Visit firewall.dsinternals.com for more details on this project.
The whitepaper has been slightly improved based on community feedback:
- Added a warning on RPC dynamic range restrictions by @rafalfitt in #12
- Updated StigViewer links by @Harvester57 in #13
- Added info on Zero Trust DNS (ZTDNS).
- Added a note on CVE-2025-29969: MS-EVEN RPC Remote Code Execution Vulnerability.
The DCFWTool contains a new CustomRules.Semperis.ps1 script that showcases firewall rules for Semperis Active Directory Forest Recovery (ADFR) and Semperis Directory Services Protector (DSP) agents.
Contributors
Harvester57 and rafalfitt