Win10. I installed SimpleWall, which disables Windows
firewall, and I disabled all of the
settings for security notifications, yet I still get a popup every
few minutes telling me to enable Windows firewall. Are
there options somewere to disable these notifications,
or disable all notifications? I did disable the notifications
icon on the taskbar, but that also has no effect.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 11/02/2024 18:44, Newyana2 wrote:

Win10. I installed SimpleWall, which disables Windows
firewall, and I disabled all of the
settings for security notifications, yet I still get a popup every
few minutes telling me to enable Windows firewall. Are
there options somewere to disable these notifications,
or disable all notifications? I did disable the notifications
icon on the taskbar, but that also has no effect.

SimpleWall is not FireWall nor antiVirus tool. You need proper
Anti-virus such as McAfee, AVG, Avast or Norton to disable Microsoft's
free tool. Most people will say Microsoft's provided free version is
quite suitable for home users but we are all different in opinions.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Newyana2 <Newyana2@invalid.nospam> wrote:

Win10. I installed SimpleWall, which disables Windows firewall, and I disabled all of the settings for security notifications, yet I still
get a popup every few minutes telling me to enable Windows firewall.
Are there options somewere to disable these notifications, or disable
all notifications? I did disable the notifications icon on the
taskbar, but that also has no effect.

https://github.com/henrypp/simplewall
"Simple tool to configure Windows Filtering Platform (WFP) which can
configure network activity on your computer."

It isn't a *fire*wall. It augments the Windows Firewall. The link in
the above description points to:

https://learn.microsoft.com/en-us/windows/win32/fwp/windows-filtering-platform-start-page
"Windows Filtering Platform is a development platform and not a firewall itself. The firewall application that is built into Windows Vista,
Windows Server 2008, and later operating systems Windows Firewall with
Advanced Security (WFAS) is implemented using WFP."

https://github.com/henrypp/simplewall/blob/master/README.md
"Keep in mind, simplewall is not a control UI over Windows Firewall, and
does not interact in any level with Windows Firewall. It works over
Windows Filtering Platform (WFP) which is a set of internal API and
system services that provide a platform for creating network filtering applications."

So, it augments the Windows Firewall with yet another set of rules you
can define. You end up adding to the rules already defined in Windows Firewall. I don't know SimpleWall to know how its rules would be better
or different from those you can define in Windows Firewall.

https://www.thewindowsclub.com/simplewall-block-applications-from-using-internet

This looks like yet another attempt to make Windows Firewall more
interactive when detecting processes want to make network connections.
There are similar tools, like changing Windows Firewall to default to
denying all connections, and adding a popup to let you decide to allow,
block, and if permanent (create a rule) or temporary. Those tools alter Windows Firewall. Some give you more advanced settings to configure
Windows Defender. SimpleWall is a WFP application that adds /more/
rules to Windows Firewall.

https://tailscale.com/blog/windows-firewall
At the core of Windows firewalling is the Windows Filtering Platform
(WFP). The WFP is a combination of in-kernel and userspace facilities
to program and enforce packet filtering rules efficiently.

Most Windows users never interact with WFP directly. If youÿve seen a
firewall-related pop-up in the past, youÿve interacted with the
unfortunately named ´Windows Defender Firewall with Advanced
Security.¡

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

"VanguardLH" <V@nguard.LH> wrote

| https://github.com/henrypp/simplewall
| "Simple tool to configure Windows Filtering Platform (WFP) which can
| configure network activity on your computer."
|
| It isn't a *fire*wall. It augments the Windows Firewall.

No. It shuts off the Windows firewall and acts in its stead,
using the WFP API. And it seems to do a beautiful job. But
that's not the problem.

| Most Windows users never interact with WFP directly. If youÿve seen a
| firewall-related pop-up in the past, youÿve interacted with the
| unfortunately named ´Windows Defender Firewall with Advanced
| Security.

Yes. So my question is how to shut off those popups when
the options to shut them off don't do it? I'm wondering if there's
some kind of service, setting, or scheduled task that's controlling
these random popups.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

"Kelce" <invalid@invalid.net> wrote

| >
| SimpleWall is not FireWall

Yes it is. And that's not what I'm asking about. Nor did
I ask for opinions about AV. I'm asking how to stop warning
popups after having already turned off notifications.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

I think I finally found this. Despite specifically turing off
security notifications is settings, I was still getting regular
popups. So far this seems to have fixed it:

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender Security Center\Notifications

32-bit DWord Set to 1
The last two keys must be created.

I also came across a setting to disable USB nags despite
disabling autorun:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shell\USB.
Set NotifyOnUsbErrors to 0.

The key required taking ownership in order to change
the setting. Though it still doesn't seem to stop all warnings.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

| HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender Security
| Center\Notifications
|
| 32-bit DWord Set to 1
| The last two keys must be created.
|

Woops. I left out the setting name there:

Windows Defender Security Center and Notifications are both keys
that must be created. The setting name is "DisableNotifications"
Type is dword. Value is 1. To re-enable notifications, delete the
setting or set to 0.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Newyana2 <Newyana2@invalid.nospam> wrote:

"VanguardLH" <V@nguard.LH> wrote

| https://github.com/henrypp/simplewall
| "Simple tool to configure Windows Filtering Platform (WFP) which can
| configure network activity on your computer."
|
| It isn't a *fire*wall. It augments the Windows Firewall.

