Vadim Rapp
asked on
Firewall does not block traffic it's supposed to
The firewall on my windows 7 machine does not block the traffic I expect it to block. I create new rule to block incoming traffic on all networks from all remote hosts for port 3456. Then I start an application listening on that port, and I'm able to telnet to this port from a remote machine successfully.
What firewall are you using if you don't mind my asking?
The range of port numbers from 1024 to 49151 are the registered ports. They are assigned by IANA for specific service upon application by a requesting entity.[5] On most systems, registered ports can be used without superuser privileges.
Source: https://en.m.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers
Source: https://en.m.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers
Is application not whitelisted? Please export and post all firewall rules
ASKER
>Is application not whitelisted?
no, in fact I just wrote a new one.
> Please export and post all firewall rules
attached
>The range of port numbers from 1024 to 49151 are the registered ports.
so...?
> What firewall are you using if you don't mind my asking?
Native Windows firewall.
no, in fact I just wrote a new one.
> Please export and post all firewall rules
attached
>The range of port numbers from 1024 to 49151 are the registered ports.
so...?
> What firewall are you using if you don't mind my asking?
Native Windows firewall.
ASKER
Here's the exported policy file - rename - .txt to .wfw
rules.txt
rules.txt
The range of port numbers from 1024 to 49151 are the registered ports.
so...?
You need to block telnet protocol and not block the incoming port for telnet.
https://technet.microsoft.com/en-us/library/cc753713(v=ws.10).aspx
so...?
You need to block telnet protocol and not block the incoming port for telnet.
https://technet.microsoft.com/en-us/library/cc753713(v=ws.10).aspx
ASKER
I use telnet to the port of interest, only to try if the port is blocked or not. It's not standard telnet port.
If you block the protocol in relation to the ranges of ports associated with a protocol, the port will be blocked.
Normally, we are blocking the ports at a physical firewall or router level, not at the computer.
Normally, we are blocking the ports at a physical firewall or router level, not at the computer.
ASKER
What do you mean by telnet protocol? There's TCP protocol and UDP protocol. In your article: "On the Protocol and Ports page, change the Protocol type to TCP, change Local port to Specific Ports, type 23 in the text box, and then click Next." In my case its TCP, and port - the one I want to block.
By the way, I tried the same on another machine in windows 10, and it worked as expected.
By the way, I tried the same on another machine in windows 10, and it worked as expected.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
That was the answer to the problem