• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

Enforcing Windows Defender Firewall

Miguel2013

Miguel2013

Joined
Nov 12, 2011
Messages
790 (0.16/day)
Location
UT,US
System Specs
System Name Asrock 2012
Processor FX 8350 4.2Ghz no turbo
Motherboard ASRock 970 PRO3 AM3+
Cooling Corsair H70 for CPU
Memory 32GB DDR3 1960Mhz
Video Card(s) NVIDIA 1080 with stock fan
Storage 1TB GIGABYTE SSD NVME PCIE 2.0 + Samsung SSD Evo 850 250GB with Ubuntu + Samsung SSD 860 500GB win7
Display(s) LG HDR 31.5"
Case Big Black Tower
Audio Device(s) Realtek audio + Audigy 2 ZS platinum
Power Supply CORSAIR RM850X
Mouse microsoft intellimouse usb to ps/2
Keyboard Logitech
Software Windows 10 Pro 64bit
Benchmark Scores +
I have this problem with the firewall that came with windows 10 allowing it's own stuff without my permission.
I checked all apps on the allowable list and next week there was more allowed stuff that I don't know where they came from, stuff like messenger and games or other conectivity.
I have thought of installing another firewall but I was hoping windows will fix their own firewall that I'm familiar with.

I also checked the advanced firewall rules and most are redundant rules for the different network zones and weather they're udp or tcp the only protocols in the transport layer.

Finally what about DLL authentication (feature from sygate) is that still a thing of concern to achieve total security?
 

Attachments

  • Untitled.gif
    Untitled.gif
    55.1 KB · Views: 483
B

blobster21

Joined
Oct 24, 2004
Messages
1,294 (0.18/day)
i wouldn't be surprised if Windows 10 managed its own exceptions list, recreating the missing ones through some shelduled tasks.

As for DLL authentication, it's not like we could disable this builtin security feature, so why bother messing with it ?
 
R-T-B

R-T-B

Supporter
Joined
Aug 20, 2007
Messages
21,614 (3.40/day)
System Specs
System Name Pioneer
Processor Ryzen R9 9950X
Motherboard GIGABYTE Aorus Elite X670 AX
Cooling Noctua NH-D15 + A whole lotta Sunon, Phanteks and Corsair Maglev blower fans...
Memory 64GB (2x 32GB) G.Skill Flare X5 @ DDR5-6000 CL30
Video Card(s) XFX RX 7900 XTX Speedster Merc 310
Storage Intel 5800X Optane 800GB boot, +2x Crucial P5 Plus 2TB PCIe 4.0 NVMe SSDs
Display(s) 55" LG 55" B9 OLED 4K Display
Case Thermaltake Core X31
Audio Device(s) TOSLINK->Schiit Modi MB->Asgard 2 DAC Amp->AKG Pro K712 Headphones or HDMI->B9 OLED
Power Supply FSP Hydro Ti Pro 850W
Mouse Logitech G305 Lightspeed Wireless
Keyboard WASD Code v3 with Cherry Green keyswitches + PBT DS keycaps
Software Gentoo Linux x64 / Windows 11 Enterprise IoT 2024
Windows 10 pro/home by default autoinstall apps like "Candy Crush" and other "value added" crapware.

They probably come with their own firewall rules. Not much can be done about that. They aren't really a security risk though.

That said, if you just want to block everything, there's always this:

this.png
 
B

blobster21

Joined
Oct 24, 2004
Messages
1,294 (0.18/day)
R-T-B said:
Windows 10 pro/home by default autoinstall apps like "Candy Crush" and other "value added" crapware.
Click to expand...

