none
Windows Firewall drop but don't record the packet discarded. RRS feed

  • Question

  • Hi to all,

    on my pc with windows 10 pro i enabled windows firewall from control panel and i set for all network profile, private,guest and public the same configuration for incoming connections: block all incoming connections and i set firewall to record dropped packets.

    When i open the log file i see correctly the dropped packets but not all.

    For example the snmp request on UDP port 161 from other windows pc on my lan to my pc didn't record.

    The same for broadcast request: 255.255.255.255.

    I'm sure of this because i have use wireshark to analyze network traffic  and i make test with other internet security suite that log.

    Can you help me and explain why this happens?

    Thanks soo mutch and sorry for my poor english.

    Friday, October 28, 2016 8:20 PM

All replies

  • Testing Windows only registers blocked connections to a an open connection for me. So do you have a open connection on 161 ? I tested using iperf and with iperf listening on port 161 the dropped connection is logged. Stop the iperf listening and connection to port 161 is not logged.

    How are you testing the broadcast 255.255.255.255 test?

    Saturday, October 29, 2016 9:16 PM
  • Hi Mr Happy and thank you for your replay.

    Your test is very interesting and I'll try the same tests as soon as possible.

    Thanks again. 

    Friday, November 4, 2016 2:03 PM