/os/ - Online Security

News, techniques and methods for computer network security.

Boards | Magrathea | Catalog | Bottom

Check to confirm you're not a robot
Name
Email
Subject
Comment
Password
Drawing x size canvas
File(s)

Remember to follow the rules

Max file size: 350.00 MB

Max files: 5

Max message length: 4096


Welcome to Online Security the place for internet and computer security, privacy and anonymity.
If you have some helpful tips please feel free to share your ideas. Start a new thread, or contribute to an existing thread.


Meta Thread Endwall 07/12/2016 (Tue) 12:03 [Preview] No. 171 [Reply] [Last 50 Posts]
Post any comments, concerns, or requests for the board in this thread.
Edited last time by Endwall on 07/12/2016 (Tue) 12:15.
40 posts and 6 images omitted.


Anonymous 02/22/2023 (Wed) 09:20 [Preview] No.1830 del
>>1769
actually schizo


Endwall 02/28/2023 (Tue) 05:24 [Preview] No.1831 del
>>1830
Actually in need of eye glasses 3x strength prescription, prescribed by an Ophthalmologist. Possibly Asian and squinting fiercely in order to see.


Anonymous 05/26/2023 (Fri) 22:20 [Preview] No.1833 del
>>1831

I recommend you take a look at this, it may give you a differents perspective of what is ocurring around you

https://psychcentral.com/quizzes/schizophrenia-test


Endwall 05/27/2023 (Sat) 05:29 [Preview] No.1835 del
(107.69 KB 1089x1079 no_schizo.png)
>>1833
I tried it out... I think the results are correct.



Welcome to Online Security: Sticky Thread Endwall 07/13/2016 (Wed) 03:11:01 [Preview] No. 181 [Reply] [Last 50 Posts]
Hello and Welcome to /os/, Online Security. This is a board for the discussion of online security, privacy, anonymity, and news from cybersecurity and privacy world.
RULEZ
1.Follow the global rules
2.No Spam
3.No Classified Documents or leaks of Classified Documents or Files (News articles, or commentary about the documents or files is OK)
4.No Child Exploitation Material
5.Images should be safe for work and relevant to the post or thread, commentary can be NSFW
6.No Advertisements of Hacker Services or Solicitations for Hacking Services
Related Boards
tech >>>/tech/ Hacker >>>/h4x0r/ Security Concepts>>>/sec/ EndSoft >>>/endsoft/
Privacy Guides
https://thetinhat.com/index.html
https://archive.is/zq2Ip
http://crypty22ijtotell.onion/handbook/
http://yuxv6qujajqvmypv.onion
http://deepdot35wvmeyd5.onion/security-tutorials/
Software Recommendations

Message too long. Click here to view full text.

Edited last time by Endwall on 07/13/2021 (Tue) 22:51:04.


Sticky Bump Endwall 10/23/2016 (Sun) 18:54:40 [Preview] No.624 del
TOP BUMP
Additions:
TENS , https://www.tens.af.mil/lipose.htm , US Air Force Live CD <-- online banking for mom and dad.
LibertyBSD http://libertybsd.net/ , https://libreboot.org/docs/bsd/openbsd.html
Edited last time by Endwall on 07/31/2019 (Wed) 07:19:36.


Sticky Bump Endwall 04/30/2017 (Sun) 03:29:12 [Preview] No. 894 del
Heads https://heads.dyne.org/ http://fz474h2o46o2u7xj.onion ; Devuan non-systemd version of Tails (Disclaimer: Website/Project uses occult language with communist signals)
Devuan https://www.devuan.org/ http://devuanzuwu3xoqwp.onion
Systemd Free http://systemd-free.org/
Edited last time by Endwall on 10/07/2017 (Sat) 03:03:59.


Endwall 06/01/2017 (Thu) 08:14:41 [Preview] No. 933 del
Mozilla Firefox Hardened Profile
https://github.com/ghacksuserjs/ghacks-user.js



Antivirus Software Endwall 02/12/2024 (Mon) 02:06 [Preview] No. 1840 [Reply] [Last 50 Posts]
Antivirus Software and Methods

I generally don't trust antivirus software packages but I think they may be useful in cases where you download files from the internet and open or view them. Place useful tips about virus cleaning and antivirus software tips in this thread.


