Windows Firewall Configuration - Truly Block EVERYTHING...

Discussion in 'Windows 10' started by CODYQX4, Aug 24, 2015.

Page 6 of 15
  1. Mr.X

    Mr.X MDL Guru

    Jul 14, 2013
    8,575
    15,646
    270
    #101 Mr.X, Aug 28, 2015
    Last edited by a moderator: Apr 20, 2017
    Now struggling to fix Network Discovery and access network shares lol :death:
    I want to rule out everything except the strictly necessary. I need some help on which rules to add from the this Partial policy.wpw file:
    Code:
    <?xml version="1.0" encoding="utf-8"?>
<!--Source='Windows Firewall Control', Type='Firewall Rules', Date='27/08/2015 10:21:33 a. m.'-->
<Rules>
  <Rule Name="Network Discovery (SSDP-In)" Group="Network Discovery" Program="C:\Windows\system32\svchost.exe" Description="Inbound rule for Network Discovery to allow use of the Simple Service Discovery Protocol. [UDP 1900]" Location="4" Enabled="Yes" Action="Allow" Direction="In" LocalAddresses="" LocalPorts="1900" RemoteAddresses="LocalSubnet" RemotePorts="" Protocol="17" ServiceName="Ssdpsrv" EdgeTraversal="0" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="Network Discovery (SSDP-Out)" Group="Network Discovery" Program="C:\Windows\system32\svchost.exe" Description="Outbound rule for Network Discovery to allow use of the Simple Service Discovery Protocol. [UDP 1900]" Location="4" Enabled="Yes" Action="Allow" Direction="Out" LocalAddresses="" LocalPorts="" RemoteAddresses="LocalSubnet" RemotePorts="1900" Protocol="17" ServiceName="Ssdpsrv" EdgeTraversal="" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="Network Discovery (UPnPHost-Out)" Group="Network Discovery" Program="C:\Windows\system32\svchost.exe" Description="Outbound rule for Network Discovery to allow use of Universal Plug and Play. [TCP]" Location="4" Enabled="Yes" Action="Allow" Direction="Out" LocalAddresses="" LocalPorts="" RemoteAddresses="LocalSubnet" RemotePorts="2869" Protocol="6" ServiceName="upnphost" EdgeTraversal="" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="Network Discovery (WSD-In)" Group="Network Discovery" Program="C:\Windows\system32\svchost.exe" Description="Inbound rule for Network Discovery to discover devices via Function Discovery. [UDP 3702]" Location="4" Enabled="Yes" Action="Allow" Direction="In" LocalAddresses="" LocalPorts="3702" RemoteAddresses="LocalSubnet" RemotePorts="" Protocol="17" ServiceName="fdphost" EdgeTraversal="0" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="Network Discovery (WSD-In)" Group="Network Discovery" Program="C:\Windows\system32\dashost.exe" Description="Inbound rule for Network Discovery to discover devices via Device Association Framework. [UDP 3702]" Location="4" Enabled="Yes" Action="Allow" Direction="In" LocalAddresses="" LocalPorts="3702" RemoteAddresses="LocalSubnet" RemotePorts="" Protocol="17" ServiceName="" EdgeTraversal="0" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="Network Discovery (WSD-Out)" Group="Network Discovery" Program="C:\Windows\system32\svchost.exe" Description="Outbound rule for Network Discovery to discover devices via Function Discovery. [UDP 3702]" Location="4" Enabled="Yes" Action="Allow" Direction="Out" LocalAddresses="" LocalPorts="" RemoteAddresses="LocalSubnet" RemotePorts="3702" Protocol="17" ServiceName="fdphost" EdgeTraversal="" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="Network Discovery (LLMNR-UDP-In)" Group="Network Discovery" Program="C:\Windows\system32\svchost.exe" Description="Inbound rule for Network Discovery to allow Link Local Multicast Name Resolution. [UDP 5355]" Location="4" Enabled="Yes" Action="Allow" Direction="In" LocalAddresses="" LocalPorts="5355" RemoteAddresses="LocalSubnet" RemotePorts="" Protocol="17" ServiceName="dnscache" EdgeTraversal="0" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="Network Discovery (LLMNR-UDP-Out)" Group="Network Discovery" Program="C:\Windows\system32\svchost.exe" Description="Outbound rule for Network Discovery to allow Link Local Multicast Name Resolution. [UDP 5355]" Location="4" Enabled="Yes" Action="Allow" Direction="Out" LocalAddresses="" LocalPorts="" RemoteAddresses="LocalSubnet" RemotePorts="5355" Protocol="17" ServiceName="dnscache" EdgeTraversal="" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="Network Discovery (Pub-WSD-In)" Group="Network Discovery" Program="C:\Windows\system32\svchost.exe" Description="Inbound rule for Network Discovery to discover devices via Function Discovery. [UDP 3702]" Location="4" Enabled="Yes" Action="Allow" Direction="In" LocalAddresses="" LocalPorts="3702" RemoteAddresses="LocalSubnet" RemotePorts="" Protocol="17" ServiceName="fdrespub" EdgeTraversal="0" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="Network Discovery (Pub WSD-Out)" Group="Network Discovery" Program="C:\Windows\system32\svchost.exe" Description="Outbound rule for Network Discovery to discover devices via Function Discovery. [UDP 3702]" Location="4" Enabled="Yes" Action="Allow" Direction="Out" LocalAddresses="" LocalPorts="" RemoteAddresses="LocalSubnet" RemotePorts="3702" Protocol="17" ServiceName="fdrespub" EdgeTraversal="" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="File and Printer Sharing (NB-Session-In)" Group="File and Printer Sharing" Program="System" Description="Inbound rule for File and Printer Sharing to allow NetBIOS Session Service connections. [TCP 139]" Location="2" Enabled="Yes" Action="Allow" Direction="In" LocalAddresses="" LocalPorts="139" RemoteAddresses="LocalSubnet" RemotePorts="" Protocol="6" ServiceName="" EdgeTraversal="0" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="File and Printer Sharing (NB-Session-Out)" Group="File and Printer Sharing" Program="System" Description="Outbound rule for File and Printer Sharing to allow NetBIOS Session Service connections. [TCP 139]" Location="2" Enabled="Yes" Action="Allow" Direction="Out" LocalAddresses="" LocalPorts="" RemoteAddresses="LocalSubnet" RemotePorts="139" Protocol="6" ServiceName="" EdgeTraversal="" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="File and Printer Sharing (SMB-In)" Group="File and Printer Sharing" Program="System" Description="Inbound rule for File and Printer Sharing to allow Server Message Block transmission and reception via Named Pipes. [TCP 