For a distributed production client / server WCF application (self-service as a Windows service with NetTcpBinding), I add logic to add a temptation to the Windows firewall during installation using the netsh command.
I noticed that remoting seems to work just fine, whether a firewall exception is for the program (executable) or port. In our case, the port will very rarely be something other than the default, and if so, then the user can manually change the configuration files and firewalls, respectively.
My question is: is it better to add an exception for the OR or OR or . Are there any security considerations that make one approach more desirable than another? Almost all WCF examples show port exceptions.
Any insight would be appreciated, thanks.
source
share