ClamAV Endwall 02/12/2024 (Mon) 02:34 [Preview] No.1841 del
On Debian and Windows I use ClamAV which is maintained by Cisco systems.

https://www.clamav.net/
https://www.clamav.net/downloads

It comes packaged with Debian and other GNU/Linux distributions, and I've used it on OpenBSD. On windows I use the Windows defender suite but this also works on windows through an admin CMD command line. You download the package from the above link and install it. Then you need to edit two config files in the directory "C:\Program Files\ClamAV\conf_examples\". Copy these files to the main directory
 
C:\> copy "C:\Program Files\ClamAV\conf_examples\*.sample" .. 
C:\> cd "C:\Program Files\ClamAV\" 
C:\> move clamd.conf.sample clamd.conf
C:\> move freshclam.conf.sample freshclam.conf
C:\> notepad clamd.conf

#Comment or remove the line below.
#Example

Save and close the file, then do the same for freshclam.conf
C:\> notepad freshclam.conf

# Comment or remove the line below.
#Example

Save and close the file after commenting Example with #
C:\> freshclam

Message too long. Click here to view full text.

Edited last time by Endwall on 02/22/2024 (Thu) 03:00.


Endwall 02/22/2024 (Thu) 03:08 [Preview] No.1842 del
If you just want to scan your home directories, you can just run this on /home/ or a specific directory cd'ing into the directory. Also --remove will do the deletion for you if you'd rather the program handle the process of bad flagged file removal. For a silent non verbose run remove -a and -v. Example:
$ su
# cd /home/
# freshclam
# clamscan -i -o -r -z --remove

Run it on the root directory / to get everything, however removal might break programs so its best to run verbose to a log file and move the bad files to a quarantine location before deletion. Post any tips about anti-virus if you have any.
Edited last time by Endwall on 02/22/2024 (Thu) 03:09.



Endware Endwall 05/03/2016 (Tue) 08:54 [Preview] No. 32 [Reply] [Last 50 Posts]
Endware is a suite of programs geared towards internet privacy, security, and anonymity.

Endwall: endwall.sh is an iptables based firewall script designed to be implemented on any linux distribution shipped with iptables. endwall.sh is based on default drop policies, coupled with a novel strategy of passing packets on local host ports only for those enabled by the enduser. It comes with a variety of well used ports enabled with several additional port passing configurations available by uncommenting the script. It provides essential security to a new user.

Endsets: endsets.sh is a script that adds blacklisting and whitelisting functionality to endwall.sh. It depends on the program ipset. It is persistent on reboot if you enable ipset as a service. This is the recommended blacklisting tool for endwall if you are running a server or planning on opening up ports and services to the public and will require daily blacklisting of new incomming IPs.

Endlists: endlists.sh is a traditional text file list based blacklisting and whitelisting script. It has slow performance, and can't be updated on the fly. Good for <1000 ip subnets, very tedious and slow to run for more than that. Blocks the IPs by adding them as individual rules to the iptables ruleset. Works but not recommended for heavy duty on a server. May be useful for workstation use to block ip ranges if you are not opening up ports and services to public clients.

Endtools: endtools are a collection of scripts including alogz.sh, mlogz.sh, spamlogz.sh and iplookup.py. These scripts will help to service an enduser of endwall in adminstering endsets/endlists.

iplookup.py is a geoiplookup script written in python and requires python and pygeoip. It has simmilar functionality to maxmind's geoiplookup program and uses the maxmind *.dat files.

spamlogz.sh is a script that searches through log files to find flagged log entries flagged in endwall.sh, endsets.sh and endlists.sh.

alogz.sh is a daily log reading script designed to read the output of an apache http server's log output.

mlogz.sh is a daily log reading script designed to read the output of a postfix smtp server's log output.

Message too long. Click here to view full text.

Edited last time by Endwall on 02/25/2019 (Mon) 00:18.
282 posts omitted.


Endwall 08/03/2022 (Wed) 06:34 [Preview] No.1793 del
I just ported endstream to macOS using a MacMini 2014 model with MacOS 12.5 Monterey. Using the Homebrew package manager you can install youtube-dl, curl, openssl, and mpv, and then the program will run. I've tested this port as working, and have placed it onto the github repository and onto the hidden service.

endstream_macOS.sh

Github
https://raw.githubusercontent.com/endwall2/endstream/master/endstream_macOS.sh
Endware Hidden Service
http://nguipxnkrp3qrzrlduhsatpcpwehnblzmlkc5ifiumxq4z5jlh4lwvid.onion/endware_macOS/endstream_macOS.sh

Now endstream is tested working on the following operating systems : { GNU/Linux, OpenBSD, Windows NT, MacOS }. I'm planning on going back and making winstream.bat into a powershell script so that it is fully compatible and can access all of the streams. Right now winstream.bat just uses fixed links and m3u8 playlists and can't access the Youtube live streams or other dynamic playlists. I'll have to learn more about Powershell first which might take a month or two. Its a side project.

