Windows firewall questions

[MrNew]

Hello, i have some questions

Is there any way to prevent changes that any installer or app would do to windows firewall rules? Can those installers be somehow hacked to remove that "permission"?

How can i enable ping or tracert in cmd if i have outbound connection blocked?

I saw some open ports in windows when i run netstat -aon in listening mode from local ips 0.0.0.0 ports - 135/445; 49152-46157 to foreign ip 0.0.0.0 on port 0 is it safe to have listening ports? Is there any way to try close them or they will break something? (Im behind a router)

How can i let chromium connect to internet with outblound connection blocked by default? i tried adding both inbound and outbound rules but i cant access any website. Firefox works fine with just outbound rule, chrome - same.

 

[jcgriff2]

You can try this, although W8 not listed as a supported OS - Diagnose and fix Windows Firewall service problems automatically

Others -
- Windows Firewall from start to finish - Windows Help
- Open a port in Windows Firewall - Windows Help
- Windows 8.1 Help
- Allow a program to communicate through Windows Firewall
- Using Windows Firewall
- https://technet.microsoft.com/en-us/network/bb545423.aspx

 

[xilolee]

Hi MrNew! :smile9:

How can i enable ping or tracert in cmd if i have outbound connection blocked?

I tried a bit and reached this point:
- in short: in protocols and ports, select ICMPv4 - Echo request; in programs and services, select apply to services only
- verbosely: in outbound rules, click new rule, select custom, click next, leave selected all programs, click customize..., select apply to services only, click ok, click next, in protocol type select ICMPv4, click customize..., select specific icmp types, tick echo request, click ok, click next, leave the scope section like it is, click next, select allow the connection, click next, select your profile, click next, put the name you prefer, click finish.

Video: View attachment ping.avi.zip

Hope this helps a bit. :wave:

 

[xilolee]

Or launch this from an elevated command prompt (private profile):

netsh advfirewall firewall add rule profile=private dir=out action=allow name=ping service=any protocol=icmpv4:8,any

 

[xilolee]

How can i let chromium connect to internet with outblound connection blocked by default? i tried adding both inbound and outbound rules but i cant access any website. Firefox works fine with just outbound rule, chrome - same.

Taken from https://download-chromium.appspot.com/ ???

Choose the executable, protocol tcp, remote ports 80 and 443.
If you have placed it on your desktop, change its path inside the firewall rule, from %userprofile% to c:\users\your-username (it seems this is a bug in the firewall).