445]" Location="2" Enabled="Yes" Action="Allow" Direction="In" LocalAddresses="" LocalPorts="445" RemoteAddresses="LocalSubnet" RemotePorts="" Protocol="6" ServiceName="" EdgeTraversal="0" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="File and Printer Sharing (SMB-Out)" Group="File and Printer Sharing" Program="System" Description="Outbound rule for File and Printer Sharing to allow Server Message Block transmission and reception via Named Pipes. [TCP 445]" Location="2" Enabled="Yes" Action="Allow" Direction="Out" LocalAddresses="" LocalPorts="" RemoteAddresses="LocalSubnet" RemotePorts="445" Protocol="6" ServiceName="" EdgeTraversal="" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="File and Printer Sharing (NB-Name-In)" Group="File and Printer Sharing" Program="System" Description="Inbound rule for File and Printer Sharing to allow NetBIOS Name Resolution. [UDP 137]" Location="2" Enabled="Yes" Action="Allow" Direction="In" LocalAddresses="" LocalPorts="137" RemoteAddresses="LocalSubnet" RemotePorts="" Protocol="17" ServiceName="" EdgeTraversal="0" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="File and Printer Sharing (NB-Name-Out)" Group="File and Printer Sharing" Program="System" Description="Outbound rule for File and Printer Sharing to allow NetBIOS Name Resolution. [UDP 137]" Location="2" Enabled="Yes" Action="Allow" Direction="Out" LocalAddresses="" LocalPorts="" RemoteAddresses="LocalSubnet" RemotePorts="137" Protocol="17" ServiceName="" EdgeTraversal="" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="File and Printer Sharing (NB-Datagram-In)" Group="File and Printer Sharing" Program="System" Description="Inbound rule for File and Printer Sharing to allow NetBIOS Datagram transmission and reception. [UDP 138]" Location="2" Enabled="Yes" Action="Allow" Direction="In" LocalAddresses="" LocalPorts="138" RemoteAddresses="LocalSubnet" RemotePorts="" Protocol="17" ServiceName="" EdgeTraversal="0" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="File and Printer Sharing (NB-Datagram-Out)" Group="File and Printer Sharing" Program="System" Description="Outbound rule for File and Printer Sharing to allow NetBIOS Datagram transmission and reception. [UDP 138]" Location="2" Enabled="Yes" Action="Allow" Direction="Out" LocalAddresses="" LocalPorts="" RemoteAddresses="LocalSubnet" RemotePorts="138" Protocol="17" ServiceName="" EdgeTraversal="" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="File and Printer Sharing (Spooler Service - RPC)" Group="File and Printer Sharing" Program="C:\Windows\system32\spoolsv.exe" Description="Inbound rule for File and Printer Sharing to allow the Print Spooler Service to communicate via TCP/RPC." Location="2" Enabled="Yes" Action="Allow" Direction="In" LocalAddresses="" LocalPorts="RPC" RemoteAddresses="LocalSubnet" RemotePorts="" Protocol="6" ServiceName="Spooler" EdgeTraversal="0" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="File and Printer Sharing (Spooler Service - RPC-EPMAP)" Group="File and Printer Sharing" Program="" Description="Inbound rule for the RPCSS service to allow RPC/TCP traffic for the Spooler Service." Location="2" Enabled="Yes" Action="Allow" Direction="In" LocalAddresses="" LocalPorts="RPC-EPMap" RemoteAddresses="LocalSubnet" RemotePorts="" Protocol="6" ServiceName="Rpcss" EdgeTraversal="0" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="File and Printer Sharing (Echo Request - ICMPv4-In)" Group="File and Printer Sharing" Program="" Description="Echo Request messages are sent as ping requests to other nodes." Location="2" Enabled="Yes" Action="Allow" Direction="In" LocalAddresses="" LocalPorts="" RemoteAddresses="LocalSubnet" RemotePorts="" Protocol="1" ServiceName="" EdgeTraversal="0" Icmp="8:*" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="File and Printer Sharing (Echo Request - ICMPv4-Out)" Group="File and Printer Sharing" Program="" Description="Echo Request messages are sent as ping requests to other nodes." Location="2" Enabled="Yes" Action="Allow" Direction="Out" LocalAddresses="" LocalPorts="" RemoteAddresses="LocalSubnet" RemotePorts="" Protocol="1" ServiceName="" EdgeTraversal="" Icmp="8:*" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="File and Printer Sharing (Echo Request - ICMPv6-In)" Group="File and Printer Sharing" Program="" Description="Echo Request messages are sent as ping requests to other nodes." Location="2" Enabled="Yes" Action="Allow" Direction="In" LocalAddresses="" LocalPorts="" RemoteAddresses="LocalSubnet" RemotePorts="" Protocol="58" ServiceName="" EdgeTraversal="0" Icmp="128:*" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="File and Printer Sharing (Echo Request - ICMPv6-Out)" Group="File and Printer Sharing" Program="" Description="Echo Request messages are sent as ping requests to other nodes." Location="2" Enabled="Yes" Action="Allow" Direction="Out" LocalAddresses="" LocalPorts="" RemoteAddresses="LocalSubnet" RemotePorts="" Protocol="58" ServiceName="" EdgeTraversal="" Icmp="128:*" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="File and Printer Sharing (LLMNR-UDP-In)" Group="File and Printer Sharing" Program="C:\Windows\system32\svchost.exe" Description="Inbound rule for File and Printer Sharing to allow Link Local Multicast Name Resolution. [UDP 5355]" Location="2" Enabled="Yes" Action="Allow" Direction="In" LocalAddresses="" LocalPorts="5355" RemoteAddresses="LocalSubnet" RemotePorts="" Protocol="17" ServiceName="dnscache" EdgeTraversal="0" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="File and Printer Sharing (LLMNR-UDP-Out)" Group="File and Printer Sharing" Program="C:\Windows\system32\svchost.exe" Description="Outbound rule for File and Printer Sharing to allow Link Local Multicast Name Resolution. [UDP 5355]" Location="2" Enabled="Yes" Action="Allow" Direction="Out" LocalAddresses="" LocalPorts="" RemoteAddresses="LocalSubnet" RemotePorts="5355" Protocol="17" ServiceName="dnscache" EdgeTraversal="" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="Wi-Fi Direct Scan Service Use (Out)" Group="Wi-Fi Direct Network Discovery" Program="C:\Windows\system32\svchost.exe" Description="Outbound rule to use WSD scanners on Wi-Fi Direct networks." Location="4" Enabled="Yes" Action="Allow" Direction="Out" LocalAddresses="" LocalPorts="" RemoteAddresses="" RemotePorts="" Protocol="256" ServiceName="stisvc" EdgeTraversal="" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="Wi-Fi Direct Scan Service