My next task with endstream is to fix up the channels on the OpenBSD port and test it, I'll work on that in around two weeks when I have some free time.

Summary: I made a cross platform killer app, and gave it away for free on the internet...
Edited last time by Endwall on 09/18/2022 (Sun) 03:51.


Endwall 08/27/2022 (Sat) 13:03 [Preview] No.1807 del
>>1784

I have completed and tested as working, a translation of endwall_wifi for PF. Tested working on a Toshiba Tecra with OpenBSD 7.1. I have also bug fixed the previous versions of the pf model, and added some new models for different use cases. The pf_wifi model is for locking to your internal LAN wifi. The pf_wifi_roam model is for allowing the wifi to connect to any network without re-running the firewall. The pf_roam model allows all interfaces to connect to any private LAN network for ethernet or wifi, basically you can plug in to anywhere or connect to any public wifi without re-running the firewall.

Obviously the more restricted the better,however these models might be useful for some applications, like using wifi at coffee shops etc. I have also made a roam version for nft which allows for the laptop to plug in anywhere. These are all available in the usual places:

endwall_nft_wifi.sh (wired ethernet is static but wifi is roaming)
https://raw.githubusercontent.com/endwall2/endwall/master/endwall_nft_wifi.sh
http://nguipxnkrp3qrzrlduhsatpcpwehnblzmlkc5ifiumxq4z5jlh4lwvid.onion/endware/endwall_nft_wifi.sh
endwall_nft_roam.sh (all interfaces allow connecting to any network)
http://nguipxnkrp3qrzrlduhsatpcpwehnblzmlkc5ifiumxq4z5jlh4lwvid.onion/endware/endwall_nft_roam.sh
https://raw.githubusercontent.com/endwall2/endwall/master/endwall_nft_roam.sh
endwall_pf.sh for wired ethernet (internal lan static connection)
https://raw.githubusercontent.com/endwall2/endware_bsd/master/endwall_pf.sh
http://nguipxnkrp3qrzrlduhsatpcpwehnblzmlkc5ifiumxq4z5jlh4lwvid.onion/endware_bsd/endwall_pf.sh
endwall_pf_wifi.sh (1 wired and 1 wireless interface both static) (internal LAN static connection)
https://raw.githubusercontent.com/endwall2/endware_bsd/master/endwall_pf_wifi.sh

Message too long. Click here to view full text.



Endwall 08/27/2022 (Sat) 13:23 [Preview] No.1808 del
I have to make a nft model for static wireless + static wired connections for nft_wifi, and then rename the current nft_wifi model to nft_wifi_roam.

The use cases are as follows:

1) Wired only desktop computer connection with 1 interface for wired ethernet in your home connected to your LAN, which supplies DHCP with a static ipv4 address. -> (endwall.sh, endwall_nft.sh endwall_pf.sh)

2) You have a wired LAN router and a wireless LAN router both supplying static ipv4 DHCP addresses to your internal network. -> (endwall_wifi.sh, endwall_nft_wifi.sh, endwall_pf_wifi.sh).

3) You have a Laptop you use in your internal network, wired, and or wireless, but you sometimes take it with you to school, or to a coffee shop and require the wireless connection to allow roaming connections to randomly assigned DHCP addresses. Also useful for investigating the networks of neighborhood wifi networks in your vicinity . -> (endwall_nft_wifi_roam.sh, endwall_pf_wifi_roam.sh)

4) You have a laptop and you want to plug it in to ethernet anywhere you can get a DHCP address (school, the library, your friend's house), and also use wifi on any wireless network (school, library, coffee shop, friend's house) and both get a randomly assigned DHCP ipv4 address, without re-running the firewall. -> (endwall_nft_roam.sh, endwall_pf_roam.sh).

