reerden

Some network discovery ports not filtered by default on public networks

Recommended Posts

I noticed that in the global packet rules, certain ports (1900 UDP, 3702 UDP, 5355 UDP, 5357 TCP, 5358 UDP) used by network discovery and file sharing aren't filtered by default. Windows Firewall does filter these ports when network discovery and file sharing is disabled.

 

Shouldn't these ports be added to the default "Windows Services" rule in the firewall?

Share this post


Link to post
Share on other sites

Those ports are blocked under certain network configurations. If you're on a private network at home or in an office, then usually there's a router or some sort of hardware firewall preventing incoming traffic on those ports. If not, then you should configure your network as a Public network, and then the firewall will block more ports (such as Windows networking ports).

Share this post


Link to post
Share on other sites

Those ports are blocked under certain network configurations. If you're on a private network at home or in an office, then usually there's a router or some sort of hardware firewall preventing incoming traffic on those ports. If not, then you should configure your network as a Public network, and then the firewall will block more ports (such as Windows networking ports).

 

So if I understand correctly, the firewall applies certain hidden rules that aren't shown in the Global rules when the network is configured as a public network?

Share this post


Link to post
Share on other sites

I just double-checked, and there are no rules to block these ports. The uPNP port might not be a good one to block by default, however some of the others looks like they probably should be blocked. I will ask our developers about this.

  • Upvote 1

Share this post


Link to post
Share on other sites

The uPNP port might not be a good one to block by default

 

Why not? If EIS's goal is to make the PC invisible on public networks, it might be good to block outgoing SSDP/UPnP ports. As far as I know, Windows firewall completely stops outgoing SSDP when set to the public profile. 

Share this post


Link to post
Share on other sites

In the case of users who want uPNP blocked and understand what it means to do so, it shouldn't be a problem (I disable uPNP in my router). For the average user, they will not understand why certain things suddenly stop working.

Also, I'm pretty sure that if you run a port scan on a computer protected by EIS that is configured for a Public network, you won't see a bunch of open ports. Users usually report it when ports start showing as anything other than "stealthed" when they run port scans.

  • Upvote 1

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.