Enforcing Windows Defender Firewall

[Miguel2013]

I have this problem with the firewall that came with windows 10 allowing it's own stuff without my permission.
I checked all apps on the allowable list and next week there was more allowed stuff that I don't know where they came from, stuff like messenger and games or other conectivity.
I have thought of installing another firewall but I was hoping windows will fix their own firewall that I'm familiar with.

I also checked the advanced firewall rules and most are redundant rules for the different network zones and weather they're udp or tcp the only protocols in the transport layer.

Finally what about DLL authentication (feature from sygate) is that still a thing of concern to achieve total security?

 

[blobster21]

i wouldn't be surprised if Windows 10 managed its own exceptions list, recreating the missing ones through some shelduled tasks.

As for DLL authentication, it's not like we could disable this builtin security feature, so why bother messing with it ?

 

[R-T-B]

Windows 10 pro/home by default autoinstall apps like "Candy Crush" and other "value added" crapware.

They probably come with their own firewall rules. Not much can be done about that. They aren't really a security risk though.

That said, if you just want to block everything, there's always this:

 

[blobster21]

Windows 10 pro/home by default autoinstall apps like "Candy Crush" and other "value added" crapware.

By that, you probably meant "Windows Consumer features"

You can prevent them from further reinstalling by executing the following reg keys:

reg add HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsStore /v AutoDownload /t REG_DWORD /d 00000002 /f
reg add HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\ContentDeliveryManager /v SilentInstalledAppsEnabled /t REG_DWORD /d 00000000 /f
reg add HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CloudContent /v DisableWindowsConsumerFeatures /t REG_DWORD /d 00000001 /f

 

[R-T-B]

By that, you probably meant "Windows Consumer features"

You can prevent them from further reinstalling by executing the following reg keys:

reg add HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsStore /v AutoDownload /t REG_DWORD /d 00000002 /f
reg add HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\ContentDeliveryManager /v SilentInstalledAppsEnabled /t REG_DWORD /d 00000000 /f
reg add HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CloudContent /v DisableWindowsConsumerFeatures /t REG_DWORD /d 00000001 /f

I know about those keys, but was under the impression they only worked under Enterprise. At least that's how the group policy keys description explain it.

 

[blobster21]

Yes indeed, i forgot to mention it (i am using the educ version)

 

[Space Lynx]

I have the N version of windows 10 from my european key, so I don't get anything at all like candy crush, etc. its lovely

 

[Bill_Bright]

It should be pointed out that just because the Windows Firewall lets those programs through, that does not mean it is a less "secure" firewall. "Unwanted" is the not the same as "unsafe". And just because something is on the allow list, that does not mean those programs are pushing data through. If Candy Crush is not running, it is not pushing data through. Believe it not, the integrated Windows Firewall really is a very capable firewall. If you want a firewall that does more than typical firewall tasks, get a 3rd party firewall that has all sorts of extra features (and bloat).

You might also check out Windows Firewall Control - a neat little applet that makes it much easier to configure Windows Firewall the way you want. I recommend trying this before resorting to a third party firewall. Note Binisoft was recently acquired by Malwarebytes so I am expecting good things to happen here.