The security decreases as you go from 1)->2)->3)->4). Best practice is 1) no wifi, only wired connections on desktop computers, no wireless interfaces, and connections in your own LAN network using static ip assignment from the router with mac address binding. Next best is 2) only use your own wifi, in you internal network as well as wired on your own LAN with static IP. 3) You have static ethernet and WIFI LAN at home, but sometimes you bring the laptop to school and need to connect to a randomly assigned ipv4 address on their WIFI without re-running the firewall rules, or you are at home and want to connect to or investigate local neighborhood wifi networks without re-running the firewall. 4) You want to be able to plug in to any ethernet jack anywhere (school,library, friend's house), and use any coffee shop WIFI but only for allowed/selected ports.

I'll work on creating the nft_wifi_roam and nft_wifi models sometime next week. School is starting in 2 weeks, so I have to wrap these projects up before the session starts. I'll be too busy to do anything consistent once the semester starts up, other than some maintenance and bug fixes as I find them. I'll do what I can, on Fridays and Saturdays during school, but I'm going to be busy with school assignments and studying.

Let me know if these are working for you. Post bug reports, comments or requests below. Thanks.


Endwall 01/05/2023 (Thu) 20:37 [Preview] No.1825 del
I can report that endstream.sh launches and plays with no GUI in GNU/Linux. Tested in tmux in the shell with no desktop or GUI, on Debian 11. I wasn't aware that this was possible until recently. Sound and full motion video work. Good news for people who don't use desktops, xorg or wayland or any GUI. mpv can play videos in the command line with no GUI, interesting development.

I did some updates to endstream_bsd.sh, endstream.sh and winstream.bat, including adding some streams from cozy.tv. Available in the usual places:

https://www.github.com/endwall2/endstream
http://nguipxnkrp3qrzrlduhsatpcpwehnblzmlkc5ifiumxq4z5jlh4lwvid.onion/


Endwall 01/06/2023 (Fri) 05:54 [Preview] No.1826 del
>>1825
I just tested endstream_bsd.sh in the shell on OpenBSD 7.1 (no GUI no Xenocara). And it also works. It goes to full screen, with full motion video and sound working on a Toshiba Tecra Laptop. You can use mpv from text mode in OpenBSD 7.1.



Endwall 07/06/2019 (Sat) 04:37 [Preview] No. 1433 [Reply] [Last 50 Posts]
DISCUSSION THREAD II
Want to say something off topic about anything?

Have a hot tip about something in the computer security world that doesn't fit into any current thread or category?

Want to chat with your fellow invisible 7 proxy friends?

Want to tell Lt. Gen Michael Hayden, Lt. Gen James Clapper,GEN Keith Alexander, ADM Michael Rogers, GEN Paul Nakasone, GOOGLE, AMAZON, FACEBOOK, Microsoft, Apple, etc. how you feel?

It's open mic at >>>/os/ , anything goes!!

Put all of your banter here:
Edited last time by Endwall on 10/26/2019 (Sat) 02:50.
45 posts and 4 images omitted.


Anonymous 09/04/2022 (Sun) 00:31 [Preview] No.1812 del
Anonymous 08/31/2022 (Wed) 09:25 No.1809

The pci_disable_device function is defined in the source file of the kernel pci module. Let the pci_disable_device function be a working parameter of the kernel pci module...


Antivirus and security software should use a second video card modulated for them. Anonymous 09/04/2022 (Sun) 00:32 [Preview] No.1813 del
Anonymous 09/02/2022 (Fri) 14:38 [Preview] No. 1810

Antivirus and security software should use a second video card modulated for them.

If security software uses a second video card that is modular for them, it does not overwhelm the existing system.

This makes the computer run faster.


Anonymous 12/18/2022 (Sun) 05:44 [Preview] No.1823 del
Edward Snowden about our legal case against mass surveillance
https://media.privacyinternational.org/w/ie2gnw6BRos7nANn4fDPn4


Endwall 01/23/2023 (Mon) 04:47 [Preview] No.1828 del
A strange thing happened last week. My router got bricked, for no apparent reason while I was at school. I replaced it when I came home, and after 5 hours of work I had the core of my network back up and running. It might have been an electrical failure, but I don't know... If it was a cyber-attack, it was professional.

Anyhow after that happened, I restored all of my services, however I can't seem to restart my tor hidden services anymore from my server. Tor works but the hidden services won't start. I have to comment them out in the torrc file to get tor to start. Anyways, they're down until I have some more free time to troubleshoot what the issue is. I'm backlogged with school work and assignments, so it might be down for a while. All very strange...I'll take another look next weekend and see if its fixable.


