3

Is there any way to instruct windows firewall to send Reset packets for a blocked TCP connection instead of dropping the packet?

Improve this question
2
  • 1
    Why would you want to do that?
    – DavidPostill
    Commented Sep 1, 2022 at 18:42
  • 1
    So anyone who tries to connect doesn't wait for the connection to time out after 30 seconds. The polite way to block a connection is to sent reset packets.
    – dcom-launch
    Commented Sep 1, 2022 at 18:59

1 Answer 1

Reset to default
3

You are trying to Disable stealth mode in Windows, described as:

Windows Server or Windows client computers do not send Transmission Control Protocol (TCP) reset (RST) messages or Internet Control Message Protocol (ICMP) unreachable packets across a port that does not have a listening application. Several applications rely on the behavior that is described in RFC 793, "Reset Generation," Page 35f. These applications require the TCP RST packet or ICMP unreachable packet as a response if they knock on a port that has no listener. If they don't receive this response, the applications might not be able to run correctly on Windows. Typically, the effect of this dependency is that stealth mode may cause a 20-second delay for regular TCP applications to reconnect if the remote peer loses the connection state and that notification packet doesn't reach the client.

This used to be possible and might still work. Here is how:

  • Run regedit

  • Position to the key
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Defaults\FirewallPolicy

  • Under this key you may find the following sub-keys for each domain:

    • DomainProfile
    • PrivateProfile
    • PublicProfile
    • StandardProfile

  • To disable stealth in a domain, create in it a REG_DWORD item named DisableStealthMode

  • The value of the item is 1 to disable stealth, or 0 to enable. The default is to enable.

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .