Windows Firewall Demo Part 3

00:01

Hey, everybody. My name is Peter Simple own. And this is the network Security course. This is going to be module six, Lesson four.

00:10

So far, the prerequisites for this course and everything we've seen so far are modules one through five module one being the intro module to being this core cybersecurity principles Module three being select applications

00:25

Module four, being designed on and network topology structures with principles and security protocols.

00:33

Module five is where we took a look at malware and designing of applications and module six, where we took a look at computer protection components and network protection components. And less than three was the first part of the Windows firewall demo.

00:51

So if you have not seen any of these yet, I encourage you to go back

00:56

and take a look at them. If you have not seen Module six lesson three, then you really need to go back and see that one. Because that is the first part of the Windows firewall demo where I show you the different the layout of the Windows firewall and where everything is located and how it functions

01:15

in this video. We are going to do the second part of that Windows firewall demo. We are going to create a program which will we're going to create a far wall policy to show you how to create one and how to ensure that it works.

01:32

We have a lot to do today, so let's get started.

01:36

All right, here we are, everybody. We're back here in the advanced security section off the Windows firewall, and we are going to go ahead and create a new rule. So for the purpose of this demo, and to show how it works,

01:53

we're going to create an outbound rule which, which blocks our own access

01:57

to go outside of the computer. So for this example, we're going to block access to the Internet. Although with inbound up our rules, they're put together the same way.

02:08

So where you will come over here in our outbound rule section, we will come here to the new rule,

02:15

and we will click that. And then it gives us a couple of options so

02:19

we can block by a specific program. We can create the type of rule either with the port, whatever port you want want to be Remember, there are 65,535 ports and you can do a pre defined one, which gives you

02:37

some programs and services which are currently running on the PC. Or you can do a custom one which you could make it at that point, anything you want.

02:46

So for the purpose of this demo, we are going to block a program.

02:52

So we're going to hear we select program,

02:54

and we gotta figure out who on the block, all programs or just one program in particular. And so we're gonna block one program in particular. We're going to block Google Crume.

03:06

Now, before we go any further, I just want to test to show you that Google Chrome is actually working as expected. So we want to go down here to yahoo dot com. We can pull that up and boom! Look at that. We are on the Internet,

03:20

So Google Chrome is currently working and now we are going to block it. So this program path, we have to come in to browse. As you could see, I'm already here. But if we if we weren't we could go to computer

03:34

the operating system. When you go to the program files, we would come down to Google

03:38

and we will go to chrome

03:42

application And this is the group gold Chrome execute herbal. So every time you click on, like the desktop icon or something like that this execute herbal program runs

03:53

So now that we haven't selected clicking as you can see, it has been set up here

03:59

we can click next.

04:00

And what are we gonna do? Do want to allow the connection doing to allow it If it is secure or do on a block In our case, we are going to block it. So we're gonna block our own access to Google Chrome.

04:13

That's good Here. So this and when we want to apply this rule, do on apply when we're using the domain firewall, the private firewall or the public network firewall. In this case, it doesn't really matter. So we're gonna leave all of these checks.

04:27

But if you wanted it applied to the public one but not the private one or so forth, then you can specify that here.

04:34

So now we have to give a name. Weaken, call this

04:40

firewall

04:44

test one

04:46

and we will finish.

04:49

So as you can see,

04:51

we are back here from minimize this. As you can see, we now have our far wall test one appearing in the outbound rules, and there's no group attached to it. It applies to all the profiles.

05:04

It is enabled, and this job is to block the program at this, um, path.

05:12

So let's test it out and see if we did it correctly so it would come down here

05:16

Google Chrome

05:18

And let's check out yahoo dot com. Uh, we can no longer get to yahoo dot com because the Internet access has been blocked.

05:27

Let's try another one for good. ESPN ketchup on our sports when that's blocked. Two is because the far wall is blocking Google chrome from going

05:34

going out to the Internet. Now to show you that it's Google Chrome being blocked and not the Internet itself. We can come down here to Internet explore

05:45

on that we can

05:48

quick on all this

05:53

and then we can go suit, not E s p n

05:58

dot com.

06:01

We let it load.

06:03

And then, as you can see, we're now on ESPN dot com and we can catch up on all of our sports.

06:11

So that is the first demo. We will also while also walk you through one mawr demo to show you how another way you can block the firewall. So if we close this down here first, let's get rid of this.

06:29

We can delete this.

06:32

Yes. All right, Now let's go back to new rule.

06:36

Now, I'm gonna walk you through the second way. This can be done, but I will not actually go through with it as you convince, you will see in a minute. So instead of blocking a program, we can also block ports. This is very popular way of doing it because you definitely want to disable unused ports

06:54

if message is not as much as you possibly can.

06:57

So this is a critical aspect of device hardening. So with the ports, we can come down here, block it here, and we can hit next,

07:08

and we can specify. Does this one? Do we want to apply this to TCP or UDP?

07:14

And once we'd figure out which one we want to do. We can specify all the remote ports or specific ports in general. So this is where you would literally reports. So if I specified Poritz 80

07:28

and 443 Now, these airports Http and Https. So these are the ports that are used to get Internet access. So if I hit next here,

07:40

I can block the connection,

07:44

and I can have it apply to all of the domains,

07:47

and I can give a name and then hit finish. I will not hit finish, because the way I am currently re moated into this computer in my home lab. I am re moated in over the Internet. So if I was to click, finish this rule be applied, and I would lose connection to the Internet and I wouldn't be able to get any Aaron head at all.

08:07

So that would that would be the end of this demo very quickly.

08:11

So we're not going to actually do that. But that is how you would do that. That is how you would block ports if you wanted to.