Endwall 01/29/2023 (Sun) 04:59 [Preview] No.1829 del
>>1828
The hidden service is back up. I'm now using the stock tor daemon from the package manager to run it. I needed to change some directory permissions to get it running. I have to build a new modded version of tor from the latest source code, but it will have to wait until I have some free time.



Internet Security General Anonymous 04/16/2016 (Sat) 07:56 [Preview] No. 4 [Reply] [Last 50 Posts]
Continuing from >>>/tech/597
https://archive.is/INR3l
This is for non specific, general tips for anonymous web browsing and downloads, tips on browsers and browser configurations for the security concious that you don't want to make a new thread for.
94 posts and 4 images omitted.


Endwall 12/31/2018 (Mon) 02:26:09 [Preview] No.1360 del
>>1357

You can also set up proxying to 127.0.0.1:9050 in Hexchat. This works when connecting to the .onion addresses.

Settings->Preferences->Network-> Network Setup

Fill in the socks5 proxy information. Then Add the new server in the connection tab using the .onion address and port number. Works.


Anonymous 02/17/2019 (Sun) 03:15:44 [Preview] No.1369 del
Unless there is a discount for buying a vpn with bitcoin. It is not necessarily an anonymous transaction because you theoretically connect to your raw ip with the bitcoin purchased vpn.


Anonymous 07/29/2022 (Fri) 10:40:37 [Preview] No.1792 del
What is the search engine that should we use?


Anonymous 12/22/2022 (Thu) 09:20 [Preview] No.1824 del
>>1792
Use Tor browser for whatever you choose. Some use Searx onion, some use DuckDuckGo onion. I use bookmarks.


Anonymous 03/18/2023 (Sat) 13:12 [Preview] No.1832 del
I use https://iptotal.io/ to find free socks proxies



VPN/proxy/TOR general thread Anonymous 04/15/2016 (Fri) 22:12 [Preview] No. 2 [Reply] [Last 50 Posts]
Cool board idea.

What's the safest possible way to browse the internet anonymously and safely? There's a thread on /tech/ with the endwall developer talking about proxychains, and that seems pretty cool. Some of the links to proxy lists seem dead, and I have found some online but why should I trust these random 'free' proxies?

What about proxychains over VPN? I'm currently using Mullvad which is alright, and I'm curious about more security if need be. Does a VPN -> proxychain -> TOR connection work? Sounds horribly slow in theory, but I think we all know that privacy comes at a cost in our current world.

I suppose I could call this a 'VPN/proxy/TOR general thread.'
85 posts and 5 images omitted.


Endwall 06/28/2020 (Sun) 06:06:55 [Preview] No.1546 del
The ultimate step is to build an 8-bit computer with a soldering iron (RC2014), launch a browser in a community audited version of CP/M, connect by socks 5 proxy to a unix computer running tor with 12-15 hops, and use a text browser for the web and and irc client in text mode. Proxy out to Tor or I2P or whatever the next super duper anonymity router is. In the mean time do this with DOS. This won't be a solution for the everyman or for the newbie, but it will be a solution for the serious thinking man.


Endwall 06/28/2020 (Sun) 06:16:36 [Preview] No.1547 del
>>1541
Anything you can do to isolate the tor daemon from the system or its running processes will help. I'm running it as a user with a custom torrc. If you can first run firejail or bubble wrap, or chroot it and get the tor daemon to still function it might help. I consider the linux/unix environment potentially hostile to the user and a potential source of packet inspection. Basically linux can be used to keylog the users and destroy the anonimity factor in real time or in post analysis. If there is key logging with an output beacon on your machine, you don't have privacy, and Tor Browser isn't going to help you with anonymity. If there is malware that can mess with the tor daemon as it's running, then it might be wise to try to isolate the process, so yeah probably a good idea. I'll try running it with firejail it probably won't work. If you get a setup like that and find it beneficial, please post the steps and instructions here. Thanks.


Anonymous 12/15/2020 (Tue) 07:36:25 [Preview] No.1588 del
I am big fan of Minecraft and like to watch different minecraft video on Youtube.But for watching I use https://veepn.com/vpn-apps/vpn-for-firefox/ because I can not log itnto my youtube channels.


