Windows 7 Firewall troubles.

Discussion in 'Random Thoughts' started by purr1n, Feb 3, 2019.

  1. purr1n

    purr1n Finding his inner redneck

    Staff Member Friend BWC
    Joined:
    Sep 24, 2015
    Likes Received:
    48,411
    Dislikes Received:
    78
    Trophy Points:
    113
    Location:
    Antarctica
    So I tried turning off all unnecessary services on my Windows 7 Pro machine, including the Microsoft firewall. I casually disabled the Win firewall service, IKE, IPSec, BFE, and basically a lot of other junk I didn't need for a slimmed down Windows based pen test laptop.

    So today I, I could not figure out why simple l services (nc listeners, lite FTP, lite WWW, etc.) I had running on this laptop could not be reached from other computers. This was through hardware firewalls, switches, the same LAN. I even changed Ethernet cables just in case

    Well, it turns out that the BFE (and IKE and IPSec before that) needs to be shut down and disabled BEFORE disabling the Windows firewall service, otherwise Windows 7 will be left in a perma-block state for inbound requests.

    What a colossal waste of my time today. Who the heck designs this crap at Microsoft? Can we resurrect Steve Jobs and have him lead the OS and apps division there? This is the kind of stuff that makes Jobs (and me) go Vader on an employee. I personally would have fired a team over this nonsense.
     
  2. Syzygy

    Syzygy Friend

    Friend
    Joined:
    Jun 13, 2018
    Likes Received:
    1,779
    Dislikes Received:
    2
    Trophy Points:
    93
    Location:
    Dallas, Texas
    Windows has been over 50 million lines of code for some time now; nobody could well-maintain or reason about such a monstrosity.

    The Linux kernel (just the kernel) is approaching 20 million lines, IIRC.

    To give a comparison, FreeBSD base is just around 16 million lines, which includes the kernel, drivers, and all the basic Unixy stuff installed (shells, cat, grep, ls, etc.), but not add-ons or apps (or even Xwindows) which are called "ports" there.

    Any way, there's a contribution to the reason.
     
  3. Kernel Kurtz

    Kernel Kurtz Friend

    Friend
    Joined:
    May 19, 2018
    Likes Received:
    515
    Dislikes Received:
    1
    Trophy Points:
    93
    Location:
    Winnipeg, Canada
    Syzygy likes this.
  4. purr1n

    purr1n Finding his inner redneck

    Staff Member Friend BWC
    Joined:
    Sep 24, 2015
    Likes Received:
    48,411
    Dislikes Received:
    78
    Trophy Points:
    113
    Location:
    Antarctica
    Already have the VM and use it on a daily basis. I got a few $$$ tools too from corporate. Core Impact is also $$$, but fricking awesome for semi-automated web app testing. Some are a waste of money I think, like Rapid 7 Metasploit, but it does interface their their scanner. Makes things easier and faster, but I'm still old school and prefer hand analysis and manual selection of modules. There is so much though. I can't even keep up with the nmap or recon-ng scripts and modules.

    Most of it is because all this "Matrix" looking stuff looks cool in reports.
     
  5. Kernel Kurtz

    Kernel Kurtz Friend

    Friend
    Joined:
    May 19, 2018
    Likes Received:
    515
    Dislikes Received:
    1
    Trophy Points:
    93
    Location:
    Winnipeg, Canada
    Even when I was working and corporate would pay for tools, I found there was not much that was so much better than the available open source ones that it was worth the cost, apart from ongoing subscriptions for things like Nessus and Snort.

    And yeah, Kali is filled with all sorts of things I have never used, but it's nice to know it is there if it is ever needed.
     
  6. Kernel Kurtz

    Kernel Kurtz Friend

    Friend
    Joined:
    May 19, 2018
    Likes Received:
    515
    Dislikes Received:
    1
    Trophy Points:
    93
    Location:
    Winnipeg, Canada
    I'm a big fan of FreeBSD/OpenBSD. It is more of a traditional UNIX implementation than Linux, especially since most distros have started adopting systemd (of which I can't say I am a huge fan).
     
    Syzygy likes this.

Share This Page