Windows firewall

satya - 9/26/2021, 11:08:26 AM

About

How can I protect web servers with windows firewall?

How do I allow traffic only from certain ips?

Example of an inbound rule for port 80?

what is my dhcp ip adress on my pc?

How do I know what ports are open for inbound and outbound?

what are private, public, domain, networks?

satya - 9/26/2021, 11:21:14 AM

How do I get my public ip address?

Go to goole and search for "what is my ip?". Google will show you what your public ip address is.

Note that your ip address may not be static. And the traffic may be going through many routers at your internet service provider. So the ip that it shows in response to "ipconfig" on your command line is not the same that is known to the external world.

Only way to know this is by seeing what the external world sees by accessing an external site like google.

Further as this is dhcp, your ip adress can change often. I am not sure how often or how consistent the isp domain server keeps that ip!

satya - 9/26/2021, 11:26:39 AM

How do I allow traffic http traffic only from certain ip addresses in windows firewall?

How do I allow traffic http traffic only from certain ip addresses in windows firewall?

Search for: How do I allow traffic http traffic only from certain ip addresses in windows firewall?

satya - 9/26/2021, 11:33:19 AM

Here is some discussion on how the rules work at serverfault

Here is some discussion on how the rules work at serverfault

will summarize the results later

satya - 9/26/2021, 11:36:03 AM

Microsoft firewall documentation

Microsoft firewall documentation

Search for: Microsoft firewall documentation

satya - 9/26/2021, 11:36:18 AM

windows firewall with advanced security: ms docs

windows firewall with advanced security: ms docs

satya - 9/26/2021, 11:45:15 AM

what is ipsec? windows

what is ipsec? windows

Search for: what is ipsec? windows

satya - 9/26/2021, 11:45:27 AM

Brief intro to windows ipsec is here

Brief intro to windows ipsec is here

satya - 9/26/2021, 12:14:01 PM

How do you know what ports are open in windows?

How do you know what ports are open in windows?

Search for: How do you know what ports are open in windows?

satya - 9/26/2021, 12:18:31 PM

why is chrome opening so many ports?

why is chrome opening so many ports?

Search for: why is chrome opening so many ports?

satya - 9/26/2021, 2:45:17 PM

Quick thought on that ports

Each web page, which is accessed through port 80 may have links on that page referring to various other websites! each website will be contacted through a local port.

So a browser process may open lots of local ports, but probably, never to listen but to receive data from that port 80.

If there are processes other than the browser opening these sorts of non listen ports, something to look for.

So it becomes more important to know the processes that are opening "listening" ports acting like servers on the windows box. This listening may be from outside traffic or traffic with in the computer or inside a local network.

svchost.exe seem to be one such program that listens to lot of internal traffic to the box. And it opens a number of listening ports. And hopefully none of these ports are exposed to the outside. It will be nice to know the range of these port numbers.

satya - 9/26/2021, 2:45:34 PM

svchost.exe port range in windows

svchost.exe port range in windows

Search for: svchost.exe port range in windows

satya - 9/27/2021, 9:56:50 AM

How Apache inbound rule is setup

Not sure if this is created by tomcat installation. But it is there when I looked.

here are some details of that rule

General tab: (Name: apache, Enabled, Action: allow)

Protocols and ports tab: (tcp, Local port (specific ports, 80), Remote port (all ports))

Scope: local (all ips), remote ips (all ips) [you can put ip restrictions here]

Advanced tab: profile (public), Block edge traversal

Programs and services tab: All programs

Comptuers tab: empty

Users tab: empty

satya - 9/27/2021, 9:57:56 AM

So by default....

All ports are blocked by default including port 80.

This above rule opens up port 80 for all programs for all ips in a public network

satya - 9/27/2021, 9:59:49 AM

For now, while I debug and setup a reverse proxy..

I wanted to allow only a handful of my development ips to allow port 80 connections.

So I have used the scope tab successfully to add the ip addresses that i have gotten from using the "what is my ip" search in google

with no other rule this rule for port 80, that is already setup for apache seem to work for this particular need.

satya - 12/10/2021, 7:09:59 PM

The tab that has the ip scope restrictions

Scope: local (all ips), remote ips (all ips) [you can put ip restrictions here]

satya - 9/10/2022, 2:31:21 PM

windows firewall inbound rule

Show images for: windows firewall inbound rule

satya - 9/10/2022, 2:34:14 PM

MS docs on windows firewall

MS docs on windows firewall

satya - 9/10/2022, 2:38:23 PM

The inbound rule image

satya - 9/10/2022, 2:38:51 PM

See the post where that is taken from: Blocking by incoming port

See the post where that is taken from: Blocking by incoming port

satya - 9/10/2022, 2:40:21 PM

How to get to it

1. Windows Firewall with advanced security

2. Inbound rules

3. Apache (if one is setup)