Jump to content

- - - - -

Windows Firewall Configuration - Truly Block EVERYTHING

antispy windows 10

  • Please log in to reply
2 replies to this topic

#1 alacran


    Gold Member

  • .script developer
  • 1509 posts

Posted 19 September 2015 - 09:01 PM

Posted Image

File Name: Windows Firewall Configuration - Truly Block EVERYTHING
File Submitter: alacran
File Submitted: 15 Sep 2015
File Category: Security

Usefull to block Windows 10 spying behavior.

Inside the 7zip you will find 2 doc files with the required register and Windows Firewall Control config. Also here two reg files one blocking ALL and the other almost same but Allow Windows Update.

1. Be warned that this setup is for someone with the time and knowledge to put up with apps, network services, the entire internet, etc, not working, and to figure out what is needed to whitelist. There is a log feature in WFC that will help you view connections, but it's mostly trial and error if you're trying to unblock something like Windows Update (in case by registry above doesn't work for you).
2. Don't blindly enable WFC Recommended Rules. It allows the Windows Store to talk to the internet, in case you don't want that.
3. I tested with a fully activated WFC. You will not have Notification Levels to control if not activated.
4. This may cause lower level services and networking to fail (even LAN Drives). It may require more effort than simply right click to whitelist to handle said services.
5. Some apps may have multiple exe files that need whitelisted to fully function. You'll likely only need to worry about EXE files.
6. Unless Microsoft compromises their own Firewall Software (which is terrible as it should do what it is told, and the Pro and up version are supposed to be Enterprise grade (*cough*), this should kill all possibilities for talking to MS, except those you knowingly (or unknowingly, with too permissive whitelisting) allow via WFC.

Source: http://forums.mydigi...lock-EVERYTHING

Click here to download this file

#2 alacran


    Gold Member

  • .script developer
  • 1509 posts

Posted 01 October 2015 - 10:48 PM

Only a good configuration of the FireWall can stop this (until now):



...After logging in with a local account...


...After having configured all the overt privacy controls and all other preferences I could find to the most private settings...


...After having removed Cortana, OneDrive, and all Modern Apps that can be removed, which are not needed for the desktop-centric operation I require...


...After having swept through services.msc and disabling selected services that are not needed for desktop-only operation...


...After having swept through the Task Scheduler and disabling many tasks that do not need to run...


...After having set the policy via gpedit.msc to not install updates without my having initiated the activity...


...After having put in place a hosts file that resolves thousands of known data collection or malware server names to


....AND having run ShutUp10...


...A quiescent Windows 10 system with no applications running STILL tries contact many servers.





He is using Windows 10 Firewall and Firewall Control (Selecting deny all outgoing and ingoing traffic and only allowing what he wants).


Source: http://www.msfn.org/...19#entry1109248



#3 v77


    Silver Member

  • Team Reboot
  • 590 posts

Posted 02 October 2015 - 12:30 PM

I see no problem. Even if you choose not to download the updates automatically, Windows Update needs to contact the server to show the available updates and display a small message at system startup that tells that updates are available. This is the behavior on Windows 8.1 Enterprise, so I assume that the same system has been kept on Windows 10 Enterprise.
I also see nothing suspect to the rest.

In fact, all this tells me that I can use Windows 10 without fears for my privacy...

Also tagged with one or more of these keywords: antispy, windows 10

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users