Network - Firewall in Windows
Windows has a built-in firewall that blocks inbound connections.
netsh advfirewall show currentprofile
Domain Profile Settings:
----------------------------------------------------------------------
State ON
Firewall Policy BlockInbound,AllowOutbound
LocalFirewallRules N/A (GPO-store only)
LocalConSecRules N/A (GPO-store only)
InboundUserNotification Enable
RemoteManagement Disable
UnicastResponseToMulticast Enable
Logging:
LogAllowedConnections Disable
LogDroppedConnections Disable
FileName %systemroot%\system32\LogFiles\Firewall\pfirewall.log
MaxFileSize 4096
Ok.
One liner to get the config for all profiles with Windows - netsh (Netshell)
netsh advfirewall monitor show firewall
Public Profile Settings:
----------------------------------------------------------------------
State ON
Firewall Policy BlockInbound,AllowOutbound
LocalFirewallRules Enable
LocalConSecRules Enable
InboundUserNotification Enable
RemoteManagement Disable
UnicastResponseToMulticast Enable
Logging:
LogAllowedConnections Disable
LogDroppedConnections Disable
FileName %systemroot%\system32\LogFiles\Firewall\pfirewall.log
MaxFileSize 4096
Configuration Properties for a rule
netsh advfirewall monitor show currentprofile
Domain Profile:
----------------------------------------------------------------------
HotITem.local
Ok.
As soon as a network packet matches a rule, that rule is applied, and processing stops.
netsh advfirewall ... # where advfirewall is the context