I opened Port 4444 through windows 7 firewall to allow all traffic from all IPs and protocols, including allowing edge traversal. On that machine, a netcat listener is set up to listen on port 4444. I then use a remote linux client to attempt to connect with netcat to that netcat listener on port 4444 and the attempt times out. These same steps result in a successful connection on ports that I didn't explicitly allow through the firewall (4443, 251, etc..). I checked to make sure some other app wasn't confounding activity on the port
netstat -an | find "4444"
And nothing is listening there. I run:
nc -nlvp 4444 -e cmd.exe
netstat -an | find "4444"
Then I see something is listening on the port. But
nc -nv win7pc 4444
times out.
-NMAP scan shows the port is filtered.
-If I disable windows firewall it shows the port is opened.
-If I disable Windows firewall the connection is allowed.
-Issue is the same with nc, ncat, and netcat
-Client is a VMware box running linux
-Host is a Win 7 machine I've connected to with RDP on the VMware box.
What's happening here?
Best Answer
The reason this was happening in my situation is there was another user defined Windows 7 Firewall Inbound Rule, several entries above the rule I set to allow traffic on port X, which was explicitly blocking traffic on port X.
The blocking rule rule evidently took precedent. Once I disabled it, port X worked as normal.