NT6.1 Firewall Stealth Mode: Difference between revisions
Jump to navigation
Jump to search
(Created page with "In Windows NT6.1 (Windows 7, Windows 2008 R2), the default setting for the Windows Firewall is to drop packets for ports no program is listening on. So for example if you woul...") |
No edit summary |
||
| (One intermediate revision by one other user not shown) | |||
| Line 2: | Line 2: | ||
To disable stealth mode create the following: | To disable stealth mode create the following: | ||
<pre> | |||
DisableStealthMode = DWORD(0x1) | DisableStealthMode = DWORD(0x1) | ||
</pre> | |||
in 1 or more of the following profiles: | in 1 or more of the following profiles: | ||
<pre> | |||
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\WindowsFirewall\StandardProfile | HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\WindowsFirewall\StandardProfile | ||
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\WindowsFirewall\DomainProfile | HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\WindowsFirewall\DomainProfile | ||
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\WindowsFirewall\PrivateProfile | HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\WindowsFirewall\PrivateProfile | ||
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\WindowsFirewall\PublicProfile | HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\WindowsFirewall\PublicProfile | ||
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile | |||
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile | |||
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile | |||
</pre> | |||
Latest revision as of 09:37, 5 November 2024
In Windows NT6.1 (Windows 7, Windows 2008 R2), the default setting for the Windows Firewall is to drop packets for ports no program is listening on. So for example if you would go to http://nt61machine.zaphod.example.com/ and nt61machine isn't listening on tcp/80 it would take the timeout of your tcp stack's timeout for the port to be found unreachable.
To disable stealth mode create the following:
DisableStealthMode = DWORD(0x1)
in 1 or more of the following profiles:
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\WindowsFirewall\StandardProfile HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\WindowsFirewall\DomainProfile HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\WindowsFirewall\PrivateProfile HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\WindowsFirewall\PublicProfile HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile