Solved

Disable Windows Firewall Using Netsh or GP

Posted on 2004-09-19
7
1,024 Views
Last Modified: 2008-01-09
Hello Experts,
My problem is that the windows Firewall included in XP SP2 blocks most programs i use in my LAN where i don't have a real security danger, how can i disable it using netsh utility or Group policy in 2000 server Domain.
I louked at the MS white paper about SP2 Window Firewall and i didn't found any helpfull information.
 

Please Help
0
Comment
Question by:alaweb
7 Comments
 
LVL 1

Expert Comment

by:mmbutt
ID: 12095722
I think thats what you are trying to do.

*  From the Windows XP desktop, click Start, click Run, type mmc, and then click OK.
*  On the File menu, click Add/Remove Snap-in.
*  On the Standalone tab, click Add.
*  In the Available Standalone Snap-ins list, click Group Policy Object Editor, and then click Add.
*  In the Select Group Policy Object dialog box, click Browse.
*  In the Browse for a Group Policy Object, click the Group Policy object that you want to update with the new Windows Firewall settings.
*  Click OK.
*  Click Finish to complete the Group Policy Wizard.
*  In the Add Standalone Snap-in dialog box, click Close.
*  In the Add/Remove Snap-in dialog box, click OK.

*  In the console tree, open Computer Configuration, Administrative Templates, Network, Network Connections, and then Windows Firewall.

Detail information
http://www.microsoft.com/downloads/details.aspx?FamilyID=4454e0e1-61fa-447a-bdcd-499f73a637d1&DisplayLang=en
0
 

Author Comment

by:alaweb
ID: 12095904
I tried This, It work on the PCs but i don't want to go to every 80 PC and do this, if this was the case i take the easiet way : Control Pannel > Windows Firewall > Disable
I want a solution like yours but using Windows 2000 Server Group Policy or using a bat file (Netsh) that i can execute on each PC remotly,
Thanks,
Alaweb
0
 
LVL 86

Expert Comment

by:jkr
ID: 12096069
You could use sth. like

netsh firewall set adapter Local Area Connection filtering=disable

or

netsh firewall set adapter Local Area Connection port 80=enable protocol=tcp

See e.g.

http://www.microsoft.com/technet/itsolutions/network/security/ipv6fw/hcfgv601.mspx ("To configure IPv6 Internet Connection Firewall")
http://support.microsoft.com/default.aspx?scid=kb;en-us;839980 ("How to use a script to programmatically open ports for SQL Server to use on systems that are running Windows XP Service Pack 2")

They both address different issues, but serve well as examples.



0
What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 7

Accepted Solution

by:
Worked4me earned 500 total points
ID: 12096469

The netsh command is netsh firewall set opmode disable to disable it on that machine.

Good Luck.
0
 

Author Comment

by:alaweb
ID: 12099926
====================================================
====================================================
It works, I will now Try to deploy it around The entire network.
Thanks Expert :)
====================================================
====================================================
====================================================
0
 
LVL 7

Expert Comment

by:Worked4me
ID: 12100380

  Glad I could help.
0
 

Author Comment

by:alaweb
ID: 12116345
For deployment accross the network i had a problem: to disable Windows firewall the user had to be an administrator i used the runas command which also had a small problem :it prompt for the password, i finally used runas+sanur a utility that complete runas :
the result was like that :
%windir%\system32\runas.exe /user:DOMAIN\AN_ADMIN_USER "the bat file" | \\SERVER\NETLOGON\sanur PASSWORD

http://www.commandline.co.uk/sanur/

Thanks
Alaweb
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

Can you find a fax from a vendor you saved a decade ago in seconds? Have you ever cursed your PC under your breath during an audit because you couldn’t find the requested statement or driver history?  If you answered no to the first question or yes …
Sometimes people don't understand why download speed shows differently for Windows than Linux.Specially, this article covers and shows the solution for throughput difference for Windows than a Linux machine. For this, I arranged a test scenario.I…
Excel styles will make formatting consistent and let you apply and change formatting faster. In this tutorial, you'll learn how to use Excel's built-in styles, how to modify styles, and how to create your own. You'll also learn how to use your custo…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now