Use (In)" Group="Wi-Fi Direct Network Discovery" Program="C:\Windows\system32\svchost.exe" Description="Inbound rule to use WSD scanners on Wi-Fi Direct networks." Location="4" Enabled="Yes" Action="Allow" Direction="In" LocalAddresses="" LocalPorts="" RemoteAddresses="" RemotePorts="" Protocol="256" ServiceName="stisvc" EdgeTraversal="0" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="Wi-Fi Direct Spooler Use (In)" Group="Wi-Fi Direct Network Discovery" Program="C:\Windows\system32\spoolsv.exe" Description="Inbound rule to use WSD printers on Wi-Fi Direct networks." Location="4" Enabled="Yes" Action="Allow" Direction="In" LocalAddresses="" LocalPorts="" RemoteAddresses="" RemotePorts="" Protocol="256" ServiceName="Spooler" EdgeTraversal="0" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="Wi-Fi Direct Spooler Use (Out)" Group="Wi-Fi Direct Network Discovery" Program="C:\Windows\system32\spoolsv.exe" Description="Outbound rule to use WSD printers on Wi-Fi Direct networks." Location="4" Enabled="Yes" Action="Allow" Direction="Out" LocalAddresses="" LocalPorts="" RemoteAddresses="" RemotePorts="" Protocol="256" ServiceName="Spooler" EdgeTraversal="" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="Wi-Fi Direct Network Discovery (Out)" Group="Wi-Fi Direct Network Discovery" Program="C:\Windows\system32\dashost.exe" Description="Outbound rule to discover WSD devices on Wi-Fi Direct networks." Location="4" Enabled="Yes" Action="Allow" Direction="Out" LocalAddresses="" LocalPorts="" RemoteAddresses="" RemotePorts="" Protocol="256" ServiceName="" EdgeTraversal="" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="O:LSD:(A;;CC;;;S-1-5-92-3339056971-1291069075-3798698925-2882100687-0)" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="Wi-Fi Direct Network Discovery (In)" Group="Wi-Fi Direct Network Discovery" Program="C:\Windows\system32\dashost.exe" Description="Inbound rule to discover WSD devices on Wi-Fi Direct networks." Location="4" Enabled="Yes" Action="Allow" Direction="In" LocalAddresses="" LocalPorts="" RemoteAddresses="" RemotePorts="" Protocol="256" ServiceName="" EdgeTraversal="0" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="O:LSD:(A;;CC;;;S-1-5-92-3339056971-1291069075-3798698925-2882100687-0)" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="Play To functionality (qWave-TCP-Out)" Group="Play To functionality" Program="C:\Windows\system32\svchost.exe" Description="Outbound rule for the Play To functionality to allow use of the Quality Windows Audio Video Experience Service. [TCP 2177]" Location="6" Enabled="Yes" Action="Allow" Direction="Out" LocalAddresses="" LocalPorts="" RemoteAddresses="" RemotePorts="2177" Protocol="6" ServiceName="Qwave" EdgeTraversal="" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="Play To functionality (qWave-TCP-In)" Group="Play To functionality" Program="C:\Windows\system32\svchost.exe" Description="Inbound rule for the Play To functionality to allow use of the Quality Windows Audio Video Experience Service. [TCP 2177]" Location="6" Enabled="Yes" Action="Allow" Direction="In" LocalAddresses="" LocalPorts="2177" RemoteAddresses="" RemotePorts="" Protocol="6" ServiceName="Qwave" EdgeTraversal="0" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="Play To functionality (qWave-UDP-Out)" Group="Play To functionality" Program="C:\Windows\system32\svchost.exe" Description="Outbound rule for the Play To functionality to allow use of the Quality Windows Audio Video Experience Service. [UDP 2177]" Location="6" Enabled="Yes" Action="Allow" Direction="Out" LocalAddresses="" LocalPorts="" RemoteAddresses="" RemotePorts="2177" Protocol="17" ServiceName="Qwave" EdgeTraversal="" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="Play To functionality (qWave-UDP-In)" Group="Play To functionality" Program="C:\Windows\system32\svchost.exe" Description="Inbound rule for the Play To functionality to allow use of the Quality Windows Audio Video Experience Service. [UDP 2177]" Location="6" Enabled="Yes" Action="Allow" Direction="In" LocalAddresses="" LocalPorts="2177" RemoteAddresses="" RemotePorts="" Protocol="17" ServiceName="Qwave" EdgeTraversal="0" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="Play To UPnP Events (TCP-In)" Group="Play To functionality" Program="System" Description="Inbound rule to allow receiving UPnP Events from Play To devices" Location="4" Enabled="Yes" Action="Allow" Direction="In" LocalAddresses="" LocalPorts="2869" RemoteAddresses="" RemotePorts="" Protocol="6" ServiceName="" EdgeTraversal="0" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="Play To SSDP Discovery (UDP-In)" Group="Play To functionality" Program="C:\Windows\system32\svchost.exe" Description="Inbound rule to allow discovery of Play To devices using SSDP" Location="4" Enabled="Yes" Action="Allow" Direction="In" LocalAddresses="" LocalPorts="Ply2Disc" RemoteAddresses="" RemotePorts="" Protocol="17" ServiceName="ssdpsrv" EdgeTraversal="0" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="Play To streaming server (RTSP-Streaming-In)" Group="Play To functionality" Program="C:\Windows\system32\mdeserver.exe" Description="Inbound rule for the Play To server to allow streaming using RTSP and RTP. [TCP 23554, 23555, 23556]" Location="4" Enabled="Yes" Action="Allow" Direction="In" LocalAddresses="" LocalPorts="23554,23555,23556" RemoteAddresses="" RemotePorts="" Protocol="6" ServiceName="" EdgeTraversal="0" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="Play To streaming server (RTSP-Streaming-In)" Group="Play To functionality" Program="C:\Windows\system32\mdeserver.exe" Description="Inbound rule for the Play To server to allow streaming using RTSP and RTP. [TCP 23554, 23555, 23556]" Location="2" Enabled="Yes" Action="Allow" Direction="In" LocalAddresses="" LocalPorts="23554,23555,23556" RemoteAddresses="LocalSubnet" RemotePorts="" Protocol="6" ServiceName="" EdgeTraversal="0" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="Play To streaming server (RTSP-Streaming-In)" Group="Play To functionality" Program="C:\Windows\system32\mdeserver.exe" Description="Inbound rule for the Play To server to allow streaming using RTSP and RTP. [TCP 23554, 23555, 23556]" Location="1" Enabled="Yes" Action="Allow" Direction="In" LocalAddresses="" LocalPorts="23554,23555,23556" RemoteAddresses="" RemotePorts="" Protocol="6" ServiceName="" EdgeTraversal="0" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="Play