Windows Security Tutorials - Herong's Tutorial Examples - Version 3.00, by Dr. Herong Yang
Windows 7: System Firewall Inbound Rules
This section provides a tutorial example on how to review and modify Windows Firewall inbound rules that override the inbound-connection-blocked setting on Windows 7 system.
With Windows Firewall configured with following default settings, you should also review individual override rules on inbound connections.
Firewall state: On (recommended) Inbound connections: Block (default) Outbound connections: Allow (default)
1. Go to "Control Panel\System and Security\Windows Firewall" and click the "Advanced Settings" link. You will see the firewall "Windows Firewall with Advanced Settings" screen.
2. Click "Inbound Rules" on the left of the screen. You will see a list of rules that override the "Inbound connections: Block (default)" global setting.
3. Review all rules. Pay attention to those with "Enabled=Yes", "Profile=All" and "Action=Allow". If you see any rule that is strange, do some research on it. If you think it's a security risk, you should disable it first and see it affects any applications you are using.
For example, I see 4 rules named as "Apache HTTP Server". They are all enabled on "Private" network and allowing "Any" remote computers to make inbound connection. These rules represent security risks to my computer. I installed Apache HTTP Server to some tests for my local computer only. So I can disable them and enable them whenever I want to do tests again.
The picture below shows you the Windows Firewall inbound rules that
override the "Inbound connections: Block (default)" global setting on Windows 7 system:
Last update: 2013.
Table of Contents