well, i'm not sure how exactly the windows firewall is interpreting "local" and "remote", but it probably is connecting *to* the webservice on port 443 (https) from a dynamic random source port. if you're blocking *outgoing* traffic the source ip and port should be on your side, *incoming* would be other way around. at least that's how i would configure it.
i tried to capture https traffic with Fiddler2 (which can install its own root certificate) but couldn't find any traffic to that ip, too. i tried Win8.1 and also Win8 with Office 2013.
You really need to block the OUT going port as thats the only one you really know, as Inge001 says to can be redirected at the destination. Also in Inge001's code: name="Key Management Services" needs to be the actual name of your kms exe or service. As that's the program your trying to block from reaching MS. Personally, I have my KMS server on a static IP and that IP is blocked from the Net via my router and its DNS set to itself.
Thanks Inge, I had also found some interesting stuff... For example, i turned off every Microsoft stuff or sharing information, SmartScreen, windows defender, etc... When you download something from internet or copy something for the 1st time to your machine... 50% chances are that the firewall ip logs an outgoing connection to a Micro$oft IP. Very Creepy stuff.
I cannot confirm this. Traffic to 65.52.98.231:443 only occurs when activating with a retail key. Please check, if you still have an Office 2013 retail key installed. With Office you can have a KMS key and a retail key. With Windows you cannot. Code: C:\nttools\4nt>ospp /dstatus ---Processing-------------------------- --------------------------------------- [ stuff deleted ] --------------------------------------- SKU ID: 41499869-4103-4d3b-9da6-d07df41b6e39 LICENSE NAME: Office 15, OfficeProPlusMSDNR_Retail edition LICENSE DESCRIPTION: Office 15, RETAIL channel BETA EXPIRATION: 01.01.1601 LICENSE STATUS: ---LICENSED--- Last 5 characters of installed product key: **** --------------------------------------- [ stuff deleted ] --------------------------------------- ---Exiting----------------------------- If (and only if) you have retail key installed and you (or any activation software) issues ospp /act, you'll get traffic to co2.sls.microsoft.com (65.52.98.231).
Well, try blocking *local* port 80 with *remote IP* 46.165.225.230 on *outgoing* connection then. You'll still be able to open this forum. Now try the same with *remote* port 80. You won't be able to access this forum anymore. Because it's the *remote port* you connect to, just like it's the remote port 443 it was connecting to when accessing MS server. Sorry for trying to be a smartass here
Don't be sorry mate, its the way of the world. Some asses are smart and some are dumb. So if I block iexplore.exe on local port 80, all it would do is stop me from accessing my own web server ? (I can't check, i'm using an Android tablet at the moment)
No. Every network connection has to be established between 2 ports, one port on each side. For every new connection iexplore.exe opens up a new random local (source) port from which it connects to the remote (destination) port. Typically those local ports are somewhere around 40000~55000 so blocking an outgoing source port 80 would probably do nothing at all So you have to distinguish between outbound and inbound firewall rules. Outbound (outgoing) connections: - source IP: your network IP (127.0.0.1 for local connections or just 0.0.0.0 for every IP your PC listens on) - source port: the port your program opens up to start a connection. - destination IP: the remote ip your connection is going to - destination port: the port of your remote ip you're connecting to Inbound (incoming) connections: Exactly the other way around as you're receiving packets, so it's: - source IP: the remote ip you're receiving packets from - source port: the port of the remote ip you're receiving packets from - destination IP: your network IP (127.0.0.1 for local connections or just 0.0.0.0 for every IP your PC listens on) - destination port: the port of your service/program the remote pc is connecting to Btw: Windows firewall doesn't say source and destination, but just local and remote... so "local port" is always the port on your IP then. Hope that clears it up a bit and doesn't achieve complete confusion now
Hey MDL Gurus... Is this cmd necessary then? I'm slightly confused by the thread conversation, BUT that always happens.. Lol Code: netsh advfirewall firewall add rule name="Key Management Services" protocol=any dir=out remoteip=65.52.98.231 action=block For this: [win81 pro-wmc x64 w/AutoKMS_VL_ALL] Thanks After all... M$=NSA
is these commands necessary? in what circustances? even if using TAP or WinDivert for activation (Win8.1 and Office2013)? Code: netsh advfirewall firewall add rule name="Key Management Services" protocol=any dir=out remoteip=65.52.98.231 action=block netsh advfirewall firewall add rule name="Key Management Services" protocol=any dir=out remoteip=65.52.98.232 action=block netsh advfirewall firewall add rule name="Key Management Services" protocol=any dir=out remoteip=65.52.98.233 action=block and how i make a .bat for it? Thanks
i calculated checksum-8 of the 55 bytes of the MSDM table with not +1 and it came out to 7C so i corrected the the crc bit of the MSDM table (i think it was the fifth pair) i seperatly usued the jar to fix the 1b file after fixing the MSDM table, i will study the link you mentioned thanks.
@Manolo I have tested 2 of the 3 vmwp.exe files you have posted with dell 2.3 slic. Server 2008 R2 works perfectly. Server 2012 R2 I was successfully able to start VM's however could not activate Server 2012 R2. RW-Everything reports "ACPI RSD PTR NOT FOUND"
@Manolo Update to previous post Windows 8.1 (x64) and/or Server 2012 R2 vmwp.exe.dell23_msdm_12r2_6.3.9600.16421 I have confirmed working on a Generation 1 type VM. I can confirm if you are running a Generation 2 type VM it will not activate.
But one would NOT want to run 2012 R2 as generation 1, that is for sure I believe for generation 2 the uefi "bios" is in .efi file sebus