none
How Windows 7/10 defender firewall works? RRS feed

  • Question

  • My Win10 set defender firewall as below,
    Inbound connections that do not match a rule are blocked.
    Outbound connections that do not match a rule are allowed.

    Once the program use the port to send the data, the incoming data from the same port can pass.

    I found the description of windows 2003 firewall descript as below

    https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2003/cc755604(v%3dws.10)

    There are only two conditions under which traffic can pass through Windows Firewall:

    When the incoming traffic corresponds to a recent outgoing request, in which case the response traffic is then considered incoming solicited traffic.

    May I know above firewall strategy still available for windows 7/10 defender firewall?
    Thursday, September 19, 2019 5:04 AM

All replies

  • WINDOWS FIREWALL

    A firewall, at its most basic level, permits or denies communications between computers, between networks, or between computers and networks (for example, your home computer and the Internet) based on the firewall’s configuration rules. You can access the settings for Windows Firewall through the Network and Security section in the Control Panel.

    Almost all computers and networks communicate by establishing connections between two hosts using an IP address and a port. Although there are many types of firewalls, the most common type of firewall (and the type used in Windows 7, provided by Windows Firewall) permits or denies communications based on IP address and port information.

    Only connections that are explicitly allowed, using firewall rules, are permitted. Windows Firewall, by default, allows all outboundconnections, and permits only established inbound connections (that is, an inbound connection that is in direct response to an outbound connection initiated from your computer or network).

    There are firewalls protecting Microsoft’s Web servers and your ISP’s DNS servers. In order for your computer to connect to Microsoft’s Web servers, Microsoft must first create firewall rules to allow the communication. This is accomplished by creating a firewall rule that essentially says to allow any inbound IP address to connect to 207.46.232.182 (Microsoft’s Web server) on port 80 (HTTP). Your ISP must create a similar rule on their firewall that essentially says to allow any inbound IP address to connect to its DNS servers on port 53 — which is the standard port for DNS.

    Windows Firewall permits your outbound DNS request to your ISP’s DNS server, and your computer’s outbound HTTP request to Microsoft’s Web server. In your outbound request, your computer first sends the DNS request to your ISP’s DNS server on port 53, and tells your ISP’s DNS server on what port it will be listening for a response.

    Your computer selects a random port number between 49,152 and 65,535, and Windows Firewall automatically creates a temporary rule that allows an inbound connection from the IP address of your ISP’s DNS server to the IP address of your computer, on that random port number.

    After the response is received (or if a response is not received within a specified period of time, say 30 seconds), the rule is automatically deleted from the firewall and the connection is again blocked. A similar process is then repeated to connect to Microsoft’s Web server.

    Source :wiki,beeping computers, computer for dummies

    Similar discussion can be checked.

    https://security.stackexchange.com/questions/13141/what-specifically-does-the-windows-firewall-do

    Please Note: Since the website is not hosted by Microsoft, the link may change without notice. Microsoft does not guarantee the accuracy of this information.

    about your question: Windows 2003 firewall strategy still available for windows 7/10 defender firewall?

    Yes.

    Regards


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.


    Friday, September 20, 2019 2:48 AM
    Moderator
  • We have not heard from you in a couple of days. Please post back at your convenience if we can assist further.

    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Wednesday, October 9, 2019 9:31 AM
    Moderator