To streaming server (RTP-Streaming-Out)" Group="Play To functionality" Program="C:\Windows\system32\mdeserver.exe" Description="Outbound rule for the Play To server to allow streaming using RTSP and RTP. [UDP]" Location="4" Enabled="Yes" Action="Allow" Direction="Out" LocalAddresses="" LocalPorts="" RemoteAddresses="" RemotePorts="" Protocol="17" ServiceName="" EdgeTraversal="" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="Play To streaming server (RTP-Streaming-Out)" Group="Play To functionality" Program="C:\Windows\system32\mdeserver.exe" Description="Outbound rule for the Play To server to allow streaming using RTSP and RTP. [UDP]" Location="2" Enabled="Yes" Action="Allow" Direction="Out" LocalAddresses="" LocalPorts="" RemoteAddresses="LocalSubnet" RemotePorts="" Protocol="17" ServiceName="" EdgeTraversal="" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="Play To streaming server (RTP-Streaming-Out)" Group="Play To functionality" Program="C:\Windows\system32\mdeserver.exe" Description="Outbound rule for the Play To server to allow streaming using RTSP and RTP. [UDP]" Location="1" Enabled="Yes" Action="Allow" Direction="Out" LocalAddresses="" LocalPorts="" RemoteAddresses="" RemotePorts="" Protocol="17" ServiceName="" EdgeTraversal="" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="Play To streaming server (RTCP-Streaming-In)" Group="Play To functionality" Program="C:\Windows\system32\mdeserver.exe" Description="Inbound rule for the Play To server to allow streaming using RTSP and RTP. [UDP]" Location="4" Enabled="Yes" Action="Allow" Direction="In" LocalAddresses="" LocalPorts="" RemoteAddresses="" RemotePorts="" Protocol="17" ServiceName="" EdgeTraversal="0" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="Play To streaming server (RTCP-Streaming-In)" Group="Play To functionality" Program="C:\Windows\system32\mdeserver.exe" Description="Inbound rule for the Play To server to allow streaming using RTSP and RTP. [UDP]" Location="2" Enabled="Yes" Action="Allow" Direction="In" LocalAddresses="" LocalPorts="" RemoteAddresses="LocalSubnet" RemotePorts="" Protocol="17" ServiceName="" EdgeTraversal="0" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="Play To streaming server (RTCP-Streaming-In)" Group="Play To functionality" Program="C:\Windows\system32\mdeserver.exe" Description="Inbound rule for the Play To server to allow streaming using RTSP and RTP. [UDP]" Location="1" Enabled="Yes" Action="Allow" Direction="In" LocalAddresses="" LocalPorts="" RemoteAddresses="" RemotePorts="" Protocol="17" ServiceName="" EdgeTraversal="0" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="Play To streaming server (HTTP-Streaming-In)" Group="Play To functionality" Program="System" Description="Inbound rule for the Play To server to allow streaming using HTTP. [TCP 10246]" Location="4" Enabled="Yes" Action="Allow" Direction="In" LocalAddresses="" LocalPorts="10246" RemoteAddresses="" RemotePorts="" Protocol="6" ServiceName="" EdgeTraversal="0" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="Play To streaming server (HTTP-Streaming-In)" Group="Play To functionality" Program="System" Description="Inbound rule for the Play To server to allow streaming using HTTP. [TCP 10246]" Location="2" Enabled="Yes" Action="Allow" Direction="In" LocalAddresses="" LocalPorts="10246" RemoteAddresses="LocalSubnet" RemotePorts="" Protocol="6" ServiceName="" EdgeTraversal="0" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="Play To streaming server (HTTP-Streaming-In)" Group="Play To functionality" Program="System" Description="Inbound rule for the Play To server to allow streaming using HTTP. [TCP 10246]" Location="1" Enabled="Yes" Action="Allow" Direction="In" LocalAddresses="" LocalPorts="10246" RemoteAddresses="" RemotePorts="" Protocol="6" ServiceName="" EdgeTraversal="0" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="Wireless Display (UDP-Out)" Group="Wireless Display" Program="C:\Windows\system32\WUDFHost.exe" Description="Outbound rule for Wireless Display [UDP]" Location="6" Enabled="Yes" Action="Allow" Direction="Out" LocalAddresses="" LocalPorts="" RemoteAddresses="" RemotePorts="" Protocol="17" ServiceName="" EdgeTraversal="" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="Wireless Display (TCP-Out)" Group="Wireless Display" Program="C:\Windows\system32\WUDFHost.exe" Description="Outbound rule for Wireless Display [TCP]" Location="6" Enabled="Yes" Action="Allow" Direction="Out" LocalAddresses="" LocalPorts="" RemoteAddresses="" RemotePorts="" Protocol="6" ServiceName="" EdgeTraversal="" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="Wireless Display (TCP-In)" Group="Wireless Display" Program="C:\Windows\system32\WUDFHost.exe" Description="Inbound rule for Wireless Display [TCP]" Location="6" Enabled="Yes" Action="Allow" Direction="In" LocalAddresses="" LocalPorts="" RemoteAddresses="" RemotePorts="" Protocol="6" ServiceName="" EdgeTraversal="0" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="Network Discovery (WSD Events-Out)" Group="Network Discovery" Program="C:\Windows\system32\svchost.exe" Description="Outbound rule for Network Discovery to allow WSDAPI Events via Function Discovery. [TCP 5357]" Location="4" Enabled="Yes" Action="Allow" Direction="Out" LocalAddresses="" LocalPorts="" RemoteAddresses="LocalSubnet" RemotePorts="5357" Protocol="6" ServiceName="fdphost" EdgeTraversal="" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="Network Discovery (WSD Events-In)" Group="Network Discovery" Program="System" Description="Inbound rule for Network Discovery to allow WSDAPI Events via Function Discovery. [TCP 5357]" Location="4" Enabled="Yes" Action="Allow" Direction="In" LocalAddresses="" LocalPorts="5357" RemoteAddresses="LocalSubnet" RemotePorts="" Protocol="6" ServiceName="" EdgeTraversal="0" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="Network Discovery (WSD EventsSecure-Out)" Group="Network Discovery" Program="C:\Windows\system32\svchost.exe" Description="Outbound rule for Network Discovery to allow Secure WSDAPI Events via Function Discovery. [TCP 5358]" Location="4" Enabled="Yes" Action="Allow" Direction="Out" LocalAddresses="" LocalPorts="" RemoteAddresses="LocalSubnet" RemotePorts="5358" Protocol="6" ServiceName="fdphost" EdgeTraversal="" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="Network