Windows 8 and 8.1 Forums


Windows Firewall Advanced Settings

  1. #1


    Posts : 31
    Windows 8.1 Pro

    Windows Firewall Advanced Settings


    Hi Folks,
    I'm browsing through my windows firewall settings and I'd like to disable everything that's not required for proper operation.

    It is my opinion that the more stuff that is disabled in my computer system, the more secure it is.. Anyone have a different opinion?
    I already went through Services.msc and disabled stupid things like telephony and remote desktop connection and things that I'll never use.

    Inside the Windows Firewall advanced settings, can I disable all the windows media player sharing service stuff? I use windows media player to play music and movies but I certainly don't do any sharing with it.

    What about wifi direct scan and wifi driect network discovery... My desktop pc is hardwired (cat5).. I don't need any of that stuff right?

    Sonic Wall mobile content??? Huh?

    What about Play To Streaming Server ??

    More to follow!T

    thanks

      My System SpecsSystem Spec

  2. #2


    Posts : 446
    Win 8 64-bit


    Quote Originally Posted by murby View Post
    It is my opinion that the more stuff that is disabled in my computer system, the more secure it is.. Anyone have a different opinion?
    Not necessarily. For example, it wouldn't be more secure if you blocked software updates that fixed security vulnerabilities, or blocked svchost from connecting to Certificate Authorities to check for revoked SSL/TLS certificates, blocked Smartscreen filter connections, etc.

    I'm browsing through my windows firewall settings and I'd like to disable everything that's not required for proper operation.
    I'd leave all the Core Networking and Network Discovery rules there. If you look at the Network Discovery rules, they're only enabled on Private Networks by default anyway, the rules are disabled in the firewall rules for Public networks (grey tick, not green. You can also double-check the settings HERE). And if you have file and printer sharing switched off, your private network is treated as a 'Public' network anyway.

    In addition, even though I don't have Wi-Fi on my main machine, I left the Wi-Fi Direct rules there as well, mainly so that if I import the rules into a laptop the rules are already set up. I was planning on trying out Miracast at some point with a laptop, but never got around to it, so if you don't plan on using a Wi-Fi direct printer/scanner/screen/etc., then I can't think off the top of my head why you'd need those rules. Although, if you look closer at the Wi-Fi direct rules such as the 'Wi-Fi direct scan' rule for example, you'll see that it's bound to specific services anyway, for example 'Wi-Fi direct scan' is bound to the Windows Image Acquisition service, so it's not allowing svchost to do whatever it wants under that rule.

    Click image for larger version

    I get the impression Microsoft don't like people blocking outbound connections due to the headaches it can cause and so personally I think that's why Windows Firewall isn't user friendly. For example, although I agree with Microsoft's logic in not having intrusive firewall popups (like you get third-party firewalls), they go too far the other way whereby they make it incredibly difficult to enabling blocked connection logging (so you can see what's actually being blocked). I can't see how anyone could use Windows Firewall for outbound filtering without this, yet Microsoft make it really, really difficult! You can find instructions on how to enable blocked connection logging from one of my other posts HERE .

    If you want an idea on what Windows processes will likely want outbound connections, you can have a look through the rules in the screenshot below. The user added rules have a '+' in front of them to keep them grouped separately at the top. Windows Firewall on my machine is setup so that it's quite restrictive, inbound is set to 'Block all connections' (not just set to 'block (default)') and all outbound connections that don't match a rule are blocked. And as mentioned above, file and printer sharing is switched off, as I have no use for it. However, all this is more for curiosity than security because once malicious software is given/gained full admin privileges on a machine, it could just bypass the firewall anyway. Although, outbound firewall filtering will help against this type of thing.

