How make windows 7 firewall block all traffic

windows-7 networking firewall windows-firewall
19,837

Solution 1

The following worked when I tried it.

  1. Open the Start menu.
  2. In the search box, search for "Windows Firewall."
  3. In the search results, select "Windows Firewall with Advanced Security."
  4. In the "Overview" section, check to see which profile is active. By default, it should "Private Profile."
  5. Next, click on the link marked "Windows Firewall Properties."
  6. Select the tab labeled "Private Profile."
  7. Make sure that "Firewall State" is set to "On (recommended)."
  8. Under "Inbound Connections" click on the drop-down menu and select "Block all connections."
  9. Under "Outbound Connections" click on the drop-down menu and select "Block."
  10. Next to "Protected network connections," click the button marked "Customize."
  11. Make sure that all of the check boxes are marked, especially "Local Area Connection" and "Wireless Network Connection" (if present).
  12. Click the "OK" button. When that dialog closes, click the "OK" button on the next dialog.

Source

Solution 2

On Windows 7 Home Premium:

  • Start | Control Panel | Firewall | "Advanced Settings"
  • This will open up "Windows Firewall with Advanced Security" Window
  • Click on Inbound Rules and New Rule
  • Rule Type: Custom
  • Program: All Programs
  • Protocol and Ports: Any
  • Scope: Any IP Address (both local and remote)
  • Action: Block the connection
  • Profile: Domain and Private (Untick Public)
  • Name: Make a name for this rule

Click on Finish

And now you have an inbound Rule that blocks All Application from accessing any IP on any Port on Domain and Private (Home or Work or Private Networks)

And now you have to make exactly the same rule under "Outbound Rules"

Note (Credit to barlop):

Although Windows Firewall does block a lot of things, it does not block ALL traffic. Barlop has added that WireShark still detects some traffic in and out of the system even when everything meant to be blocked using either method.

Solution 3

Rather than navigate through all these pages simply click on the Start button... type CMD in the search field... click Search. You'll see cmd.exe in the PROGRAM field. Click on cmd.exe. Your DOS box will come up. In it type ipconfig /release and hit Enter. This will shut down all inbound and outbound traffic.

To get inbound and outbound traffic running again simply run up this DOS box again ( I have my DOS box icon pinned to the Taskbar at the bottom of the screen ) and now type in

ipconfig /renew

and hit enter. All comes back to normal.

Share:
19,837

Related videos on Youtube

tablesalt
Author by

tablesalt

Updated on September 18, 2022

Comments

  • tablesalt
    tablesalt over 1 year

    How can I setup windows 7 firewall so that it blocks ALL inbound and outbound traffic of all kinds, unless I am connected to a network that is designated in network options as public?

    I'd like to block Home and Private. Thanks for any advice.

  • barlop
    barlop about 10 years
    I haven't fully tested this but do you really need to make a rule for incoming, given that there is a 'block all' option in windows firewall properties for incoming?
  • barlop
    barlop about 10 years
    and you should know that traffic still shows in wireshark, so it doesn't seem to block everything
  • barlop
    barlop about 10 years
    One might want to additionally try disabling the allow rules in outgoing, and anything in 'allow programs'. Though even then, it's worth bearing in mind that it stops a lot but not everything. Traffic still shows in wireshark so it doesn't block everything, though it seems there isn't anything one can do in the windows 7 firewall to totally block everything. It does block a lot though. Though some fundamental stuff is still sending and seeing packets as seen in wireshark.
  • Darius
    Darius about 10 years
    Looks like I didn't notice the block all option.. so Ramhound's answer would probably more straightforward to do. Wireshark can see all incoming attempt to the machine, but there won't be any replies, or any outgoing.
  • barlop
    barlop about 10 years
    dude, try wireshark with his method, and as with your method, you'll see that there are outgoing and incoming for some packets. I mentioned this on your post and his post. And if you don't believe me then try it. It blocks a lot, and so you see a lot less in wireshark than you would if more packets were allowed. But, it doesn't block all.
  • Darius
    Darius about 10 years
    @barlop I haven't tried wireshark myself, but the question asked to block only Private and Home part of Network set up. The question still wants internet/intranet access if the network is set to "public" so I am assuming you will still see traffic. (Even if its just DHCP asking for IP address). If the question wants no network at all, perhaps physical disconnection is preferred, or a 3rd party firewall that can completely bar all connection (ZoneAlarm can do this when I used it ages ago)
  • barlop
    barlop about 10 years
    The question said that on networks designated private, he wants to block all.. so that would imply no intranet there. Obviously he wants traffic in the public one 'cos he said he doesn't want to block in the public one. Your "assumption"(you called it that)that he will see traffic in the public one is correct but obvious given that he isn't blocking or looking to block anything in the public one. And what you're saying is a diversion from my point.Win7 firewall works on a per profile basis, nobody denies that.I'm talking of extent of blocking, -on the profile he is doing the blocking on-.
  • barlop
    barlop about 10 years
    As for ZA.. well, if it was ages ago, and more signfiicantly, you probably didn't even test it then, then don't be so sure. And btw, the win7 firewall is pretty good at blocking outgoing. You seem to imply that ZA is better, I have my doubts. I doubt you launched wireshark(or ethereal at the time) and tested it. So your claim might be a tad too confident.
  • Darius
    Darius about 10 years
    Thanks for that. I did misunderstand your original comment about the visible traffic. So wireshark can still see some traffic, even when the Windows 7 firewall said "Block all" on the correct profile.. this is what you mean right?
  • barlop
    barlop about 10 years
  • Spectraljump
    Spectraljump over 6 years
    ^ This. And it gets much worse in Windows 10. So instead you should install PFSense on a Virtual Machine, and route all your Windows traffic through that VM. (The question doesn't specify, but that's why you want to do what it asks: to make a good internet kill switch (for your VPN))

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Import Export specific Windows Firewall Rule
Allow dropbox through windows firewall when everything else is blocked
Does disabling the 'Windows Firewall' service actually work?
tracert command is not working but able to access the same site through browsers
Windows Firewall blocking broadcast messages, can't get it to allow
Why Windows Firewall does not block outgoing traffic?
Windows firewall - block all incoming connections enable/disable - CREATE SCRIPT
Allowing port access on Windows
netsh advfirewall open TCP ports 80 and 443 for outgoing traffic
Windows 7 firewall: Block all incoming requests from a certain IP