Discovery (WSD EventsSecure-In)" Group="Network Discovery" Program="System" Description="Inbound rule for Network Discovery to allow Secure WSDAPI Events via Function Discovery. [TCP 5358]" Location="4" Enabled="Yes" Action="Allow" Direction="In" LocalAddresses="" LocalPorts="5358" RemoteAddresses="LocalSubnet" RemotePorts="" Protocol="6" ServiceName="" EdgeTraversal="0" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="Network Discovery (NB-Datagram-Out)" Group="Network Discovery" Program="System" Description="Outbound rule for Network Discovery to allow NetBIOS Datagram transmission and reception. [UDP 138]" Location="4" Enabled="Yes" Action="Allow" Direction="Out" LocalAddresses="" LocalPorts="" RemoteAddresses="LocalSubnet" RemotePorts="138" Protocol="17" ServiceName="" EdgeTraversal="" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="Network Discovery (NB-Datagram-In)" Group="Network Discovery" Program="System" Description="Inbound rule for Network Discovery to allow NetBIOS Datagram transmission and reception. [UDP 138]" Location="4" Enabled="Yes" Action="Allow" Direction="In" LocalAddresses="" LocalPorts="138" RemoteAddresses="LocalSubnet" RemotePorts="" Protocol="17" ServiceName="" EdgeTraversal="0" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="Network Discovery (NB-Name-Out)" Group="Network Discovery" Program="System" Description="Outbound rule for Network Discovery to allow NetBIOS Name Resolution. [UDP 137]" Location="4" Enabled="Yes" Action="Allow" Direction="Out" LocalAddresses="" LocalPorts="" RemoteAddresses="LocalSubnet" RemotePorts="137" Protocol="17" ServiceName="" EdgeTraversal="" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="Network Discovery (NB-Name-In)" Group="Network Discovery" Program="System" Description="Inbound rule for Network Discovery to allow NetBIOS Name Resolution. [UDP 137]" Location="4" Enabled="Yes" Action="Allow" Direction="In" LocalAddresses="" LocalPorts="137" RemoteAddresses="LocalSubnet" RemotePorts="" Protocol="17" ServiceName="" EdgeTraversal="0" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="Network Discovery (UPnP-Out)" Group="Network Discovery" Program="C:\Windows\system32\svchost.exe" Description="Outbound rule for Network Discovery to allow use of Universal Plug and Play. [TCP]" Location="4" Enabled="Yes" Action="Allow" Direction="Out" LocalAddresses="" LocalPorts="" RemoteAddresses="LocalSubnet" RemotePorts="2869" Protocol="6" ServiceName="fdphost" EdgeTraversal="" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="Network Discovery (UPnP-In)" Group="Network Discovery" Program="System" Description="Inbound rule for Network Discovery to allow use of Universal Plug and Play. [TCP 2869]" Location="4" Enabled="Yes" Action="Allow" Direction="In" LocalAddresses="" LocalPorts="2869" RemoteAddresses="LocalSubnet" RemotePorts="" Protocol="6" ServiceName="" EdgeTraversal="0" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="Network Discovery (WSD Events-Out)" Group="Network Discovery" Program="C:\Windows\system32\svchost.exe" Description="Outbound rule for Network Discovery to allow WSDAPI Events via Function Discovery. [TCP 5357]" Location="2" Enabled="Yes" Action="Allow" Direction="Out" LocalAddresses="" LocalPorts="" RemoteAddresses="LocalSubnet" RemotePorts="5357" Protocol="6" ServiceName="fdphost" EdgeTraversal="" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="Network Discovery (WSD Events-In)" Group="Network Discovery" Program="System" Description="Inbound rule for Network Discovery to allow WSDAPI Events via Function Discovery. [TCP 5357]" Location="2" Enabled="Yes" Action="Allow" Direction="In" LocalAddresses="" LocalPorts="5357" RemoteAddresses="LocalSubnet" RemotePorts="" Protocol="6" ServiceName="" EdgeTraversal="0" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="Network Discovery (WSD EventsSecure-Out)" Group="Network Discovery" Program="C:\Windows\system32\svchost.exe" Description="Outbound rule for Network Discovery to allow Secure WSDAPI Events via Function Discovery. [TCP 5358]" Location="2" Enabled="Yes" Action="Allow" Direction="Out" LocalAddresses="" LocalPorts="" RemoteAddresses="LocalSubnet" RemotePorts="5358" Protocol="6" ServiceName="fdphost" EdgeTraversal="" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="Network Discovery (WSD EventsSecure-In)" Group="Network Discovery" Program="System" Description="Inbound rule for Network Discovery to allow Secure WSDAPI Events via Function Discovery. [TCP 5358]" Location="2" Enabled="Yes" Action="Allow" Direction="In" LocalAddresses="" LocalPorts="5358" RemoteAddresses="LocalSubnet" RemotePorts="" Protocol="6" ServiceName="" EdgeTraversal="0" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="Network Discovery (Pub WSD-Out)" Group="Network Discovery" Program="C:\Windows\system32\svchost.exe" Description="Outbound rule for Network Discovery to discover devices via Function Discovery. [UDP 3702]" Location="2" Enabled="Yes" Action="Allow" Direction="Out" LocalAddresses="" LocalPorts="" RemoteAddresses="LocalSubnet" RemotePorts="3702" Protocol="17" ServiceName="fdrespub" EdgeTraversal="" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="Network Discovery (Pub-WSD-In)" Group="Network Discovery" Program="C:\Windows\system32\svchost.exe" Description="Inbound rule for Network Discovery to discover devices via Function Discovery. [UDP 3702]" Location="2" Enabled="Yes" Action="Allow" Direction="In" LocalAddresses="" LocalPorts="3702" RemoteAddresses="LocalSubnet" RemotePorts="" Protocol="17" ServiceName="fdrespub" EdgeTraversal="0" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="Network Discovery (LLMNR-UDP-Out)" Group="Network Discovery" Program="C:\Windows\system32\svchost.exe" Description="Outbound rule for Network Discovery to allow Link Local Multicast Name Resolution. [UDP 5355]" Location="2" Enabled="Yes" Action="Allow" Direction="Out" LocalAddresses="" LocalPorts="" RemoteAddresses="LocalSubnet" RemotePorts="5355" Protocol="17" ServiceName="dnscache" EdgeTraversal="" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="Network Discovery (LLMNR-UDP-In)" Group="Network Discovery" Program="C:\Windows\system32\svchost.exe" Description="Inbound rule for Network Discovery to allow Link Local Multicast Name Resolution. [UDP 5355]" Location="2" Enabled="Yes" Action="Allow" Direction="In" LocalAddresses="" LocalPorts="5355" RemoteAddresses="LocalSubnet" RemotePorts="" Protocol="17" ServiceName="dnscache" EdgeTraversal="0" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="Network Discovery (WSD-Out)" Group="Network Discovery" Program="C:\Windows\system32\svchost.exe" Description="Outbound rule for Network Discovery to discover devices via Function Discovery. [UDP 3702]" Location="2" Enabled="Yes" Action="Allow" Direction="Out" LocalAddresses="" LocalPorts="" RemoteAddresses="LocalSubnet" RemotePorts="3702" Protocol="17" ServiceName="fdphost" EdgeTraversal="" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="Network Discovery (WSD-In)" Group="Network Discovery" Program="C:\Windows\system32\dashost.exe" Description="Inbound rule for Network Discovery to discover devices via Device Association Framework. [UDP 3702]" Location="2" Enabled="Yes" Action="Allow" Direction="In" LocalAddresses="" LocalPorts="3702" RemoteAddresses="LocalSubnet" RemotePorts="" Protocol="17" ServiceName="" EdgeTraversal="0" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="Network Discovery (WSD-In)" Group="Network Discovery" Program="C:\Windows\system32\svchost.exe" Description="Inbound rule for Network Discovery to discover devices via Function Discovery. [UDP 3702]" Location="2" Enabled="Yes" Action="Allow" Direction="In" LocalAddresses="" LocalPorts="3702" RemoteAddresses="LocalSubnet" RemotePorts="" Protocol="17" ServiceName="fdphost" EdgeTraversal="0" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="Network Discovery (NB-Datagram-Out)" Group="Network Discovery" Program="System" Description="Outbound rule for Network Discovery to allow NetBIOS Datagram transmission and reception. [UDP 138]" Location="2" Enabled="Yes" Action="Allow" Direction="Out" LocalAddresses="" LocalPorts="" RemoteAddresses="LocalSubnet" RemotePorts="138" Protocol="17" ServiceName="" EdgeTraversal="" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="Network Discovery (NB-Datagram-In)" Group="Network Discovery" Program="System" Description="Inbound rule for Network Discovery to allow NetBIOS Datagram transmission and reception. [UDP 138]" Location="2" Enabled="Yes" Action="Allow" Direction="In" LocalAddresses="" LocalPorts="138" RemoteAddresses="LocalSubnet" RemotePorts="" Protocol="17" ServiceName="" EdgeTraversal="0" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="Network Discovery (NB-Name-Out)" Group="Network Discovery" Program="System" Description="Outbound rule for Network Discovery to allow NetBIOS Name Resolution. [UDP 137]" Location="2" Enabled="Yes" Action="Allow" Direction="Out" LocalAddresses="" LocalPorts="" RemoteAddresses="LocalSubnet" RemotePorts="137" Protocol="17" ServiceName="" EdgeTraversal="" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="Network Discovery (NB-Name-In)" Group="Network Discovery" Program="System" Description="Inbound rule for Network Discovery to allow NetBIOS Name Resolution. [UDP 137]" Location="2" Enabled="Yes" Action="Allow" Direction="In" LocalAddresses="" LocalPorts="137" RemoteAddresses="LocalSubnet" RemotePorts="" Protocol="17" ServiceName="" EdgeTraversal="0" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="Network Discovery (UPnPHost-Out)" Group="Network Discovery" Program="C:\Windows\system32\svchost.exe" Description="Outbound rule for Network Discovery to allow use of Universal Plug and Play. [TCP]" Location="2" Enabled="Yes" Action="Allow" Direction="Out" LocalAddresses="" LocalPorts="" RemoteAddresses="LocalSubnet" RemotePorts="2869" Protocol="6" ServiceName="upnphost" EdgeTraversal="" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="Network Discovery (UPnP-Out)" Group="Network Discovery" Program="C:\Windows\system32\svchost.exe" Description="Outbound rule for Network Discovery to allow use of Universal Plug and Play. [TCP]" Location="2" Enabled="Yes" Action="Allow" Direction="Out" LocalAddresses="" LocalPorts="" RemoteAddresses="LocalSubnet" RemotePorts="2869" Protocol="6" ServiceName="fdphost" EdgeTraversal="" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="Network Discovery (UPnP-In)" Group="Network Discovery" Program="System" Description="Inbound rule for Network Discovery to allow use of Universal Plug and Play. [TCP 2869]" Location="2" Enabled="Yes" Action="Allow" Direction="In" LocalAddresses="" LocalPorts="2869" RemoteAddresses="LocalSubnet" RemotePorts="" Protocol="6" ServiceName="" EdgeTraversal="0" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="Network Discovery (SSDP-Out)" Group="Network Discovery" Program="C:\Windows\system32\svchost.exe" Description="Outbound rule for Network Discovery to allow use of the Simple Service Discovery Protocol. [UDP 1900]" Location="2" Enabled="Yes" Action="Allow" Direction="Out" LocalAddresses="" LocalPorts="" RemoteAddresses="LocalSubnet" RemotePorts="1900" Protocol="17" ServiceName="Ssdpsrv" EdgeTraversal="" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="Network Discovery (SSDP-In)" Group="Network Discovery" Program="C:\Windows\system32\svchost.exe" Description="Inbound rule for Network Discovery to allow use of the Simple Service Discovery Protocol. [UDP 1900]" Location="2" Enabled="Yes" Action="Allow" Direction="In" LocalAddresses="" LocalPorts="1900" RemoteAddresses="LocalSubnet" RemotePorts="" Protocol="17" ServiceName="Ssdpsrv" EdgeTraversal="0" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="Proximity sharing over TCP (TCP sharing-Out)" Group="Proximity sharing over TCP" Program="C:\Windows\system32\proximityuxhost.exe" Description="Outbound rule for Proximity sharing over TCP" Location="2147483647" Enabled="Yes" Action="Allow" Direction="Out" LocalAddresses="" LocalPorts="" RemoteAddresses="" RemotePorts="" Protocol="6" ServiceName="" EdgeTraversal="" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
  <Rule Name="Proximity sharing over TCP (TCP sharing-In)" Group="Proximity sharing over TCP" Program="C:\Windows\system32\proximityuxhost.exe" Description="Inbound rule for Proximity sharing over TCP" Location="2147483647" Enabled="Yes" Action="Allow" Direction="In" LocalAddresses="" LocalPorts="" RemoteAddresses="" RemotePorts="" Protocol="6" ServiceName="" EdgeTraversal="0" Icmp="" InterfaceTypes="All" ApplicationPackage="" AuthorizedComputers="" AuthorizedUsers="" LocalUserOwner="" SecureFlags="0" />
</Rules>
     
