I’m using some VPN and when connected to this VPN, I can see in my network places all the computers connected to it.
So I created a network zone containing the IP ranges of the VPN, and defined it as a blocked zone.
The problem is that I still can see all the other computers in the LAN.
I also tried to edit rules for “system” and “svchost” to block incoming connections from the LAN, and even outgoing connections, but it didn’t work.
How to solve this?
Thanks in advance,
I forgot to tell that I’m running windows7 (x64), and that might be a specific problem to this OS, because
I just installed the last CIS v5 RC on a windows XP system and I don’t get this issue.
So the question is : can the other users of the VPN see my PC in their LAN (I think the answer is no since incoming connections are blocked -I hope-)?
So I just read two or three threads about this issue. It seems that there is no way to block network discovery
just with CIS, right?
Now, can someone please confirm that I’m still stealthed to all the other PC’s on this LAN?
Again, I reply to myself.
It seems to be an ipv6 problem, so you have two choices in this situation :
-enable Windows firewall (at least for public networks).
-disable ipv6 support in your network card properties.
So I just read two or three threads about this issue. It seems that there is no way to block network discovery just with CIS, right?
Yes there is, as long as you specify the computers range to be blocked:
Blocking network discovery, as a whole, can be achieved without cis through disabling the relevant services:
dhcp, upnp, ssdp, rdp.
But, of course, you shall not be able to use a vpn if you don’t allow network discovery in your vpn ip range, assuming it is opened to any user of this vpn, and stating that, if not, it might be useless: dedicated remote control for the allowed ip would be enough, as typical in the case of a traveling user wanting to connect to his own computer.