What is the trick to get Windows XP firewall to stay on (after a reboot)?

[Orak Listalavostok]

Every time I boot Windows XP SP2 I get this message from the
"Windows Security Center":
.... "Windows detects that your computer is not protected by a
firewall."
.... "Click Recommendations to learn how to fix this problem."

So, every time I boot, I click the "Recommendations" button,
and then I hit the "Enable Now" button where it finally says:
.... "Turn on Windows Firewall for all network connections".
I then see the resulting windows firewall message:
.... "Windows Firewall was successfully turned on".

Yet, upon reboot, I have to go throught the whole process again.
In the Windows XP control panel is a "Windows Firewall" icon, whose
"General" tab is set to "On" and whose "Advanced" tab has the
"Local Area Connection", "Wireless Network Connection" and
"1394 Connection" all selected.

QUESTION:
What is the trick to get Windows XP firewall to stay on?
Orak Listalavostok

 

[Charlie Hauper]

QUESTION:
What is the trick to get Windows XP firewall to stay on?

I don't think it can stay on.

At least every time I boot my Dell Windows XP desktop, I have the same
windows firewall questions. Every time I boot it says my firewall isn't on
(even though I use Sygate). So I turn the Windows firewall on every time
manually.

In the past I've asked others who said Microsoft probably wants you to
be vigilant so that is why they don' t provide any mechanism to have
the firewall run automatically. You might forget and leave it off
accidentally.

 

[Windows Security Expert]

Every time I boot it says my firewall isn't on
(even though I use Sygate).
So I turn the Windows firewall on every time manually.

There must be a way for Windows Firewall to turn on upon bootup.
Maybe you can modify the windows xp registry.

Hit "Start->Run->regedit" and delete every entry for Windows
Firewall or Windows Security Center and see if that works.
To protect yourself, make a backup of the registry by copying
the c:\windows\regedit.exe file into your temp directory
before you delete all the firewall lines in the registry.

Do this now and then when you're done, write back and
tell us what happened.

 

[Richard G. Harper]

Do you have another firewall installed besides the Windows XP firewall?

--
Richard G. Harper [MVP Shell/User] (e-mail address removed)
* PLEASE post all messages and replies in the newsgroups
* for the benefit of all. Private mail is usually not replied to.
* My website, such as it is ... http://rgharper.mvps.org/
* HELP us help YOU ... http://www.dts-l.org/goodpost.htm

 

[Rick Wintjen]

There must be a way for Windows Firewall to turn on upon bootup.
Maybe you can modify the windows xp registry.

Hit "Start->Run->regedit" and delete every entry for Windows
Firewall or Windows Security Center and see if that works.
To protect yourself, make a backup of the registry by copying
the c:\windows\regedit.exe file into your temp directory
before you delete all the firewall lines in the registry.

Do this now and then when you're done, write back and
tell us what happened.

regedit.exe? That's not where the registry is stored, it's the editor
program. The registry is stored in system files ending in .dat. Better
to set a restore point and/or export each key before changing it.

 

[Alessandro Crugnola]

I don't think anyone on this ng uses the windows xp firewall.
Most (if not all) of us use that "other" firewall program.
The one that actually works.
Everyone knows that anything from Microsoft is pure garbage.
The windows xp firewall can't even start up upon reboot.
It's just another (RDB) really dumb program by Microsoft.
The windows firewall is a joke.
Besides not blocking anything, it won't even start up gracefully.
You're the idiot for using Microsoft products in the first place.
What did you expect from Microsoft anyway?

 

[Frank Saunders, MS-MVP]

I don't think anyone on this ng uses the windows xp firewall.
Most (if not all) of us use that "other" firewall program.
The one that actually works.
Everyone knows that anything from Microsoft is pure garbage.
The windows xp firewall can't even start up upon reboot.
It's just another (RDB) really dumb program by Microsoft.
The windows firewall is a joke.
Besides not blocking anything, it won't even start up gracefully.
You're the idiot for using Microsoft products in the first place.
What did you expect from Microsoft anyway?

I use the WinXP firewall. Since I don't get infected I don't need an
outgoing firewall.

--
Frank Saunders, MS-MVP, IE/OE
Please respond in Newsgroup only. Do not send email
http://www.fjsmjs.com
Protect your PC
http://www.microsoft.com./athome/security/protect/default.aspx

 

[Invader Zim]

Hi. I don't know how to set the firewall to stay on. Must be a registry key.
Check this site, I consider it useful http://www.tweakxp.com/ for XP users.
Now I'm using 2K with ZoneAlarm, some people say the firewall from MS is not
very good, maybe they're right, maybe not.

 

[Leythos]

The windows xp firewall can't even start up upon reboot.

Being a troll, and you really appear to not even hide the fact that you
are, doesn't mean you are posting correct info.

The Windows XP SP2 Firewall does indeed startup enabled and blocking by
default - I have several hundred machines running it to prove that it
does.

 

[Colin Barnhorst]

I use the SP2 firewall.

I don't think anyone on this ng uses the windows xp firewall.
Most (if not all) of us use that "other" firewall program.
The one that actually works.
Everyone knows that anything from Microsoft is pure garbage.
The windows xp firewall can't even start up upon reboot.
It's just another (RDB) really dumb program by Microsoft.
The windows firewall is a joke.
Besides not blocking anything, it won't even start up gracefully.
You're the idiot for using Microsoft products in the first place.
What did you expect from Microsoft anyway?

 

[Lars M. Hansen]

On 2 Jan 2005 15:24:04 -0800, Orak Listalavostok spoketh

Every time I boot Windows XP SP2 I get this message from the
"Windows Security Center":
... "Windows detects that your computer is not protected by a
firewall."
... "Click Recommendations to learn how to fix this problem."

So, every time I boot, I click the "Recommendations" button,
and then I hit the "Enable Now" button where it finally says:
... "Turn on Windows Firewall for all network connections".
I then see the resulting windows firewall message:
... "Windows Firewall was successfully turned on".

Yet, upon reboot, I have to go throught the whole process again.
In the Windows XP control panel is a "Windows Firewall" icon, whose
"General" tab is set to "On" and whose "Advanced" tab has the
"Local Area Connection", "Wireless Network Connection" and
"1394 Connection" all selected.

QUESTION:
What is the trick to get Windows XP firewall to stay on?
Orak Listalavostok

1. Right-click on My Computer.
2. Select "Manage".
3. In the right pane, double-click "Services and Applications"
4. In the Right pane, double-click "services"
5. Scroll down to "Windows Firewall/Internet Connection Sharing" and
double-click on it.
6. Set the startup type to "Automatic".


Lars M. Hansen
http://www.hansenonline.net
(replace 'badnews' with 'news' in e-mail address)

 

[Duane Arnold]

I don't think anyone on this ng uses the windows xp firewall.
Most (if not all) of us use that "other" firewall program.
The one that actually works.
Everyone knows that anything from Microsoft is pure garbage.
The windows xp firewall can't even start up upon reboot.
It's just another (RDB) really dumb program by Microsoft.
The windows firewall is a joke.
Besides not blocking anything, it won't even start up gracefully.
You're the idiot for using Microsoft products in the first place.
What did you expect from Microsoft anyway?

I have used the SP2 FW and I didn't have any problems with it. It also
restarted at boot with no problem.

man oh man what a post

Duane

 

[Orak Listalavostok]

On 2 Jan 2005 15:24:04 -0800, Orak Listalavostok spoketh

1. Right-click on My Computer.
2. Select "Manage" and look in the resulting right pane
3. Double-click "Services and Applications"
4. Double-click "services"
5. Double-click "Windows Firewall/Internet Connection Sharing"
6. Set the "Startup type" to "Automatic".

I must have something that disables this as it *was* set to
"Automatic".
Maybe PC Magazine "Startup Cop" or "Ad-Aware SE Personal" or
"HijackThis" or "msconfig.exe" some other startup-management program
I'm running (I'm running all of the above except msconfig) is hindering
the startup of the Windows Firewall.

QUESTION:
Does WinXP SP2 Windows Firewall have an executable name I can look for?

 

[Orak Listalavostok]

For the record, here are my settings using the steps above:

Windows Firewall/Internet Connection Sharing (ICS) Properties
- General
-- Services Name = SharedAccess
-- Display name = Windows Firewall/Internet Connection Sharing (ICS)
-- Description = Provides network address translation, addressing,
..................name resolution and/or intrusion prevention services
..................for a home or small office network.
-- Path to executable: C:\WINDOWS\System32\svchost.exe -k netsvcs
-- Startup type = Automatic
-- Service status: Started
....................You can specify the start parameters that apply
....................when you start the service from here.
- Log On
-- Log on as: Local System account
-- [ ]Allow service to interact with desktop
-- Hardware Profile = Undocked Profile (Service Enabled)
- Recovery
-- First failure = Take No Action
-- Second failure = Take No Action
-- Subsequent failures = Take No Action
-- Reset fail count after = 0 days
- Dependencies
+ Network Connections
-- Remote Procedure Call (RPC)
+ Windows Management Instrumentation
-- Event Log
-- Remote Procedure Call (RPC)

 

[Triffid]

Being a troll, and you really appear to not even hide the fact that you
are, doesn't mean you are posting correct info.

The Windows XP SP2 Firewall does indeed startup enabled and blocking by
default - I have several hundred machines running it to prove that it
does.

I recently switched my home systems from NT4 SP6a to XP Pro SP2
(slipstreamed), and the firewall is indeed enabled by default.

However, I see no evidence of it blocking anything - it will
occasionally pop up and say "To help protect your computer, Windows
Firewall has blocked some features of this program", but it lies.

For example, if I initiate an active mode FTP session from the command
line, then type 'ls' after logging in to the FTP server, Windows
Firewall will pop up and claim to have blocked "File Transfer Program"
(presumably triggered by the inbound data connection from the server),
yet the directory listing I requested is received anyway, i.e the
so-called firewall lied to me about blocking the inbound data
connection. Meanwhile the FTP server delivers the requested data
followed by a message suggesting I consider using passive mode - but of
course XP's FTP client doesn't support passive mode!

A "firewall" that lies is much worse than no firewall at all.

I've seen no evidence the XP SP2 "firewall" provides any value,
therefore IMHO it should be disabled.

 

[Leythos]

I recently switched my home systems from NT4 SP6a to XP Pro SP2
(slipstreamed), and the firewall is indeed enabled by default.

However, I see no evidence of it blocking anything - it will
occasionally pop up and say "To help protect your computer, Windows
Firewall has blocked some features of this program", but it lies.

The firewall only does INBOUND blocking and only based on the rules that
it has - by default it will block all inbound except on it's own subnet
- there is also a patch for Dial-Up users where it was allowing ALL
internet access inbound for dial-up users.

It does not do outbound blocking - you should really read up on
something before you trust it and before to slam it.

 

[Triffid]

The firewall only does INBOUND blocking and only based on the rules that
it has - by default it will block all inbound except on it's own subnet
- there is also a patch for Dial-Up users where it was allowing ALL
internet access inbound for dial-up users.

It does not do outbound blocking - you should really read up on
something before you trust it and before to slam it.

I am fully aware the Windows Firewall only *claims* to do inbound
blocking, but it doesn't even do that.

In the active mode FTP example I gave, on a fully patched system
(including the dial-up patch KB886185) running default rules, Windows
Firewall pops up and *claims* to have blocked the *inbound* data
connection (TCP/20) from the FTP server, but clearly it has not since
the client receives the data.

This misleading behavior occurs regardless of whether the FTP server is
on the local subnet or elsewhere.

 

[CyberDroog]

I am fully aware the Windows Firewall only *claims* to do inbound
blocking, but it doesn't even do that.

In the active mode FTP example I gave, on a fully patched system
(including the dial-up patch KB886185) running default rules, Windows
Firewall pops up and *claims* to have blocked the *inbound* data
connection (TCP/20) from the FTP server, but clearly it has not since
the client receives the data.

I believe the idea is to block *unsolicited* inbound data connections.
Your use of FTP is soliciting an inbound connection.

 

[Guest]

From "Top 10 Reasons to Deploy Windows XP Service Pack 2"
(http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/sp2top.mspx):

The new Windows Firewall is on by default and enabled even before the
network starts up, as Windows XP SP2 boots.

With that said, there are still some reasons you might want a more
full-featured firewall – almost no outbound traffic checking is performed,
and all machines on the local subnet are trusted, but if you know anything
about firewalls

 

[Leythos]

I am fully aware the Windows Firewall only *claims* to do inbound
blocking, but it doesn't even do that.

In the active mode FTP example I gave, on a fully patched system
(including the dial-up patch KB886185) running default rules, Windows
Firewall pops up and *claims* to have blocked the *inbound* data
connection (TCP/20) from the FTP server, but clearly it has not since
the client receives the data.

This misleading behavior occurs regardless of whether the FTP server is
on the local subnet or elsewhere.

If you initiate the connection with the system it will allow the
connection to converse with your computer too - that's how everything
works. With FTP, you can't really block 20 and have FTP work properly.