Path: csiph.com!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail From: Fokke Nauta Newsgroups: alt.comp.os.windows-11 Subject: Re: Can't connect to laptop Date: Mon, 28 Apr 2025 12:37:04 +0200 Lines: 84 Message-ID: References: <19dpvj20hqpzx$.dlg@v.nguard.lh> <12ms3gulh2znv$.dlg@v.nguard.lh> Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Trace: individual.net JKIMPZI5h9lYhqqIhTZquAltI2jQpg0ohxlYqZSnHkidfY3bWU Cancel-Lock: sha1:Lku9kogBxeDcv0y1FObqxe9eE4c= sha256:++ij5UU10ZG+IC7Ah/1WjRC/JMrp32EI9EVZt2tZkkU= User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101 Thunderbird/102.15.1 Content-Language: nl In-Reply-To: Xref: csiph.com alt.comp.os.windows-11:18756 On 28/04/2025 04:54, VanguardLH wrote: > Other than Windows Defender, is she running some 3rd-party anti-malware > software? Many AV programs include firewalling features. BitDefender is installed. Could that be the reason? > Is she running a firewall other than the bundled Windows Firewall? If > just using the Windows Firewall, go into it to look at what rules are > defined. If no, is she using any Windows Firewall helper tool? > > On her computer, run firewall.cpl. In the left panel, click on > "Advanced settings". Check there the firewall is enabled for all > network profiles. Yes, it is. Click on Advanced Settings to get the rules manager. > Look for any red-colored hazard icons indicating blocking rules. On her > computer, I'd focus more on the inbound rules, but outbound rules could > also affect networking from her computer to other hosts. Inbound rules for the private profile are allowed. > Some utilities to make the Windows Firewall more interactive will change > the default behavior where all connect attempts are blocked unless > whitelisted. The firewall helper pops up an alert saying something > wanted to connect, and you can block (default), allow temporarily, or > allow always (which adds a rule). > > As I recall, 3rd-party Windows Firewall helpers changed a registry > setting that reversed the firewall's behavior where it would then block > all unless allowed by a prompt to the user. They work by monitoring > events in the event logs (I forget the status code). When an event is > triggered for the block (now the default), the helper's popup appears > asking what you want to do (Block, Allow Now, Allow Always). If you > allow, the helper adds a rule to the Windows Firewall to add an allow > rule. > > https://www.binisoft.org/wfc.php > > I think that was the one I experimented with many years ago. It changes > the Windows Firewall to block all unless excepted in a prompt very > similar to how 3rd-party firewalls behave in more strict modes. > However, many 3rd-party firewalls have whitelists of apps (by hash) to > eliminate many of the prompts that nuisance a user to death making > decisions they are often ill-equipped to answer. The pre-defined > whitelist reduces the number of prompts, but there are still a lot of > them until you train the firewall (add rules). After a period of > training, the prompt level wanes. Another similar helper app is > simplewall. > > https://learn.microsoft.com/en-us/answers/questions/47481/windows-firewall-block-all-traffic-by-default-unle > > If you right-click on the root tree node in the "Windows Defender > Firewall with Advanced Security" dialog (where you were looking at > rules, select Properties, and you can see the default behaviors for > inbound and outbound traffic. > > Without a 3rd-party helper (to present prompts on all connect attempts) > or change the default behaviors of the Windows Firewall, the defaults > are: > > Firewall state: On > Inbound connections: Block In the private profile this is allowed. > Outbound connections: Allow All are. > Customize: all network adapters are selected > > Settings -> Customize: > Display a notification (for inbound connections blocked to a program): Yes > Allow unicast response: Yes > > Logging: You could enable to see if something shows up when you are > trying to connect to her computer. > It says it can't find the log file. Fokke