none
Enable firewall to block inbound access to smb connections only

    Question

  • Hello,

    I want to block workstations from accessing each others c drives and want to create an inbound policy to block TCP 135 and 445, but allow servers which are on a different subnet.

    Does this look ok?


    Sunday, May 14, 2017 9:31 PM

All replies

  • Hi  TB303,

    GPO configuration is OK.

    >>I want to block workstations from accessing each others c drives and want to create an inbound policy to block TCP 135 and 445, but allow servers which are on a different subnet

    If these machines are domain-joined,you could put these affected machines in a dedicated OU then apply this GPO to it.

    Don't forget gpupdate /force and gpresult /r to check the results on these machines.

    Best regards,

    Andy


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Monday, May 15, 2017 2:21 AM
    Moderator
  • Alternativly you could look at disabling the SMB1 protocol via Group Policy. I have a blog post at http://www.grouppolicy.biz/2017/03/how-to-disable-smb-1-on-windows-7-via-group-policy/ showing how to do it... 

    Alan Burchill (MVP)
    http://www.grouppolicy.biz

    @alanburchill

    Monday, May 15, 2017 6:01 AM
  • Thanks I will take a look at your blog.

    What I have noticed though is when I enable it some user will get the odd alert saying the Windows Firewall has blocked something and would you like to enable it?  Should user be able to add them.  I've just wondering if they get a worm and it this pops up a user might just say yes to accept it.  Can this be blocked?

    Thanks

    Wednesday, May 17, 2017 7:26 AM
  • Hi

    >>Can this be blocked?

    Yes, you could refer to blog below to disable the alert:

    https://blogs.technet.microsoft.com/networking/2010/12/16/disabling-firewall-alerts-in-the-action-center/

    Best regards,

    Andy


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Monday, June 5, 2017 8:17 AM
    Moderator