    Click image for larger version
      My System SpecsSystem Spec

  3. #3


    Posts : 31
    Windows 8.1 Pro


    Great information..
    Take a look at the screen capture below.. What is all that Windows Media Player stuff that is enabled? I don't want my windows media player communicating with anything other than my screen and my speakers! LOL.. any harm in disabling this garbage?
    Click image for larger version
      My System SpecsSystem Spec

  4. #4


    Posts : 446
    Win 8 64-bit


    Quote Originally Posted by murby View Post
    Take a look at the screen capture below.. What is all that Windows Media Player stuff that is enabled? I don't want my windows media player communicating with anything other than my screen and my speakers! LOL.. any harm in disabling this garbage?
    It's up to you. Looking at your rules, those rules only apply when you're on a private network. For me, I removed the Windows Media Player Network Sharing rules as I have no need for them. I can always add new rules again if and when I need to, but it's not something I'd be likely to ever use. Alternatively, when outbound connections are set to 'outbound connections that don't match a rule are blocked', you can always disable rules, instead of deleting them. If there's no allow rule, it's automatically blocked anyway.

    I did however keep the Windows Media Player TCP and UDP out rules for both 32-bit and-64 bit versions of Windows Media Player, so that Windows Media Player will still be able to get album information from the internet and play content from the internet if need be. Your ones only seem to be set for private network though for some reason (rather than 'all' networks).

    Before making changes to your firewall, I'd right-click on the 'Windows Firewall with Advanced Security on local computer' in the left hand coloumn and select 'Export Policy'. Save it somewhere as a backup, so that you can always re-import it again if need be. There's also an option to 'Restore Default Policy', which although will restore the main rules, I doubt it will restore rules for store apps, etc. as they add their own rules on top of the default rules when they install/update.

    Also, 'Network Discovery' is enabled for both Private and Public networks in your screenshot. ALthough you're on your own LAN connected with cat5, I'd get into the habbit of leaving 'Network Discovery' and 'File Sharing' off for Public Networks, unless there's a particular reason you want it on.

    Network Discovery - Turn On or Off in Windows 8

    Network Location - Set to Private or Public in Windows 8
      My System SpecsSystem Spec

  5. #5


    Posts : 31
    Windows 8.1 Pro


    Quote Originally Posted by ARC1020 View Post

    Also, 'Network Discovery' is enabled for both Private and Public networks in your screenshot. ALthough you're on your own LAN connected with cat5, I'd get into the habbit of leaving 'Network Discovery' and 'File Sharing' off for Public Networks, unless there's a particular reason you want it on.
    Oh.. good point.. My understanding isn't nearly as comprehensive as yours.. Will export the settings and then turn off the media player and public discovery junk.
    See anything else that catches your eye? Maybe I should do another screen shot for you of the rest of the list.
      My System SpecsSystem Spec

Windows Firewall Advanced Settings
Related Threads
How to Change the Text Size of Items in Windows 8 Advanced Appearance Settings This tutorial will show you how to change only the text size for specific items in the Advanced Appearance Settings for your user account in Windows 8. This will include the text size and bold appearance settings...
Router settings? Firewall issue? in Network & Sharing
So I'm having some networking issues and I believe they are probably related. (note: Win 8.1 Pro x64 - brand new format & fresh install from disc, system updates have run their course) A Wifi printer (Canon MG7120)- even though I have definitely connected it through the on-screen display on...
Hey! I was trying to follow this guide Stop/Prevent Windows 7 From Deleting Thumbnail Cache But things went horribly wrong and it ended up like this: 57492 Is there a way I can revert it to default values? I'm really scared! (I'm using Windows 8.1) Needless to say my thumbnails are...
How to Backup and Restore All Windows Firewall Settings Windows Firewall is software that checks information coming from the Internet or a network, and then either blocks it or allows it to pass through to your computer, depending on your firewall settings. This tutorial will show you how...
Windows Firewall Settings in System Security
First off let me say that I'm a complete moron when it comes to firewall settings. I have no idea what I'm doing, haven't a clue about firewall "rules" and basically have to be directed. The only time I really messed with any firewall settings was YEARS ago when I was running the Look-n-Stop...
Hello. I've been wanting to access the Advanced Chipset Settings in Windows 8, but I simply can't find it. I looked online to see where it is, and I learned that it was in the BIOs. However, I couldn't find the BIOs so I searched a bit more and learned that it was replaced by the UEFI thing so I...
I go into sharing center, advanced,etc then I turn on network discovery, click save changes, and I go right back in, and it didn't save? Any ideas what could cause this or how to fix it?
Eight Forums Android App Eight Forums IOS App Follow us on Facebook