I wanted to block all traffic, but from the device I remotely access the windows machine.
I opened Advanced settings in Windows Defender and after a lot of trial and error with new rules, realised that I that there are additional settings located somewhere else as shown in the picture:
I realised that my remote desktop connection didn't end when I turned on "Block(default)" setting. But it does break if you tick "Block All Connections" option.
I wonder, what traffic gets through firewall if "Block(default)" is enabled? Clearly it lets port 3389 alive.
1 Answer
Everything that's not matched by a rule. For RDP and such you usually have Firewall rules that are supplied by Microsoft unless you decide to disable them. Turning on RDP usually results in a message that tells you that those rules will be enabled.