No. It shuts off the Windows firewall and acts in its stead,
using the WFP API. And it seems to do a beautiful job. But
that's not the problem.

| Most Windows users never interact with WFP directly. If youÿve seen a
| firewall-related pop-up in the past, youÿve interacted with the
| unfortunately named ´Windows Defender Firewall with Advanced
| Security.

Yes. So my question is how to shut off those popups when
the options to shut them off don't do it? I'm wondering if there's
some kind of service, setting, or scheduled task that's controlling
these random popups.

Have you already tried:

- Start menu: enter "security", and select "Windows Security".
- Click "Firewall & network protection".
- Click on "Domain network". Disable.
- Click on "Private network". Disable.
- Click on "Public network". Disable.

Those are different profiles you see when you run WF.msc. All those
disables might be the same; that is, disabling one results in all
disabled. Reboot after disabling.

In the systray at its right side is a square bubble icon. That brings
up the Notifications pane. Then click on "Manage notifications" at the
top right corner. In the Notifications and Actions wizard, scroll down
to "Security and Maintenance". Disable that notification source. To
see what notifications it handles, search on "security and maintenance"
in the Start menu and click on "Security and Maintenance" (or run
control.exe, and select "Security and Maintenance" to get the old dialog window. You can see what type of notifications are covered under the
Security category, and what are under the Maintenance category.

Instead of clicking on the disable slider in Notifications for "Security
and Maintenance", you can click on the notification category to get more detailed config settings. Don't click on the enable/disable slider, but
click on the highlighted category, like on the title text describing the notification category. For example, you could leave notification on,
but hide them as banners or in the action center or both.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

"VanguardLH" <V@nguard.LH> wrote

| Have you already tried:
|

Thanks. Yes, I tried it all. See my recent post. I think I solved it.
It required yet another secret decoder ring Registry setting.
Somehow I hadn't found it in my online searches before, but
trying various search terms it finally turned up. I figured there
had to be something that would work.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Newyana2 <Newyana2@invalid.nospam> wrote:

"VanguardLH" <V@nguard.LH> wrote

| Have you already tried:
|

Thanks. Yes, I tried it all. See my recent post. I think I solved it.
It required yet another secret decoder ring Registry setting.
Somehow I hadn't found it in my online searches before, but
trying various search terms it finally turned up. I figured there
had to be something that would work.

Ah, yes, I see the registry setting you mention. That is a policy
settings. Home editions of Windows don't come with the policy editor (gpedit.msc), so I didn't go there, because I also have the Home
edition. You need the Pro or Enterprise edition to get the policy
editor; however, all policies are registry settings, so you can effect
most policy settings by registry edits. However, there are some you
can't do using regedit, like SRPs (Software Restriction Policies) to
restrict which apps are allowed to run or get blocked, and UserChoice
entries on protected filetype associations. Those use a hash created by
the OS to protect those registry entries from malicious alteration: if
the hash isn't valid, the registry key gets deleted, and the default put
in its place. Programs, including malware, can no longer make direct
edits on protected registry entries. For programs that used to edit the registry to make themself the default, instead the user must use the GUI
wizard afforded in the OS to select filetype handlers, or use the policy
editor to protected policies in the registry.

Many policies, however, are not protected. They are just registry edits although you might have to create a key or data item (the default gets
used in their absence, so you need to create them to define different behavior). Microsoft has an Excel spreadsheet showing the policies, and
where they are in the registry. However, there are templates you can
add to the policies, and I suspect the spreadsheet just lists the inate policies in Windows, and not any template policies you add.

https://www.microsoft.com/en-us/download/details.aspx?id=101451

That's why many articles telling you how to create or edit policies will
also give you the registry settings to effect the same policies.

Note: The registry setting you mentioned is under HKEY_LOCAL_MACHINE, so
it applies to all Windows accounts, not just for yours.

In the spreadsheet, I found:

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender Security Center\Notifications!DisableNotifications

at row 4099. The description there is:

Hide notifications from Windows Security.
Enabled: Local users will not see notifications from Windows Security. Disabled: Local users can see notifications from Windows Security.
Not configured: Same as Disabled.

So you have to enable the hide option, which means you have to configure
the policy since the default is to disable the hide. In the
requirements cell, it notes:

At least Windows Server 2016, Windows 10 Version 1709

So, at some point before then, it was probably more of an option than a
policy. I recall you used to bring up the notification panel, or maybe
a security systray icon, and you could configure there to disable
notifications for various security components.

There is still a "Windows Security" systray icon, and right-clicking it
to select "View notification options" brings up yet another wizard
dialog, but looks to overlap other dialogs I already mentioned. That
also has "Firewall & network protection notifications" that I found
elsewhere along with the same checkboxes about domain, private, and
public zones to enable/disable for the firewall, or enable/disable the
entire Microsoft Defender Firewall (aka Windows Firewall). I'd check
there after your registry hack, and a Windows reboot to effect it, to
see if the firewall is disable in this GUI wizard.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)