NT6.1 Firewall Stealth Mode

From Playing with linux...
Jump to navigation Jump to search

In Windows NT6.1 (Windows 7, Windows 2008 R2), the default setting for the Windows Firewall is to drop packets for ports no program is listening on. So for example if you would go to http://nt61machine.zaphod.example.com/ and nt61machine isn't listening on tcp/80 it would take the timeout of your tcp stack's timeout for the port to be found unreachable.

To disable stealth mode create the following: 

DisableStealthMode = DWORD(0x1)

in 1 or more of the following profiles: 

HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\WindowsFirewall\StandardProfile
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\WindowsFirewall\DomainProfile
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\WindowsFirewall\PrivateProfile
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\WindowsFirewall\PublicProfile
Retrieved from "https://plnx.nl/wiki/index.php?title=NT6.1_Firewall_Stealth_Mode&oldid=50"