Anonymous 01/13/2023 (Fri) 21:58 [Preview] No.1827 del
>>151
personally followed Woflsgang's latest tutorial (with the script)
worked pretty well on my VPS



shadowbrokers iarb 09/08/2016 (Thu) 04:00 [Preview] No. 562 [Reply] [Last 50 Posts]
what do they have?
1 post and 1 image omitted.


iarb 09/08/2016 (Thu) 04:04:25 [Preview] No. 564 del
the shadow brokers released the EquationGroup tools from the NSA a while ago


iarb 09/08/2016 (Thu) 04:05:02 [Preview] No. 565 del
sorry by the way never used a thread like this before


iarb 09/08/2016 (Thu) 04:07 [Preview] No.566 del
Edited last time by Endwall on 12/30/2022 (Fri) 04:24.


Endwall 09/11/2016 (Sun) 19:43:38 [Preview] No. 575 del
>>566
My computer hung when I clicked on that link. Could have been a coincidence but tread carefully.


Anonymous 11/28/2022 (Mon) 03:38 [Preview] No.1816 del
>>575

>HTTP

not a Cohencidence



Windows Security Thread Endwall 02/24/2018 (Sat) 02:29 [Preview] No. 1147 [Reply] [Last 50 Posts]
WINDOWS NT Security Thread

It turns out that MS Windows NT has an 80% market share in the Desktop Operating Systems Market (whatever that is...) So in all likelihood, if you work a job anywhere, you will be forced to sit down and work on one of these machines running this well known gem of an operating system. You probably won't have administrator rights, but that's OK, we'll make do.

In reality there is no Windows security but in this thread we will try to make life a little bit better even if it is just for a placebo effect. Also Windows hackers come and show us how you hack us up real good, and help our poor unprivileged users gain administrator rights without a password, so that they can install Mahjong. Windows Advanced Firewall, Registry Editing, Browsers, etc. Post all the tips and tricks to make Windows NT better than ever.
5 posts and 1 image omitted.


Endwall 05/08/2020 (Fri) 22:28:39 [Preview] No.1532 del
Windows Defender Firewall

Go to the search tab and type firewall. Select windows defender firewall. Click on advanced settings. Block all incoming and outgoing traffic by default. Then wipe out all of the policies or click disable, better to click delete and remove them. Then add the policies that you need. Lock them down by application if need be. Play around with the detailed rules and use filters for programs, ports and ip addresses to get the desired effects for your network applications to work. Adding new programs magically changes your firewall settings, but go back and fix them after each new application install. Wipe out and delete all inbound rules. If you need to let inbound come in, then you should know enough about the application to configure it.
Block everything and only let out/in what you need to go out/in, specific programs, ports and ip addresses.


Endwall 05/08/2020 (Fri) 22:55:56 [Preview] No.1533 del
Windows Subsystem for Linux

Installation guide:

https://docs.microsoft.com/en-us/windows/wsl/install-win10

I installed Debian, seems to work well for some applications. I'll import endware and test some fo the tools out. If you install debian you can install a windowing server Xming or CygwinX

http://www.straightrunning.com/XmingNotes/

https://sourceforge.net/projects/xming/

Then you can install programs that work in Xorg server and call them from the command line and they'll pop up in windows on the desktop.

Bear in mind all of this is for convenience while you work on Windows, you can also access Linux tools in the shell and some GUI programs as well. Alternatively try Cygwin and CygwinX:

https://www.cygwin.com/

Message too long. Click here to view full text.



Anonymous 05/09/2022 (Mon) 15:51:00 [Preview] No.1774 del
>>1147
I know Google has been hacking and censoring my sons emails. They do not get forgiven for that. William Gates & his entire staff and bloodline are banned from Heaven.

Regards,

YHVH


Endwall 09/04/2022 (Sun) 00:41 [Preview] No.1814 del
Local Security Policy

There are firewall settings that don't change when new programs modify windows advanced firewall. These rules sit beneath and supersede the main windows advanced firewall rules.

Type here to search-> "Local Security Policy" -> Click Local Security Policy.

There is a folder Windows Defender Firewall, with the same layout. Put your rules in here and they won't change, and they override the other rules.

I have also found out that these rules can be scripted by the command netsh, so I might make something later on.


Endwall 09/04/2022 (Sun) 00:45 [Preview] No.1815 del
>>1814
General Policy and Inbound rules: