Whitelisting by ip address with Windows 7 firewall

I'm exploring Windows 7 firewall capabilities. I have a machine purposed for business only, no web surfing. I want to block all ip addresses and allow only the few needed for business. I thought I'd block all ip addresses and then enter rules to except the ip addresses on my whitlelist. Just the first step is tricky because the wizard won't accept some ip addresses as valid. Beyond that I'm not sure how an exception would be entered to the firewall.
maxpiAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

maxpiAuthor Commented:
I can declare all connections public. I guess that closes all inbound connection attempts. That is good. I want whitelisting on inbound and outbound so maybe I just have to block all outbound connections then add exceptions for what I want to allow? I want to rule out the scenario where a hacker inside one of the institutions I do want to do business with could get in my computer and send something out to their computer offsite and I want to rule out any computer not on my whitelist making a connection. Not sure about spoofing and all that, maybe some things just cannot be prevented, I don't know. I'm assumng that the windows 7 firewall does stateful packet inspection...

I could accomplish this with a hardware firewall but then in order to connect up and work from a hotel room with wifi I'd have to have a computer for a server, a hardware firewall and a working laptop. I'd rather not travel with all that stuff rattling around in my backpack. If I could accomplish the same thing with one laptop using Windows firewall I'd be happy.. it's a piece of cake with Linux and a front end for the built in firewall but Linux won't quite get me where I need to be with my software...
0
btanExec ConsultantCommented:
I just go simple an if you are using the Windows FW as proxy =, I am not sure if that it is the best maybe the ISA/TMG (content filter) maybe better. But as you shared IP can be spoofed and there are evasion to bypass FW rule which depends on IP and port, service and appl limited (path based to exe) - they are really doing deep packet inspection, or being fully application aware (such as inspecting the appl "tunnel" if exist) or data leakage type. I see the Windows FW as more of "Window aware" to the extent that rules can extend to authenticated network resources (e.g. users and computers).

I was thinking Windows has netsh advfirewall firewall context to control firewall behavior. Maybe something of this can help to tighen the traffic based on contextual profiles such as Domain, Private and Public
http://support.microsoft.com/kb/947709
http://windowsitpro.com/windows/windows-server-2008-r2-firewall-security

How to Create Advanced Firewall Rules in the Windows Firewall
http://www.howtogeek.com/112564/how-to-create-advanced-firewall-rules-in-the-windows-firewall/

More information on the adv FW capability
http://msdn.microsoft.com/en-us/library/windows/desktop/aa366418(v=vs.85).aspx

Allow a program to communicate through Windows Firewall
http://windows.microsoft.com/en-sg/windows7/allow-a-program-to-communicate-through-windows-firewall

I see that for whitelisting to reap benefit is to really go for learning mode ... think Windows FW has that too....I chanced upon one s/w FW called TinyWall that may augment Windows Firewall

http://www.ghacks.net/2012/06/27/tinywall-a-windows-firewall-with-less-annoyances/
http://tinywall.pados.hu/features.php

Multiple and easy ways to whitelist programs
Automatic learning mode
Firewall tampering protection
Password lockdown of settings
Quick modes, like Normal protection, Allow outgoing, Block all, Allow all and Learning mode
Support for temporary/timed firewall rules

Check out its FAQ @ http://tinywall.pados.hu/faq.php
Why do I need a software firewall? I already have a hardware firewall.
What is the difference between port-based and domain-based blocklists?
I have whitelisted an application but it still cannot access the network. What is going on?
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Networking

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.