XP SP2 Firewall - Page 2
Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 28

Thread: XP SP2 Firewall

  1. #11
    Member
    Join Date
    Feb 2004
    Posts
    49
    One difficulty with this is if you have laptop users, particularly if they have WLAN cards, then they may take their machines out to various other sites.

    There having the firewall disabled is much less of a good idea.

    Then they'll bring all sorts of nasties back in with them when they return. I wonder if there's a recipe which can make it turn off only when logged on to your nice safe lan?

    Slarty
    Fortunatly we don't have "take home" laptops (except for mine...but my firewall/router at home is configured quite well)

    I'm on it right now, thumbing through Tim hill's NT shell scripting book. I know some people that can make some very robust hardcore batch scripts. Since the firewall is a NT native .exe it shouldn't be that difficult. I'll be back with something.
    I'm really looking forward to your response...

  2. #12
    Banned
    Join Date
    Nov 2003
    Posts
    1,161

    Re: XP SP2 Firewall

    Originally posted here by unonthedl
    and yes you MUST have admin access to the local box which means I have to walk to every damn machine (yea I can use a script but someone still has to be there to login in to run it). Anyway...that is all...I'm done...

    PS Thanks for creating a place for me to vent...I feel better...suggestions are welcome...
    Suggestion, rather a question. Can't you just use netsh commands? -- remotely


    Before I attempt this bombastic script ........... I wanna try this one....

    Regulators......We regulate any stealing of his property and we damn good too.... But you
    can't be any geek off the street, gotta be handy with the keys if you know what I mean, earn your keep.

  3. #13
    Member
    Join Date
    Feb 2004
    Posts
    49
    Suggestion, rather a question. Can't you just use netsh commands? -- remotely
    I haven't tried this...but I don't think I can do anything remotely (outside of RDP - which is only active on our servers) with the firewall active.

  4. #14
    Banned
    Join Date
    Nov 2003
    Posts
    1,161
    Code:
    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall
    \DomainProfile \EnableFirewall=0 (DWORD data type)
    
    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall
    \StandardProfile \EnableFirewall=0 (DWORD data type)
    EDIT*********************

    I just read the whole post.


    Here is what you need I believe.

    Deploying Windows Firewall Settings Without Group Policy


  5. #15
    Banned
    Join Date
    May 2003
    Posts
    1,004
    I am not an admin, so I might be way off here... but it seems like configuring the laptop locally to have the firewall enabled and then to have it inhierit disabling the firewall for the local domain policy would work.

    The firewall is on when it is part of an untrusted network and off when in the office.

    cheers,

    catch

  6. #16
    Member
    Join Date
    Feb 2004
    Posts
    49
    Only local administrators can successfully execute scripts or custom configuration programs from an email message, a file share, or a Web page.
    Again, still have to be an admin.

    One solution to this possible problem is to create the registry settings on your client computers to disable Windows Firewall before your users have a chance to install Windows XP SP2 from Windows Update. ICF on computers running Windows XP with SP1 and Windows XP with no service packs installed ignores these registry settings. When the user installs Windows XP SP2 from Windows Update and restarts their computer, Windows Firewall reads the registry settings already in place and disables itself.
    So I have to re-install SP2? All the PCs are already running SP2...will this still work?


    To add a registry setting on all of your computers running Windows XP, you can use the Regini.exe or Reg.exe tools. For either tool, you create a script file that is read by the tool to add a registry setting. The tool has to be run in the security context of a local administrator account.
    Do these programs need to be installed on all PCs? Again I still have to "touch" each PC.

    I really hate putting in cases to Microsoft Support...but I might have to because this has been bothering me for some time.

  7. #17
    THE Bastard Sys***** dinowuff's Avatar
    Join Date
    Jun 2003
    Location
    Third planet from the Sun
    Posts
    1,247
    Can you run


    netsh firewall show config

    without admin rights?
    09:F9:11:02:9D:74:E3:5B8:41:56:C5:63:56:88:C0

  8. #18
    Member
    Join Date
    Feb 2004
    Posts
    49
    Can you run


    netsh firewall show config

    without admin rights?
    Yes


    Code:
    Microsoft Windows XP [Version 5.1.2600]
    (C) Copyright 1985-2001 Microsoft Corp.
    
    K:\>netsh firewall show config
    
    Domain profile configuration (current):
    -------------------------------------------------------------------
    Operational mode                             = Enable
    Exception mode                                = Enable
    Multicast/broadcast response mode = Enable
    Notification mode                              = Enable
    
    Allowed programs configuration for Domain profile:
    Mode     Name / Program
    -------------------------------------------------------------------
    Enable   Remote Assistance / C:\WINNT\system32\sessmgr.exe
    
    Standard profile configuration:
    -------------------------------------------------------------------
    Operational mode                             = Enable
    Exception mode                                = Enable
    Multicast/broadcast response mode = Enable
    Notification mode                              = Enable
    
    Allowed programs configuration for Standard profile:
    Mode     Name / Program
    -------------------------------------------------------------------
    Enable   Remote Assistance / C:\WINNT\system32\sessmgr.exe
    Enable   RealPlayer / C:\Program Files\Real\RealOne Player\realplay.exe
    
    Log configuration:
    -------------------------------------------------------------------
    File location   = C:\WINNT\pfirewall.log
    Max file size   = 4096 KB
    Dropped packets = Disable
    Connections     = Disable
    
    Local Area Connection firewall configuration:
    -------------------------------------------------------------------
    Operational mode                  = Enable
    Access is denied.
    
    
    
    K:\>

  9. #19
    Senior Member
    Join Date
    Feb 2005
    Posts
    153
    And that is viewable without admin rights? Sheesh, talk about an information security breech.
    \"It is not the strongest of the species that survive, nor the most intelligent, but the one most responsive to change.\"
    - Charles Darwin

  10. #20
    THE Bastard Sys***** dinowuff's Avatar
    Join Date
    Jun 2003
    Location
    Third planet from the Sun
    Posts
    1,247
    I'm pretty sure you can use netsh firewall to reset the firewall settings and then disable. I know If done it in the past but can't remember how exactly but I know I was not admin on the remote box.


    netsh /? see if any thing there will help. I have a feeling firewall dump and what not may give you a access denied error.
    09:F9:11:02:9D:74:E3:5B8:41:56:C5:63:56:88:C0

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides