Windows (10) Firewall

Discussion in 'other firewalls' started by rm22, Jul 4, 2016.

  1. rm22

    rm22 Registered Member

    Joined:
    Oct 26, 2014
    Posts:
    328
    Location:
    Canada
    Can anyone shed some light on these firewall entries in Windows 10. I think some were enabled by default that shouldn't have been - I'm just configuring the firewall after doing an upgrade from Win7

    These ones look like they are for server/remote access/internal/etc so i've disabled them...
    World Wide Web (HTTP Trafic-in)
    World Wide Web (HTTPS Trafic-in)
    Message Queuing Inbound/outbound
    Dial protocol server
    Distributed Transaction Coordinator

    These ones I had no idea... so i disable them
    LINE
    windows_ie_ac_001

    This one I have no idea, but i've read it's needed? so it's still enabled
    AllJoyn Router

    I've also disabled all inbound rules for Windows Apps - I've removed many anyway, but I've read they hog a fair bit of bandwidth and disabling inbound rules (+ disable running in background) keeps them quiet. Can anyone confirm?

    Also a general question - the only Apps/Softs I allow inbound access are my VOIP services - no browsers... i just enable the default rules for Core Networking & printing. Is there a security benefit to blocking inbound access for browsers or should i just let them have it?
     
    Last edited: Jul 6, 2016
  2. rm22

    rm22 Registered Member

    Joined:
    Oct 26, 2014
    Posts:
    328
    Location:
    Canada
    ok - how about this... does anyone know a reason i should leave any of the above default rules enabled? or... who else has disabled these and other default rules? There's a ton of default 'allow' for window 10 firewall compared to windows 7
     
  3. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    1,231
    Location:
    Romania
    I have all of these rules removed from my Windows Firewall. I do not have any inbound rule and the outbound rules that I need are below. I can browse the Internet, chat on Skype, print on my network printer, connect to my local network resources. For other scenarios, probably I will have to add new firewall rules, but for now, these 10 rules are enough for me.
    upload_2016-7-7_9-44-27.png
     
  4. rm22

    rm22 Registered Member

    Joined:
    Oct 26, 2014
    Posts:
    328
    Location:
    Canada
    Great, thanks for the reply - I've been slowly cutting out more rules as I dig up more information - not sure I'll make it down to your lean list though :)
     
  5. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    1,231
    Location:
    Romania
    When you enable/disable some features from Windows (like Network Discovery, File and Printer Sharing), the operating system enables/disables some group names from the default set of rules. If you have removed these rules, then the operating system can't actually enable these functionalities because the rules from their corresponding groups are not there anymore. In this case, my recommendation is to reset your rules to the default set and start over with the removing carefully of the default rules.
     
  6. themorpethian

    themorpethian Registered Member

    Joined:
    May 6, 2006
    Posts:
    33
    rm22
    I always use this site as a start Harden Window http://hardenwindows10forsecurity.com/ scroll down to
    Windows Advanced Firewall, turn on outbound blocking and logging. Dont delete anything just disable.
    Export your rules so you can keep a backup.
     
  7. rm22

    rm22 Registered Member

    Joined:
    Oct 26, 2014
    Posts:
    328
    Location:
    Canada
    Good advice - I had to do this twice when I first started using WFC 'Secure rules' - I was too lazy and let too many rules get deleted :)

    Thanks for the link, I've used that site as well, but hadn't read through the FW rules

    I like the Binisoft Windows Firewall Controller for adding outbound filtering & to lock my inbound/outbound rules from being changed.
     
  8. themorpethian

    themorpethian Registered Member

    Joined:
    May 6, 2006
    Posts:
    33
    I have a licence for that as well, very good firewall. Just installed the Windows 10 Anniversary thought I'd start my security setup again.
    Just using Windows Firewall, Windows Defender, Umatrix, Smart Object Blocker.
     
Loading...