How to get Windows Firewall to successfully block ports?

Discussion in 'other firewalls' started by Thelps, Apr 5, 2018.

Page 2 of 2
  1. reasonablePrivacy

    reasonablePrivacy Registered Member

    Joined:
    Oct 7, 2017
    Posts:
    2,010
    Location:
    Member state of European Union
    I was questioned how to do this. Try this commands on two separate computers. Set up servers first, then clients. After client commands type some data and hit "Enter" key on keyboard. Data should be transmitted to server. Data typing is optional in TCP connection, but to test UDP you need to type something, because there is no such a thing as UDP connection (UDP is connectionless protocol). Of course change 127.0.0.1 address to address of remote server computer. You can show ip address by ipconfig command.

    Code:
    cd "C:\Program Files (x86)\Nmap"
:: commented: TCP server:
ncat.exe -l -v -p 8002 -k
:: commented: UDP server:
ncat.exe -l -v -p 8002 -u
    Code:
    cd "C:\Program Files (x86)\Nmap"
:: commented: TCP client:
ncat.exe -v 127.0.0.1 8002
:: commented: UDP client:
ncat.exe -u 127.0.0.1 8002
     
    reasonablePrivacy, Apr 17, 2018
    #26
  2. Thelps

    Thelps Registered Member

    Joined:
    Apr 1, 2012
    Posts:
    46
    Anyway, I blocked a bunch of ports in my firewall but Chrome is still using those ports, establishing connections and transferring data.

    I can only assume it's something in Chrome's code that overrides or reconfigures the firewall. Then again I'm almost certainly being MITMed or networked with someone else's computer without my consent. Police are truly useless.
     
    Thelps, Jul 17, 2018
    #27
  3. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,885
    Location:
    Slovenia, EU
    You blocked outbound or inbound connections in your firewall?
     
    Minimalist, Jul 17, 2018
    #28
  4. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    8,593
    Location:
    U.S.A.
    Most firewalls, and I assume the Win firewall, execute rules from top to bottom in the rules set. As far as I am aware of, there is no way to order the rule position in the Win Firewall other than by manual manipulation in the registry. I assume what is happening in your case is an existing outbound allow rule is executing prior than your block rules for specific ports.
     
    itman, Jul 17, 2018
    #29
  5. reasonablePrivacy

    reasonablePrivacy Registered Member

    Joined:
    Oct 7, 2017
    Posts:
    2,010
    Location:
    Member state of European Union
    Block rules take precedence before allow rules.
    https://docs.microsoft.com/en-us/pr...ows-server-2008-R2-and-2008/cc755191(v=ws.10)

    I guess Thelps just misunderstands something about basics of TCP/IP networking and firewalls, so there is an error in ruleset.
     
    reasonablePrivacy, Jul 17, 2018
    #30
  6. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    8,593
    Location:
    U.S.A.
    I assume Chrome as is true for most browsers is using ports 80 and 443 for the majority of its network communication. So blocking ports other than those would have no effect on Chrome outbound communication.
     
    itman, Jul 17, 2018
    #31
Page 2 of 2
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...