In Windows, firewall rules can be easily cumulated over time. Every time a new application is launched, the user will be prompted to create a new firewall rule for the app. However, when applications get uninstalled, most of them would not remove the firewall rule it has created.<\/p>\n\n\n\n
Once there are more than just a few unused firewall rules, the system becomes less secure due to the exposed protocols and ports. A mocked application at the exact same file path can easily take advantage of existing firewall rules created and make the system vulnerable.<\/p>\n\n\n\n
Unused firewall rules can be cleaned up with just 3 lines of PowerShell commands, under elevated command prompt:<\/p>\n\n\n\n
$unusedFilters = Get-NetFirewallApplicationFilter | Where-Object {$_.Program -notin (\"Any\", \"System\")} | Where-Object {-not (Test-Path ([System.Environment]::ExpandEnvironmentVariables($_.Program)))}\n\n$unusedRules = Get-NetFirewallRule | Where-Object {$_.Name -in $unusedFilters.InstanceId}\n\n$unusedRules | Remove-NetFirewallRule -Verbose<\/code><\/pre>\n\n\n\n![\"\"](\"https:\/\/i0.wp.com\/wangxiaohu.com\/blog\/wp-content\/uploads\/2021\/10\/image.png?ssl=1\")
<\/a>