I just stumbled upon this, and was wondering if some knowlegeable people here would like to comment... I havent seen it mentioned literally anywhere, and I hesitate to jump into it without some informed opinions/feedback. PS: I am beginner level re firewalls... other than setting outgoing only, hdconfig hardening, and blocking as needed with simplewall, I am pretty much a noob... "About WindowsFirewallRuleset: Windows firewall rulles organized into individual powershell scripts according to: Rule group Traffic direction IP version (IPv4 / IPv6) Further sorted according to programs and services such as for example: ICMP traffic Browser rules rules for Windows system Store apps Windows services Microsoft programs 3rd party programs broadcast traffic multicast traffic and the list goes on... You can choose which rulles you want, and apply only those or apply them all with single command to your firewall. All the rules are loaded into Local group policy giving you full power over default windows firewall." https://www.kitploit.com/2020/01/windowsfirewallruleset-windows-firewall.html https://github.com/metablaster/WindowsFirewallRuleset/releases
if you are lack of knowledge about ICMP, multicast and more i do not recommend to use predefined rules which may lock down your system. GPO needs Windows Pro or higher. it does not make sense to work on HOME with questionable GPO tweaks.
Thanks for your reply, however... -I am on w10pro, -I backup regularly with Macrium reflect and there are backup/restore scripts Anyone else like to weigh in on this method of applying rules? It really looks like it would save a ton of work UNLESS there are red flags or other concerns that anyone can think of, ie: is the source known/reliable? Also, has anyone else used these scripts or similar?
unless nobody assign here you can try trial and restore for ICMP https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol Multicast https://en.wikipedia.org/wiki/Multicast there is also someone on the run for "secure" settings https://www.wilderssecurity.com/thr...d-connection-or-access-to-the-network.444971/ already page 4 and still no clue. it is not simple to understand what and how to block/allow. "Store apps" are not classic programs, they need a host, so if you block the host certain apps wont run properly. you can apply the rules and sit and wait, but there is nothing without some basics. badly this is so true how many questions you have in mind.
Im not concerned with store apps at all as I have those all uninstalled/disabled. My main concerns are remote desktop, remote assistance, etc, as well as file sharing and protocols such as NetBIOS, UPnP, and others.
netbios is futile since smb v2/v3 https://superuser.com/questions/694469/difference-between-netbios-and-smb upnp do not only concern new devices, it connect devices without user interaction. this could lead into trouble, but do not have to. it is not critical to turn it off - the service, but a rule for firewall is pointless. RDP/RA can be turned off. "file sharing protocol" is SMB or CIFS https://docs.microsoft.com/en-us/wi...osoft-smb-protocol-and-cifs-protocol-overview this has nothing to do with file sharing over the web.
