Use to block common exploits in legacy windows 7 desktops
# Reset Windows firewall to default values
# netsh advfirewall reset
# Enable Windows Firewall
netsh advfirewall set allprofile state on
# Show all rules:
# netsh advfirewall firewall show rule all
# Show Current profile:
netsh advfirewall show currentprofile
netsh advfirewall show privateprofile
netsh advfirewall show publicprofile
# Block all InBound, Allow Outbound
netsh advfirewall set allprofiles firewallpolicy blockinbound,allowoutbound
# Block requests to specific ports
netsh advfirewall firewall add rule dir=in action=block protocol=TCP localport=445 name="Block_TCP-445 In"
netsh advfirewall firewall add rule dir=out action=block protocol=TCP remoteport=445 name="Block 445 Out"
netsh advfirewall firewall add rule dir=out action=block protocol=TCP remoteport=53 name="Block 53 TCP Out"
netsh advfirewall firewall add rule dir=in action=block protocol=TCP localport=135 name="Block_TCP-135 In"
netsh advfirewall firewall add rule dir=in action=block protocol=TCP localport=137 name="Block_TCP-137 In"
netsh advfirewall firewall add rule dir=in action=block protocol=TCP localport=138 name="Block_TCP-138 In"
netsh advfirewall firewall add rule dir=in action=block protocol=TCP localport=139 name="Block_TCP-139 In"
netsh advfirewall firewall add rule dir=in action=block protocol=TCP localport=445 name="Block_TCP-445 In"
# Remove all rules:
# netsh advfirewall firewall delete rule all
Code language: PowerShell (powershell)In Windows firewall, block comments take precedence over everything else- regardless of where they are placed. You can also set windows firewall to block everything by default and then set allow rules
