Solved

Win Firewall Exceptions: 1 Port at a time ???

Posted on 2004-10-23
207 Views
Last Modified: 2013-11-16
WinXP  

2 Part Question:

1.)  If you turn off your REAL firewall (i.e. ZoneAlarm)  and Windows Firewall Does that mean that all your ports are open ??? *DSL  allowing everyone full access to your ports?

2.)  If you enable Windows Firewall, do you really have to allow one port at a time ???   What if you have a range of 100 ports you want open?  Can you bulk-allow?


0
Question by:pdoriley
    8 Comments
     
    LVL 7

    Expert Comment

    by:NetExpert
    1. Yes. Depends on what you meant by "full access". At least everyone can send a port probe and get a response. A port is listening is another matter.
    2. Yes and No. At least I think so. The default config will not allow you to bulk-allow (enter a range), unless you have some kinds of walk-around.
    0
     
    LVL 1

    Author Comment

    by:pdoriley
    Ok NetExpert so please expound upon that...

    1.  How do you enable you're ports for listening and file-sharing
    2.  Do you know of any walk arounds to this Windows Firewall one-at-a-time stuff?
    0
     
    LVL 1

    Author Comment

    by:pdoriley
    NetExpert, I guess I'd have to reward you even if you don't reply to my follow-up questions which are well-within the topic / I wanted all the answers to be on the same post so they makes sense  when read together

    The main question now is really  how to get around entering in 1 at a time exceptions in Windows Firewall?
    0
     
    LVL 7

    Accepted Solution

    by:
    Sorry I was busy in the last several days and haven't had chance to look at this. In my experience, Windows built in Firewall (for XP) is a pain (in the butt). I tried to avoid it as much as possible. An expert firewall like ZoneAlarm is a better choice.

    With Windows firewall, it will enable you to do some simple tasks, at least outgoing connection is enable by default, but incoming connection (for example, you are running a server) must be configured.
    First open it using Start Menu -> Control Panel -> Window Firewall. (You must have Window Firewall/ICS server running, it will ask you).
    In General, select ON (with check box "Don't allow exception" uncheck).
    In Exception, there's some simple options.
    - file sharing (using default networking with Microsoft File and Printer sharing).
    - add Program will allow a program to listen to incoming connection (therefore, if a program use more than one port, this will open these ports for you).
    - add port (one at a time).

    Otherwise you can try the command line (another pain). Open commandline window and type 'netsh' and try to have a look at some options available (you may need service pack 2). Use '?' to see command list, or 'firewall' to enter firewall context.
    The command to add port is 'netsh firewall add portopening'. Look at its syntax, and you maybe able to create a batch to add a range of port.

    It's just the idea. If you need specific instruction, let me know and I maybe able to figure it out this weekend.
    0
     
    LVL 1

    Author Comment

    by:pdoriley
    Why didn't Windows make it easy to open a range?   If you could figure this out than that would be great mmkay.

    But seriously, if you could (without wasting too much time / anyone whos knows enough to write a batch to add port ranges should be using a real firewall anyway)
    come up with that solution to opening ports using netsh firewall add portopening then that would be great , mmkay.
    0
     
    LVL 1

    Author Comment

    by:pdoriley
    This is just so I know how to do it if somday some guy wants to stick with Windows Firewall and open a range of ports!!! LOL!

    Im still laughing, (almost 30 seconds later...)

    aaaw that was good..
    0
     
    LVL 7

    Expert Comment

    by:NetExpert
    I'm in short of time now, so won't be able to help you further :( Have a look around and make sure that there's not way to enter a port range (using standard procedure) unless you create a batch file to run the netsh firewall command (as a loop), or spend time with some API programming.

    It takes less time to download a free firewall (ZA?) and make a cup of tea (and still feel as safe as with Windows Firewall). LOL. Still scare of the slogan "It's not a bug, it's a feature" of Microsoft.

    (Laugh)

    Good luck anyway.
    0
     
    LVL 1

    Author Comment

    by:pdoriley
    Hold on,  Net Expert, you said.  "and still feel AS SAFE as with Windows Firewall"   Don't insult Zone Alarm like that, its a good firewall.





    0

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Top 6 Sources for Identifying Threat Actor TTPs

    Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

    You need passwords for many websites and you know that it's unwise to use the same password everywhere.  You have also heard that it's important to use "strong" passwords -- but they can be hard to remember.  This article describes several options t…
    Some time ago I was asked to set up a web portal PC to put at our entrance. When customers arrive, they could see a webpage 'promoting' our company. So I tried to set up a windows 7 PC as a kiosk PC.......... I will spare you all the annoyances I…
    Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
    After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

    884 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    14 Experts available now in Live!

    Get 1:1 Help Now