Windows Firewall not Blocking Specific Ports Effectively.

[Thelps]

Ran a portscan on my PC using the loopback address (127.0.0.1) after blocking a specific port using Windows Defender Firewall.

However, the portscan shows the port(s) as still open.

To clarify: specified which ports to block by using "New Rule > Port > Specified port range > All Domain Types". The protocol-type has been confirmed to be correct and the firewall rule (duplicated for inbound and outbound) is active.

Why are the loopback-based portscans still reporting these ports as open? Have I missed something?

 

[Thelps]

Just bumping this thread.

Would be nice to get a real, effective answer. Why are these ports still showing up in my network scan?

 

[Ian]

I wouldn't rely on a loopback scan to check for open ports - have you got another system you can run a port scan from? I don't think you can reliably port scan your system from itself - you should really be doing this externally to get reliable results, so that nothing is bypassed.

 

[Thelps]

I'm just worried I'll trigger some form of security system if I do so.

For whatever reason, these security systems don't ever seem to work in my favour.

Like my signature says, I'm aiming to be unknown online, whilst still using the internet. I'm really effective at self-policing, and the whole litigious culture of people actively looking for someone else to sue doesn't seem to be helping anybody, particularly myself.

I'm trying to 'enjoy' my work, get it?

 

[Thelps]

Oh, to clarify, I mean I'm working from a home machine, not at a workplace where obviously, I don't make the rules.

 

[Thelps]

Could it be internal applications (applications installed on the computer) automatically opening the ports they require?

If so, why does the Firewall not block them? They still show as open during portscans using the loopback IP.

 

[Ian]

I'm not sure of the technical reasons as to why the firewall doesn't block those ports when using the loopback IP, but I do know that it doesn't give a reliable overview of the situation to scan those ports like that. Which ports does it say are open?

 

[Thelps]

The port-list varies according to what programs I have open (so, obviously, some programs on the computer are opening ports when they need to) and the ports that open and close correlate with which applications I have opened myself.

However, there are a few ports that are constantly open that aren't, to my knowledge, associated with 'essential' Windows services. I have blocked a couple of them with the included Firewall but they still appear as open with virtual-loopback adapter portscans.

I'd rather not mention the specific ports here because it could potentially represent a security vulnerability.

I'm under the impression that any port can be used for any type of data traffic if the firewall is not configured to be extremely selective in the types of data it allows.