SP2 Firewall

We will be rolling out SP2 Enterprise Wide at some point over the next several months.  Once all our systems are running SP2 how can I turn off the Firewall, which is on by default?  Is there some registry hack I can push out?  Thx in advance.
psych0nautAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

nihlcatCommented:
That was answered recently by this article, using GPOs :

http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/mangxpsp2/mngdepgp.mspx
0
KerryGCommented:
Using the above information, I would recommend not turning it off, but instead, using GPO's to only enable the ports that need to be open. By completely turning off the firewall, you are shutting down a big piece of the network security features.
0
nihlcatCommented:
A very good thought.
0
Introducing the "443 Security Simplified" Podcast

This new podcast puts you inside the minds of leading white-hat hackers and security researchers. Hosts Marc Laliberte and Corey Nachreiner turn complex security concepts into easily understood and actionable insights on the latest cyber security headlines and trends.

Asta CuTechnical consultant & graphic designCommented:
FREE Microsoft XP SP2 support
http://support.microsoft.com/oas/default.aspx?gprid=6794
Windows XP Service Pack 2 (SP2) for IT Professionals
http://support.microsoft.com/gp/windowsxpsp2it
":0)  Asta

P.S.  If you want walkthroughs... let us know.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Asta CuTechnical consultant & graphic designCommented:
How to install Windows XP Service Pack 2 (SP2) by using Systems Management Server
http://support.microsoft.com/kb/842844
Back to work, good luck on your adventure.
":0) Asta
0
GargantubrainCommented:
If you find you can't use GPO without a Windows 2003 server, you can still set firewall options via a login script...

Put a line in the login script like:

netsh -f \\servername\netlogon\xpfw.nsh

Then put the xpfw.nsh file in the sysvol's scripts directory with entries like:

firewall set portopening protocol = ALL port = 497 name = "Retrospect Backup" mode = ENABLE scope = SUBNET profile = DOMAIN
firewall set portopening protocol = TCP port = 139 name = "File and Printer Sharing" mode = ENABLE scope = SUBNET profile = DOMAIN
firewall set portopening protocol = TCP port = 445 name = "File and Printer Sharing" mode = ENABLE scope = SUBNET profile = DOMAIN
firewall set portopening protocol = UDP port = 137 name = "File and Printer Sharing" mode = ENABLE scope = SUBNET profile = DOMAIN
firewall set portopening protocol = UDP port = 138 name = "File and Printer Sharing" mode = ENABLE scope = SUBNET profile = DOMAIN

Read all about the netsh command in sites like:

http://www.microsoft.com/downloads/details.aspx?familyid=4454e0e1-61fa-447a-bdcd-499f73a637d1
or
http://www.jsiinc.com/SUBP/tip7900/rh7908.htm
or
http://www.newsarch.com/archive/newsgroup/microsoft/public/windowsxp/general/msg116275.html
or google for your own!
0
Asta CuTechnical consultant & graphic designCommented:
Thank you.  Did you get the solution you needed or would you like to discuss further?  It definitely would add value to this question thread for others if you can provide some information on the solution now that it has moved to our PAQ (Previously Asked Questions database).

I've used the Free XP SP2 support Tech Chat interface a few times and have a current issue working; they've been GREAT.  I feel this benefits us all in the long run, since some of the issues resulted in new additions to the Microsoft Knowledge Base for other to find and hopefully will be fixed incorporated in the next Service Pack or Windows release.  In all, a win/win scenario.

Asta
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
OS Security

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.