SP2 Firewall

We will be rolling out SP2 Enterprise Wide at some point over the next several months.  Once all our systems are running SP2 how can I turn off the Firewall, which is on by default?  Is there some registry hack I can push out?  Thx in advance.
psych0nautAsked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
Asta CuConnect With a Mentor Commented:
FREE Microsoft XP SP2 support
http://support.microsoft.com/oas/default.aspx?gprid=6794
Windows XP Service Pack 2 (SP2) for IT Professionals
http://support.microsoft.com/gp/windowsxpsp2it
":0)  Asta

P.S.  If you want walkthroughs... let us know.
0
 
nihlcatCommented:
That was answered recently by this article, using GPOs :

http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/mangxpsp2/mngdepgp.mspx
0
 
KerryGCommented:
Using the above information, I would recommend not turning it off, but instead, using GPO's to only enable the ports that need to be open. By completely turning off the firewall, you are shutting down a big piece of the network security features.
0
SMB Security Just Got a Layer Stronger

WatchGuard acquires Percipient Networks to extend protection to the DNS layer, further increasing the value of Total Security Suite.  Learn more about what this means for you and how you can improve your security with WatchGuard today!

 
nihlcatCommented:
A very good thought.
0
 
Asta CuCommented:
How to install Windows XP Service Pack 2 (SP2) by using Systems Management Server
http://support.microsoft.com/kb/842844
Back to work, good luck on your adventure.
":0) Asta
0
 
GargantubrainCommented:
If you find you can't use GPO without a Windows 2003 server, you can still set firewall options via a login script...

Put a line in the login script like:

netsh -f \\servername\netlogon\xpfw.nsh

Then put the xpfw.nsh file in the sysvol's scripts directory with entries like:

firewall set portopening protocol = ALL port = 497 name = "Retrospect Backup" mode = ENABLE scope = SUBNET profile = DOMAIN
firewall set portopening protocol = TCP port = 139 name = "File and Printer Sharing" mode = ENABLE scope = SUBNET profile = DOMAIN
firewall set portopening protocol = TCP port = 445 name = "File and Printer Sharing" mode = ENABLE scope = SUBNET profile = DOMAIN
firewall set portopening protocol = UDP port = 137 name = "File and Printer Sharing" mode = ENABLE scope = SUBNET profile = DOMAIN
firewall set portopening protocol = UDP port = 138 name = "File and Printer Sharing" mode = ENABLE scope = SUBNET profile = DOMAIN

Read all about the netsh command in sites like:

http://www.microsoft.com/downloads/details.aspx?familyid=4454e0e1-61fa-447a-bdcd-499f73a637d1
or
http://www.jsiinc.com/SUBP/tip7900/rh7908.htm
or
http://www.newsarch.com/archive/newsgroup/microsoft/public/windowsxp/general/msg116275.html
or google for your own!
0
 
Asta CuCommented:
Thank you.  Did you get the solution you needed or would you like to discuss further?  It definitely would add value to this question thread for others if you can provide some information on the solution now that it has moved to our PAQ (Previously Asked Questions database).

I've used the Free XP SP2 support Tech Chat interface a few times and have a current issue working; they've been GREAT.  I feel this benefits us all in the long run, since some of the issues resulted in new additions to the Microsoft Knowledge Base for other to find and hopefully will be fixed incorporated in the next Service Pack or Windows release.  In all, a win/win scenario.

Asta
0
All Courses

From novice to tech pro — start learning today.