Windows firewall adjustments

14/01/08

Permalink 09:53:53 am, by Greg, 617 words, 867 views   English (CA)
Categories: Labs, Documentation; Mins. worked: 0

Windows firewall adjustments

To adjust the built-in Windows firewall, it is possible to construct a reg file and merge it remotely. An example of the reg file for setting up Zenworks:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"524:TCP"="524:TCP:*:Enabled:ZENworks Remote Mgmt"
"524:UDP"="524:UDP:*:Enabled:ZENworks Remote Mgmt"
"1761:TCP"="1761:TCP:*:Enabled:Zenworks Remote Control"
"1761:UDP"="1761:UDP:*:Enabled:Zenworks Remote Control"

A CLI app called netsh is available in Windows to do the config as well. Info here:
http://support.microsoft.com/kb/875357/
A clip from the page:

Using command-line support
Windows Firewall Netsh Helper was added to Windows XP in the Microsoft Advanced Networking Pack. This command-line helper previously applied to IPv6 Windows Firewall. With Windows XP Service Pack 2, the helper now includes support for configuring IPv4.

With Netsh Helper, you can now:
• Configure the default state of Windows Firewall. (Options include Off, On, and On with no exceptions.)
• Configure the ports that must be open.
• Configure the ports to enable global access or to restrict access to the local subnet.
• Set ports to be open on all interfaces or only on a specific interface.
• Configure the logging options.
• Configure the Internet Control Message Protocol (ICMP) handling options.
• Add or remove programs from the exceptions list.
These configuration options apply to both IPv4 Windows Firewall and IPv6 Windows Firewall except where specific functionality does not exist in the Windows Firewall version.
Gathering diagnostic data
Windows Firewall configuration and status information can be retrieved at the command line by using the Netsh.exe tool. This tool adds IPv4 firewall support to the following Netsh context:
netsh firewall
To use this context, type netsh firewall at a command prompt, and then use additional Netsh commands as needed. The following commands are useful for gathering firewall status and configuration information:
• Netsh firewall show state
• Netsh firewall show config

Compare the output from these commands with the output from the netstat –ano command to identify the programs that may have listening ports open and that do not have corresponding exceptions in the firewall configuration. Supported data gathering and configuration commands are listed in the following tables.

Note Settings can be modified only by an administrator.

Data Gathering
Command Description
show allowedprogram Displays the allowed programs.
show config Displays the detailed local configuration information.
show currentprofile Displays the current profile.
show icmpsetting Displays the ICMP settings.
show logging Displays the logging settings.
show opmode Displays the operational mode.
show portopening Displays the excepted ports.
show service Displays the services.
show state Displays the current state information.
show notifications Displays the current settings for notifications.

Configuration
Command Description
add allowedprogram Used to add excepted traffic by specifying the program's file name.
set allowedprogram Used to modify the settings of an existing allowed program.
delete allowedprogram Used to delete an existing allowed program.
set icmpsetting Used to specify allowed ICMP traffic.
set logging Used to specify logging options for Windows Firewall either globally or for a specific connection (interface).
set opmode Used to specify the operating mode of Windows Firewall either globally or for a specific connection (interface).
add portopening Used to add excepted traffic by specifying a TCP or UDP port.
set portopening Used to modify the settings of an existing open TCP or UDP port.
delete portopening Used to delete an existing open TCP or UDP port.
set service Used to enable or drop RPC and DCOM traffic, file and printer sharing, and UPnP traffic.
set notifications Used to specify whether notifications to the user when programs try to open ports are enabled.
reset Resets firewall configuration to default. This provides the same functionality as the Restore Defaults button in the Windows Firewall interface.

Pingbacks:

No Pingbacks for this post yet...

Maintenance

This blog is the location for all work involving software and hardware maintenance, updates, installs, etc., both routine and urgent, in the server room, the labs and the R&D rooms.

Reports

Categories

September 2014
Sun Mon Tue Wed Thu Fri Sat
 << <   > >>
  1 2 3 4 5 6
7 8 9 10 11 12 13
14 15 16 17 18 19 20
21 22 23 24 25 26 27
28 29 30        

XML Feeds