Is there a list of items to be allowed through Windows Firewall?

Have done some research on this.  I admit to being quite unsure what all the variables listed are.

Also, when a firewall variable is listed it has two options:  Private and Public. 

I was under the impression that those two options were similar to having access through wifi -- if the option for Public was checked, the variable would be that much more secure.  If private, there would be less security.

I was on my laptop,and, well, the screen changed.  I hadn't asked it to do that.  I noticed an "rdp" buried in my docs files.  When I looked at the variables I noticed that DIAL Protocol Server had been checked, both public and private.

** Website A said that this was for the laptop to access via phone dial up.

** Website B said that DiAL allowed for the laptop to operate on two screens.  I don't know whether this is supposed to mean two desktops , or two SEPARATE devices.  I once wanted to try to access our tv.  Didn't really work.  Now I am content to let the two be two separate entities.

** Website C said that this was part of a crucial piece of security.

I also unchecked Microsoft Edge Webview runtime as some antivirus scans found some bad characters coming in from there.

I did check Secure Socket Tunneling Protocol.

But I wonder about the rest of the options, e.g. proximity sharing.  With whom am I sharing?

What are the best rules to follow for the maximum security for the system?

Thanks.

Ulp!  I left a few VERY important details out.  I'm on Windows 10, 64.

  I am looking at windows security/firewall and internet security/bottom half, allow an app through firewall/

I hope this clears up any confusion.

Sorry.

S.

The best solution is to ignore windows Private, public nonsense just pick a name and secure it against all unwanted communications. An example is you use public and make all Firewall communications use public so that you don't get confused as to which profile does what, also you can never assume that just because you are at a specfic network that it is secure even at home. It can never hurt tohave your workstation secured to hte Max for any location it is situated.

As for what to allow in or out most firewalls will block all unwantd communications into your workstation by default it is what your computer speaks to out ecists your computer that can cause problems. As an example if you have app X and it speaks to bad actor it will come in through your firewall because the app X on your workstation requestd communications with bad actor outside your computer. This means filtering outgoing communications to restrict further what you need basd on your applications needs.

Website A: https://answers.microsoft.com/en-us/windows/forum/all/windows-dial-protocol-spam/d7bc6634-5ba0-409e-b846-70b806cf142d

website B: https://www.google.com/search?q=Is%20dial%20protocol%20server%20safe%20if%20you%20are%20only%20using%20one%20screen

Website C: https://www.google.com/search?q=dial%20protocol%20server

Whatever DIAL is set for, it seems as if the program thinks that I am using two screens.  I'm not.  Unless one includes that I'm not using the main screen on this laptop. 

So, WHY would the system think I need capability of two screens?  Personally, I would like to keep the bi-screen bit inactive, unless I absolutely need that second screen.

So, I'm trying to figure which setting is more secure -- for inTERnet vs. inTRAnet. 

Does Ethernet/wifi play a role in here?

Compis -- thanks so much for reply, but the main gist, which functions should I allow through firewall.

I mean, is there some master list somewhere that indicates which programs are safe and mandatory to be allowed through firewall, and which ones, if you see them, say "Okay, need to close that back door'?

Thanks!

S.

And, that's on that list. 

But, e.g. what is THIS?  78E1CD88-49E3-476E-B926-580E596AD309

Aaaand, "Connected devices platform"

"Wireless Display"

Argha!

Go not to the wizards because they will say both no and yes?  Isn't that Tolkien?

"Don't pay any attention to the man behind the curtain" -- Mr. Ozzie.

As for  list of devices standard you could find some lists but there is no real standard becuse it depends on your application need both outgoing as well as inocming. I can tell you as for the 78E1CD88-49E3-476E-B926-580E596AD309 If you are looking at the advance firewall setting all can be removed as windows assumes a lot of protocols that you do not need.

If your worried you can save the Firewall setting then try deleting all incoming devices you will see that your workstation will work unless you have a specific device you allow through your firewall to directly access you computer.

If I name my router, will I become compromised? 

Thanks, Compis.  I guess Microsoft is going for the best possible arrangement of portholes in the firewall.    Compis, I'll try that -- deleting all incoming devices.  The hackers are just getting so much better.  When I think I have the thing locked down, suddenly a back door comes out of nowhere..

I've checked the various options online.  But, either I'm looking in the wrong place, or to my knowledge Windows doesn't have a list with descriptions on incoming vs. outgoing traffic. (w/c.)

Just curious if this gets better in 11. 

I think the reason you are having trouble is that Microsoft can modify the firewall.  I have enclosed the screen capture of the advance section. Everything in the inbound rules can be removed and your computer will function. So what are those items ? Those are all items that can remote connect to your computer.

Another test you could try is try blocking Microsoft from providing a update to your computer. If you have total control of all traffic through the firewall this should be accomplished through the firewall.

Thanks so much, everyone!  I wish there was a "like" button underneath all of these posts, so that I could express gratitude and appreciation properly!

I think my main issue is that I just don't know which listing does what.  In a previous post on this thread I had indicated a long string, well, I think it has something to do with the vpn that I'm using.

It's like all of the washing machines that are on the market.  You don't want to get an overpriced lemon, you want to get a machine that does what it is supposed to do -- wash the clothes PROPERLY. 

In this case, I'm getting a machine that has all these bells and whistles, but how well does it wash the clothes?

Compis -- HOW did you get to that screen?  That just might be the answer that I'm looking for -- (don't bring up droids, please ;)  )!

I now see another app -- "Microsoft WindowsAlarms"

There are two netlogon.dlls

3D viewer

Cast to Device functionality

connected devices platform

For some reason Firefox is unchecked, but I'm obviously using it...?

Sorry for my novice-style questions, but I just want to stay as safe and as uncorrupted as possible.

Shemp: sees a ghostlike figure in a hallway.

Shemp: Oh, Look! That must be George Washington!  He slept everywhere.

the ghostlike figure goes around the corner.

Shemp, turns, doesn't see him, spazzes out:

Shemp: Moe!  Moe!  Washington is gone!

Moe: So are you!