  2. roga

    roga MDL Member

    Aug 12, 2015
    144
    73
    10
    #102 roga, Aug 28, 2015
    Can someone make guide for blocking everything using COMODO?
    Comodo is better and more trustworthy than little software made by 1 unknown man
     
  3. firmware

    firmware MDL Novice

    Mar 10, 2008
    12
    2
    0
    #103 firmware, Aug 28, 2015
    Umm you do know that all Windows firewall control does is control the windows firewall hence its name?

    It just makes it easier to use the windows firewall.
     
  4. roga

    roga MDL Member

    Aug 12, 2015
    144
    73
    10
    #104 roga, Aug 28, 2015
    The software says made by Alexandru Dicu
    It does not give me confidence
    And MS can change their Windows Firewall anytime to bypass your rules.
    Better Comodo Firewall which is beyond Microsoft reach!
     
  5. Vico

    Vico MDL Junior Member

    Jan 4, 2008
    93
    4
    0
    #105 Vico, Aug 28, 2015
    Download wireshark and check that this method is legit.
     
  6. MrMagic

    MrMagic MDL Guru

    Feb 13, 2012
    6,015
    4,148
    210
    #106 MrMagic, Aug 28, 2015
    Last edited: Aug 28, 2015
  7. mrbbq

    mrbbq MDL Addicted

    Jul 18, 2015
    510
    277
    30
    #107 mrbbq, Aug 28, 2015
    Comodo is a US company. It's no less out of reach of the NSA and partners than Microsoft. Look at the fact their Dragon browser is Chrome based. Google. Another company you can trust right there.:rolleyes:
    You don't need to trust any company. Trust the data you can log and see. If it isn't going out, it isn't going out, regardless of who makes it.
     
  8. roga

    roga MDL Member

    Aug 12, 2015
    144
    73
    10
    #108 roga, Aug 28, 2015
    Your MS network monitor is not beyond MS reach. That is because it is MS software. MS can update and change their MS branded software as they see fit, any time without notifying. But I think it will be unlikely and improper for MS to do something like that to Comodo, a third party software maker!
     
  9. roga

    roga MDL Member

    Aug 12, 2015
    144
    73
    10
    #109 roga, Aug 28, 2015
    Comodo is the biggest certificate authorizer in the world, if you cannot trust them, the whole internet cannot be trusted! It is not perfect but it is safe enough. Comodo Firewall was reported many times to be the best firewall in the world. And Comodo detected government spyware when all other anti virus makers ignore them. That is enough reason for me to use Comodo Firewall instead of some unknown software written by an unknown person in Romania.
     
  10. mrbbq

    mrbbq MDL Addicted

    Jul 18, 2015
    510
    277
    30
    #110 mrbbq, Aug 28, 2015
    Last edited: Aug 28, 2015
    And ignoring the fact that any US company is subject to the same laws, secret court orders &c as Microsoft are - while a little ironically the Romanian product would not be - is foolish. Why on earth WOULDN'T Comodo be if anything even more likely than the most watched firewall in the world included with Windows, to be subject to such?

    As said - ANY firm based in the US is almost certainly under such court orders. That's just a cold hard fact today. WFC is simply a better GUI for Windows Firewall, not a mysterious one person created firewall itself - again, WF is one of the most watched in the world almost certainly - and as checkable as any other. I don't particularly see what the country of origin has to do with it in the first place other than if anything a non-US well reputed source is less likely to have been coerced. Particularly as it is the result of one person working on their free time to do something useful for the rest of us, non commercially.

    But again, you don't have to trust it or take its word for it, as with any other program - you too can check for yourself. Look at the data. Simple. It's been around for about 5 years I believe, and nobody has ever found anything questionable about it. Or are you just generally suspicious of "outsiders"?
     
  11. roga

    roga MDL Member

    Aug 12, 2015
    144
    73
    10
    #111 roga, Aug 28, 2015
    I will not allow Comodo to store my data for reasons you said. All I use is their firewall, which should not send information to Comodo about what I do with my internet.
    The country of origin does matter when the news says something like 70% of malware comes from eastern europe.
    How can you trust Windows Firewall to do the job, if it comes with Windows and is made by Microsoft the very company spying on everyone now?
     
  12. Mr.X

    Mr.X MDL Guru

    Jul 14, 2013
    8,575
    15,646
    270
    #112 Mr.X, Aug 28, 2015
    @roga and anyone else
    With all due respect don't hijack this thread based on Windows Firewall and its front-end gui WFC.
    Please open another thread with Comodo subject. For the sake of order and clarity of the information provided in this thread. :)
     
  13. DavidinCT

    DavidinCT MDL Addicted

    May 9, 2015
    522
    99
    30
    #113 DavidinCT, Aug 28, 2015
    Now can this be used on 2008 R2 server that is will be external and be a reasonably good firewall, where I can just open some ports for needed stuff ?

    Need to put a 2008 r2 server in the DMZ and was thinking the Windows firewall was not enough so the project has been on hold as there is no budget for a external firewall or a 3rd party software solution.

    The key thing, can I use the Windows Firewall interface and open what I need ?

    This 2008 r2 server will be directly connected to the internet.
     
  14. bberkey1

    bberkey1 MDL Junior Member

    Aug 9, 2015
    52
    13
    0
    #114 bberkey1, Aug 28, 2015
    should any of these IP addresses or any other for that matter be blocked with remote ip ranges as opposed to local?
     
  15. Vico

    Vico MDL Junior Member

    Jan 4, 2008
    93
    4
    0
    #115 Vico, Aug 29, 2015
    This thread should be a sticky, because this method actually works.
     
  16. roga

    roga MDL Member

    Aug 12, 2015
    144
    73
    10
    #116 roga, Aug 29, 2015
    One simple question
    What makes you all think MS will not auto update their Windows Firewall (which you are all using in this thread) to steal all your data one day? Is it not safer to use a non-MS firewall?
     
  17. Mr.X

    Mr.X MDL Guru

    Jul 14, 2013
    8,575
    15,646
    270
    #117 Mr.X, Aug 29, 2015
    One simple answer:
    Because we want to. We want to use WF and its best front end WFC, alright?

    Now, we are aware about M$ patching the firewall, from the first post and common sense based on logic:
    But once again, we want to do it with Windows Firewall.

    Then, whoever wants to use a 3rd party firewall, very welcome. Just open another thread and make it thrive.
     
  18. endbase

    endbase MDL Guru

    Aug 12, 2012
    4,673
    1,710
    150
    #118 endbase, Aug 29, 2015
    Got me WFC donated but must say that I have set notifications to medium so I don't have to do al the programs by hand :D
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  19. chrissi1002

    chrissi1002 Guest

    #119 chrissi1002, Aug 29, 2015
    Last edited by a moderator: Apr 20, 2017
    these ips seem to work for me for the windows update in northern gemany.

    Code:
    8.254.200.46
8.254.200.78
8.254.200.206
23.0.47.111
65.55.138.111
66.119.144.190
77.67.27.176
77.67.27.177
77.67.27.185
95.100.248.90
95.100.248.144
134.170.51.190
134.170.58.118
134.170.58.121
134.170.58.123
134.170.58.189
157.55.133.204
    does anybody notice an ip that i shouldn't allow?

    also i noticed a bug with some programs that arn't installed on the c drive.

    the game "7 days to die" for example, with the same rules only the path edited to the exes wont work on drive d but on c.

    even stranger if installed on drive d and you allow outgoing connections and disallow them straight away it works on drive d till the next reboot of the system.

    same thing i noticed with the program jdownloader2
     
  20. Mr.X

    Mr.X MDL Guru

    Jul 14, 2013
    8,575
    15,646
    270
    #120 Mr.X, Aug 29, 2015
    A matter of tastes. I like to do all programs manually, I feel more in control of things.
     
Page 6 of 15