By that, you probably meant "Windows Consumer features" :D

You can prevent them from further reinstalling by executing the following reg keys:

Code: 
reg add HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsStore /v AutoDownload /t REG_DWORD /d 00000002 /f
reg add HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\ContentDeliveryManager /v SilentInstalledAppsEnabled /t REG_DWORD /d 00000000 /f
reg add HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CloudContent /v DisableWindowsConsumerFeatures /t REG_DWORD /d 00000001 /f
 
R-T-B

R-T-B

Supporter
Joined
Aug 20, 2007
Messages
21,614 (3.40/day)
System Specs
System Name Pioneer
Processor Ryzen R9 9950X
Motherboard GIGABYTE Aorus Elite X670 AX
Cooling Noctua NH-D15 + A whole lotta Sunon, Phanteks and Corsair Maglev blower fans...
Memory 64GB (2x 32GB) G.Skill Flare X5 @ DDR5-6000 CL30
Video Card(s) XFX RX 7900 XTX Speedster Merc 310
Storage Intel 5800X Optane 800GB boot, +2x Crucial P5 Plus 2TB PCIe 4.0 NVMe SSDs
Display(s) 55" LG 55" B9 OLED 4K Display
Case Thermaltake Core X31
Audio Device(s) TOSLINK->Schiit Modi MB->Asgard 2 DAC Amp->AKG Pro K712 Headphones or HDMI->B9 OLED
Power Supply FSP Hydro Ti Pro 850W
Mouse Logitech G305 Lightspeed Wireless
Keyboard WASD Code v3 with Cherry Green keyswitches + PBT DS keycaps
Software Gentoo Linux x64 / Windows 11 Enterprise IoT 2024
blobster21 said:
By that, you probably meant "Windows Consumer features" :D

You can prevent them from further reinstalling by executing the following reg keys:

Code: 
reg add HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsStore /v AutoDownload /t REG_DWORD /d 00000002 /f
reg add HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\ContentDeliveryManager /v SilentInstalledAppsEnabled /t REG_DWORD /d 00000000 /f
reg add HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CloudContent /v DisableWindowsConsumerFeatures /t REG_DWORD /d 00000001 /f
Click to expand...

I know about those keys, but was under the impression they only worked under Enterprise. At least that's how the group policy keys description explain it.
 
Space Lynx

Space Lynx

Astronaut
Joined
Oct 17, 2014
Messages
17,471 (4.67/day)
Location
Kepler-186f
System Specs
Processor 7800X3D -25 all core
Motherboard B650 Steel Legend
Cooling Frost Commander 140
Video Card(s) Merc 310 7900 XT @3100 core -.75v
Display(s) Agon 27" QD-OLED Glossy 240hz 1440p
Case NZXT H710 (Red/Black)
Audio Device(s) Asgard 2, Modi 3, HD58X
Power Supply Corsair RM850x Gold
I have the N version of windows 10 from my european key, so I don't get anything at all like candy crush, etc. its lovely :D
 
Bill_Bright

Bill_Bright

Joined
Jul 25, 2006
Messages
13,451 (1.99/day)
Location
Nebraska, USA
System Specs
System Name Brightworks Systems BWS-6 E-IV
Processor Intel Core i5-6600 @ 3.9GHz
Motherboard Gigabyte GA-Z170-HD3 Rev 1.0
Cooling Quality case, 2 x Fractal Design 140mm fans, stock CPU HSF
Memory 32GB (4 x 8GB) DDR4 3000 Corsair Vengeance
Video Card(s) EVGA GEForce GTX 1050Ti 4Gb GDDR5
Storage Samsung 850 Pro 256GB SSD, Samsung 860 Evo 500GB SSD
Display(s) Samsung S24E650BW LED x 2
Case Fractal Design Define R4
Power Supply EVGA Supernova 550W G2 Gold
Mouse Logitech M190
Keyboard Microsoft Wireless Comfort 5050
Software W10 Pro 64-bit
It should be pointed out that just because the Windows Firewall lets those programs through, that does not mean it is a less "secure" firewall. "Unwanted" is the not the same as "unsafe". And just because something is on the allow list, that does not mean those programs are pushing data through. If Candy Crush is not running, it is not pushing data through. Believe it not, the integrated Windows Firewall really is a very capable firewall. If you want a firewall that does more than typical firewall tasks, get a 3rd party firewall that has all sorts of extra features (and bloat).

You might also check out Windows Firewall Control - a neat little applet that makes it much easier to configure Windows Firewall the way you want. I recommend trying this before resorting to a third party firewall. Note Binisoft was recently acquired by Malwarebytes so I am expecting good things to happen here.
 
You must log in or register to reply here.
Top