dns.. advfirewall firewall (I want to try security.)

Cloudflare
1.1.1.2
1.0.0.2
This is my default dns.
(connected normally)

netsh advfirewall firewall add rule name="allow security DNS" program=%SystemRoot%\system32\svchost.exe protocol=UDP dir=out remoteport=53 security=authenticate action=allow
This is my attempt.

I used the above command.
But I can't access the website.

What should I do?.
I would like to try increasing dns security.
But no matter which secure connection I choose... (security=?)
[ security = { authenticate | authenc | authdynenc ] https://learn.microsoft.com/en-us/pr...ectedfrom=MSDN
No connection.
what is the problem What should I do?

Please let me know if I need to install a certificate.

Microsoft Windows [Version 10.0.19045.1826]

Hello bud

I see your settings. You might need to add an additional TCP allocation to go along side the UDP, for handshake security.
Ones hardware, the other software.
Sometimes, just simply going into the Group Policy editor and Windows Defender Firewall with Advanced security can make your settings stick, and adding the permissions is easy. Plus inside there you'll find the IPsec security settings, where you can change the authentication modes. Standard authentication, Kerberos, NTLMv2, PAP or CHAP and root certification options.

A deeper look in to what youre trying to do might give me some more suggestions.

I'll be back

Because I am not an expert.
I want to follow the window setting part by looking at the image.
Are there any sites or blogs I can refer to?
thank you.
:)

And are there any such settings and commands to use?. Please let me know if there are any such things.

I am using this command for the first time.
The information you are guiding is too broad and difficult for me.
or the command line. Is there an easy-to-use scrim or something like that?
My goal is simply to get Cloudflare dns to my computer. This is to further strengthen security.
(Simply enhance your computer's security. There is no other purpose.)

I am not interested in notifications.
I just want to enhance security.
:) thank you.

reg add HKLM\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters /v EnableAutoDoh /t REG_DWORD /d 2 /f
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DNS\Parameters" /v "TcpReceivePacketSize" /t REG_DWORD /d 0xFF00 /f
This is the dns security enhancement I know.

Ahhh right ok, i gotchas now.

Well thats easy to setup.

Whats your Internet connection? LAN or Wireless ?

CloudFlare through my testing, i found it isnt very secure. The only ones i found secure were Norton, OpenDNS and CleanBrowsing.

Theres two easy ways to add these DNS addresses into Windows without complicated command prompts. The DNS's i use support both IPv4 and IPv6. Its a choice depending on what you use. I disable IPv6, so these options, i leave blank.

Right click your network type in the taskbar. 'Open Network and Internet settings'. Go to 'Change Adapters'. Once you see your network adapter, then right click it, and goto properties.

Next Window, look for the connection properties 'Internet Protocol Version 4 (TCP/IPv4)' and 'Internet Protocol Version 4 (TCP/IPv6)'. In here we can change the IPv4 primary and secondary dns addresses. This will bypass your ISP dns, whether its through a LAN or Wirelsss.

If you were to open the command prompt, and type 'ipconfig /all'. This will tell us what your default dns addresses are set to. Once we change them to your own addresses, they'll change in ipconfig and a good test to see if theyve been set.

This is how i set mine up

https://www.tenforums.com/attachment...urity-ipv4.jpg

Im using a static IP on my local. You can leave this blank if you want.

The DNS i use OpenDNS. Best free secure dns ive ever used. If the browser info tells me its either not secure, or its not private, i simply do not go to that site anymore.

thank you.
These are the commands I mostly use.

netsh interface ipv4 set dns "Ethernet" static 199.85.126.10
netsh interface ipv4 add dns "Ethernet" 199.85.127.10 index=2
(Norton ConnectSafe - Wikipedia)

echo powershell
Set-DNSClientServerAddress "Ethernet" -ServerAddresses ("199.85.126.10","199.85.127.10")

Disable-NetAdapter -Name "Ethernet" -Confirm‎:$false
Enable-NetAdapter -Name "Ethernet" -Confirm‎:$false

Disable-NetAdapterBinding -Name "Ethernet" -ComponentID ms_implat
Disable-NetAdapterBinding -Name "Ethernet" -ComponentID ms_lldp
Disable-NetAdapterBinding -Name "Ethernet" -ComponentID ms_lltdio
Disable-NetAdapterBinding -Name "Ethernet" -ComponentID ms_pacer
Disable-NetAdapterBinding -Name "Ethernet" -ComponentID ms_rspndr
Disable-NetAdapterBinding -Name "Ethernet" -ComponentID ms_server
Disable-NetAdapterBinding -Name "Ethernet" -ComponentID ms_tcpip6
Disable-NetAdapterBinding -Name "Ethernet" -ComponentID ms_msclient

netsh int ipv6 isatap set state disabled
netsh int teredo set state disabled

netsh interface ipv6 6to4 set state state=disabled undoonstop=disabled
reg add "HKLM\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters" /v DisabledComponents /t REG_DWORD /d 0xFFFFFFFF /f

Thats some good detailed syntax youve remembered there sir.

See how you get with the Norton. Im not sure if they prefer you to register or not. Ive used the Norton before and it just stopped working at random. I switched it back to OpenDNS and pages started to work again.

I rate OpenDNS a little better then the Norton one