, I have four automatically created INBOUND rules in Windows Firewall (Win 7 Ultimate 64-bit). So far so good. But are these not a bit oversized?

I have Allow rules for "tcmd.exe", "tcc.exe", "ide.exe" and "updater.exe" with ANY Ports and ANY protocol.

My question is now: how could these rules be restricted for incoming traffic?

Or in other words: are Inbound rules even necessary?

Thank you very much for answers in advance!

Greetings from Switzerland,
Alpengreis

PS: Sorry for my english ...
 
#2
The only one I'm sure is necessary is TCC's rule. Without it, TCC can't open data channels for FTP. The last time I tried (v15, I believe), UPDATER.EXE worked fine with its rule disabled.
 
#4
Thanks!

... "needs it for internet access" but this is then outbound not inbound?

I mean, I have no server which need access from outside the local subnet.

... "for registration & auto updates" - ok, this make sense, if it's initiated through your server(s).

Would be this enough for Win 7 Firewall INBOUND?

TCC Protocol = TCP, Ports = 20,989 (for the ftp(s)-data channels)
TCC Protocol = UDP, Ports = 20,989 (for the ftp(s)-data channels)
TCMD Protocol = TCP, Ports = 80,443 (for registration and auto updates)
IDE = No inbound traffic allowed

20 = ftp-data
80 = http
443 = https
989 = ftps-data

OUTGOING of course has another rule set ...

Sorry for my persistence - but I do not want to simply allow all or block everything.

Kind regards,
Alpengreis
 
#6
If you want to use HTTP, SFTP, SMTP, SMPP, SNMP, or SNPP from TCC you'll have to open ports for them too. If not, leave them closed.

There's no definitive set of firewall rules, because everybody has different needs. Experiment and see what works for you.
I don't know about the others, but I doubt there would be any inbound traffic on port 80 (HTTP) ... at least none expecting TCC to be listening. You didn't include a web server in the newest version, did you?
Code:
copy http://...
works fine with TCC firewall rule disabled
 
May 26, 2008
487
4
#7
Agreed... I don't know why inbound rules would be needed. AFAIK, these rules are for new, unestablished connections only. (Like if you have a server listening for incoming connections.)
 
#8
Yes, I also don't understand your answer, rconn, sorry! Why for incoming traffic with (except for (s)ftp data channels and eventually for server-initiated auto updates with TCMD (from your server(s) on port 80,443)?

Outbound, ok, this is another thing, that is (and was) clear - I have extra rules for outgoing traffic for tcc, etc. ... and this can be a (very) different setting, that's right ...

Even if, for example, anyone have a mail server - WHY does TCC or require a permit for incoming traffic? Then the mail server requires this, but not TCC ...

Now, I'm really confused!
 
#9
Hi, I have now created the right rules for me personally.

Nevertheless, it would be nice if here comes a response regarding "why for incoming traffic", also in the sense of other users!

Thanks and greetings,
Alpengreis
 
#11
No, this is not helpful to share my setting.

I don't know, if it's right or not. I have make a decision for ME personally and change the rules.

But it's possible to have problem with this setting - even because I don't know, why Inbound rules were sets automatically through the TCMD setup.

Eventually also Inbound it's not possible to have a "global"/standard setting for all.

But as I said: I don't know the reason why Inbound could be necessary, and this is my question ...

Greetings,
Alpengreis

PS: And my Outbound setting is anyway individual and not to share.