Windows firewall not blocking port

[yonatan748]

Hi

I need to block a specific UDP port both inbound and outbound. I have tried using Windows 7 firewall for this, but oddly it is not capable of blocking the port. I have been very meticulous with the firewall settings creating an inbound and outbound rule, but still it lets traffic through.

As a comparison I downloaded Comodo firewall, disabled Windows firewall and created the same rule blocking in/out UDP port. Comodo blocks traffic in both directions without an issue!

I know that I could stick with Comodo, but I'm curious if anyone knows why Windows firewall is failing.

Btw I used Wireshark to be certain that traffic was being blocked.

Thanks

 

[Jacee]

Did you do this? Block a Port in Windows 7

 

[polarbear]

Great info Jacee!

 

[yonatan748]

Did you do this? Block a Port in Windows 7

Hi Jacee

Yes, that is exactly what I have done and the firewall still lets the traffic through. I have even reset the firewall to default and tried multiple times and every time it fails to block.

 

[Fayla]

So you added a in-bound and out-bound block for certain UDP port numbers in Windows firewall. However, your computer's installed traffic sniffer still picks it data from those ports?

Whatever port this is, I assume you have a program that uses the port(s) you want blocked? Is this program running and added into the permit list of Windows Firewall? If this is the case, your program's permit rule could be overriding the block rule(s) you added.

Also, for a more accurate picture, run the wire shark tool on a different computer.

Hi

I need to block a specific UDP port both inbound and outbound. I have tried using Windows 7 firewall for this, but oddly it is not capable of blocking the port. I have been very meticulous with the firewall settings creating an inbound and outbound rule, but still it lets traffic through.

As a comparison I downloaded Comodo firewall, disabled Windows firewall and created the same rule blocking in/out UDP port. Comodo blocks traffic in both directions without an issue!

I know that I could stick with Comodo, but I'm curious if anyone knows why Windows firewall is failing.

Btw I used Wireshark to be certain that traffic was being blocked.

Thanks

 

[Jacee]

This is free ... see if it works |MG| Windows 7 Firewall Control 3.5.1.131 Download

 

[Greg S]

Did you do this? Block a Port in Windows 7

1. Note: You can prevent outbound traffic by selecting Outbound Rules.

That tutorial is kinda mis-leading for outbound. It's my understanding that Outbound would have to be enabled. One can create as many outbound rules as you'd like but without enabling it means very little with outbound being allowed by default. But, I may be the one mis-understanding,lol.

 

[yonatan748]

OK that's for all the suggestions, but I have just tried to block again and used another computer with wireshark and it is still letting traffic through! My opinion on this is that Windows firewall is flawed or not as robust as it should be. I've followed the links that you posted Jacee to make sure that I was doing it right (and I was) and still no go.

I guess I will use Comodo firewall as it behaves properly.

Thanks

 

[yonatan748]

So you added a in-bound and out-bound block for certain UDP port numbers in Windows firewall. However, your computer's installed traffic sniffer still picks it data from those ports?

Whatever port this is, I assume you have a program that uses the port(s) you want blocked? Is this program running and added into the permit list of Windows Firewall? If this is the case, your program's permit rule could be overriding the block rule(s) you added.

Also, for a more accurate picture, run the wire shark tool on a different computer.

I checked and the program was not checked in the permit list! Regarding wireshark I just tried sniffing from a different computer and applying the firewall on the other one and wireshark still detects the traffic.

Also see my reply above. Thanks