Reaction score: 321
So, Windows has a special stack or bypass or packet handler that's used only for company related communication, since zero is normally non-valid (reserved for ephemeral port gen). I guess you can use raw sockets for making packets that use port zero. That seems like an obvious thing a company would do (for that kind of communication) after you read it. Out of sight - out of mind. Don't have a copy of Windows here, or else maybe I'd have a look. Interesting.By blocking TCP port 0 on Win10 it prevented it from doing something I didn't expect, I can't remember exactly what. It couldn't update itself or something with port 0 blocked. It's a rule I had always used before and I still block port 0 with my pf ruleset from my old Windows days
Read that some firewalls are configured to let port zero thru because the config tools assume there will be no port zero TCP traffic. Probably some monitors and net utils don't show TCP port0 either. Apparently pf blocks zero, but now it seems like a thing to verify.