Improve company productivity with a Business Account.Sign Up

x
?
Solved

Enable XP Firewall remotely

Posted on 2004-08-06
5
Medium Priority
?
248 Views
Last Modified: 2013-12-04
Group Policy has a way of not using the xp firewall when on the domain.
before you set this setting, you can tun the firewall on, then after you apply this and they connect to the domain, it disables the firewall only when connected to the domain.  this way laptops are protected when connected at home on DSL or at airports.

I need a way to enable the xp firewall remotely and apply the above policy.  It would be a lot of work to visit all laptops we have.

you can enable the xp firewall through gpo, but it cancels out the "prohibit use of xp firewall while on domain".
can't have that...

THanks,
Charles
0
Comment
Question by:chaldz
  • 2
2 Comments
 
LVL 38

Accepted Solution

by:
Rich Rumble earned 500 total points
ID: 11741577
Service pack 2 for XP will enable the FW by default- even on the lan... but it's not "concrete" in this article
http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/sp2netwk.mspx#XSLTsection130121120120

These are the old (xp sp1) setting definitions
The firewall turns off when a VPN connection is made BTW... so dsl/cable users are without a fw if you rely on XP ICF... ZoneAlarm is free, and a slightly better firewall
http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/xpmanaged/33_xpape.mspx

Prohibit Use of Internet Connection Firewall on your DNS domain network (enabled)
 If you enable this policy setting, Internet Connection Firewall cannot be enabled or configured by users (including administrators), and the Internet Connection Firewall service cannot run on the computer. The option to enable the Internet Connection Firewall through the Advanced tab is removed. In addition, the Internet Connection Firewall is not enabled for remote access connections created through the Make New Connection Wizard.
 
Prohibit Use of Internet Connection Firewall on your DNS domain network (disabled or not configured)
If you disable this policy setting or do not configure it, the Internet Connection Firewall is disabled when a LAN connection or virtual private network (VPN) connection is created, but users can use the Advanced tab in the connection properties to enable it. The Internet Connection Firewall is enabled by default on the connection for which Internet Connection Sharing is enabled. In addition, remote access connections created through the Make New Connection Wizard have the Internet Connection Firewall enabled.

These are the regisrty entries that change when the firewall is enabled through the NIC properties (not sure if it's just one or all of them)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\RNG
Seed REG_BINARY 4F8CAF88FA1D3780CD404F3EB568E0C1FF7AC2D9CB7DE82C6661593EFEB33B0AF7CD724DEF57E72971C448554D500FDD1C9A594691EAB731051AF604DC1C6893D11ED09B6CCDE71C509031CBFDBBE6DB (enabled)
B5F1C06FAD9E95CF6B51416886780E1F7A0DEF91439DB5378EC8361FE62972B22E7D8EB12BE79F8F265A08B97BF2F4E666DA3017F8D94BF9ED72BBE9E4DD11C3F934640A6CCD40D5D8CEA865DD5AF285 (disabled)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-19
RefCount REG_DWORD 0x00000001 [1] (disabled)
RefCount REG_DWORD 0x00000002 [2] (enabled)
HKEY_USERS\S-1-5-21-1275210071-854245398-1957994488-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count
HRZR_EHAPCY REG_BINARY 1f 01 00 00 06 00 00 00 40 13 ea ca 37 7c c4 01 (enabled)
HRZR_EHAPCY REG_BINARY 1f 01 00 00 07 00 00 00 30 66 fc 0a 39  7c c4 01 (disabled)
HRZR_EHAPCY:APCN.PCY REG_BINARY 1f 01 00 00 06 00 00 00 40 13 ea ca 37 7c c4 01  (enabled)
HRZR_EHAPCY:APCN.PCY REG_BINARY 1f 01 00 00 07 00 00 00 30 66 fc 0a 39 7c c4 01  (disabled)
HKEY_USERS\S-1-5-21-1275210071-854245398-1957994488-1003\Software\Microsoft\Windows\ShellNoRoam\BagMRU\0
MRUListEX REG_BINARY 00 00 00 00 03 00 00 00 01 00 00 00 02 00 00 00 ff ff ff ff (enabled
MRUListEX REG_BINARY 03 00 00 00 03 00 00 00 01 00 00 00 02 00 00 00 ff ff ff ff (disabled)

And these changed when I disabled it again:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\ServiceCurrent
[Default] REG_DWORD 0x00000017 (23) (enabled)
[Default] REG_DWORD 0x00000018 (24) (disabled)
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\ServiceCurrent
[Default] REG_DWORD 0x00000017 (23) (enabled)
[Default] REG_DWORD 0x00000018 (24) (disabled)
-rich
0
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 13958824
I think I answered the question.
-rich
0

Featured Post

Building an Effective Phishing Protection Program

Join Director of Product Management Todd OBoyle on April 26th as he covers the key elements of a phishing protection program. Whether you’re an old hat at phishing education or considering starting a program -- we'll discuss critical components that should be in any program.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

As I write this article, I am finishing cleanup from the Qakbot virus variant found in the wild on April 18, 2011.  It was a messy beast that had varying levels of infection, speculated as being dependent on how long it resided on the infected syste…
Security measures require Windows be logged in using Standard User login (not Administrator).  Yet, sometimes an application has to be run “As Administrator” from a Standard User login.  This paper describes how to create a shortcut icon to launch a…
If you are looking for an automated solution for backup single or multiple Office 365 user mailboxes to Outlook data file, then you can use Kernel Office 365 Backup & Restore tool. Go through the video to check out the steps to backup single or mult…
Watch the video of Kernel Migrator for SharePoint, which demonstrate the process easily of migration from SharePoint to SharePoint, OneDrive for Business & Google Drive servers, Public Folder to SharePoint, File Server to SharePoint. The tool has va…

579 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question