Are you using the Windows Firewall?

  • Thread starter Michael Surkan [MS]
  • Start date
M

Michael Surkan [MS]

If you can spare a few minutes I would love to find out if your organization
is using the XP SP2 Windows Firewall, and what (if any) kinds of
improvements you might like to see in the future. As we make plans for the
Windows Firewall we would like to see if customer deployments, and needs,
may have changed now that it's been shipping for a while.

http://www.surveymonkey.com/s.asp?u=47602838938&c=nssecadmin

I would still be eager to hear from you weather or not you plan on using the
Windows Firewall.

Thanks,
Michael Surkan

Program Manager,
Networking & Devices,
Microsoft
 
L

Leythos

If you can spare a few minutes I would love to find out if your organization
is using the XP SP2 Windows Firewall, and what (if any) kinds of
improvements you might like to see in the future. As we make plans for the
Windows Firewall we would like to see if customer deployments, and needs,
may have changed now that it's been shipping for a while.

http://www.surveymonkey.com/s.asp?u=47602838938&c=nssecadmin

I would still be eager to hear from you weather or not you plan on using the
Windows Firewall.
Click to expand...

Mike, Windows XP Firewall was a nice idea, but it should be installed as
DISABLED by default for computers that are part of a DOMAIN. We rolled it
out to more than 200 systems a few weeks ago and had to go back and stop
and disable the service on every one of them. There are many remote
support tools and we don't use RD at all - there is no reason to run it
inside a DOMAIN.
 
D

David H. Lipman

The very major organization that I was contracted to put out an edict that the MS FireWall
*must* be disabled. If you want to know the name of that organization, you will have to
email me as I won't declare it in public.

--
Dave




| If you can spare a few minutes I would love to find out if your organization
| is using the XP SP2 Windows Firewall, and what (if any) kinds of
| improvements you might like to see in the future. As we make plans for the
| Windows Firewall we would like to see if customer deployments, and needs,
| may have changed now that it's been shipping for a while.
|
| http://www.surveymonkey.com/s.asp?u=47602838938&c=nssecadmin
|
| I would still be eager to hear from you weather or not you plan on using the
| Windows Firewall.
|
| Thanks,
| Michael Surkan
|
| Program Manager,
| Networking & Devices,
| Microsoft
|
|
 
D

David H. Lipman

To add to Leythos' statement...

It should be enabled by default on XP Home Edition and Media Center
It should be disabled by default on XP Professional

--
Dave





| Mike, Windows XP Firewall was a nice idea, but it should be installed as
| DISABLED by default for computers that are part of a DOMAIN. We rolled it
| out to more than 200 systems a few weeks ago and had to go back and stop
| and disable the service on every one of them. There are many remote
| support tools and we don't use RD at all - there is no reason to run it
| inside a DOMAIN.
|
|
|
| --
| (e-mail address removed)
| remove 999 in order to email me
|
 
M

Matt Gibson

Am I the only one who finds this fishy?

This doesn't sound legit to me.

Matt Gibson - GSEC
 
M

Mike Hall

Did you wonder about the spelling of 'weather' too.. that is no typo..

--
Mike Hall
MVP - Windows Shell/user
 
T

Torgeir Bakken \(MVP\)

Matt said:
Am I the only one who finds this fishy?

This doesn't sound legit to me.

Matt Gibson - GSEC
Click to expand...
Hi

I looks legit to me, MS have done this survey before, at the time SP2
was released, an the post comes from a host inside Microsoft (IP
address 131.107.76.143 is the NNTP-Posting-Host from the header of the
post):

C:\>nslookup 131.107.76.143
(snip)

Name: tide001.microsoft.com
Address: 131.107.76.143
 
M

Matt Gibson

Fair nuff.

Didn't have time to look at the headers...just seemed strange to me that
it'd be that informal, and using...surveymonkey...*shrug*

-Matt
 
D

David H. Lipman

NNTP-Posting-Host: tide001.microsoft.com 131.107.76.143

OrgName: Microsoft Corp
OrgID: MSFT
Address: One Microsoft Way
City: Redmond
StateProv: WA
PostalCode: 98052
Country: US

NetRange: 131.107.0.0 - 131.107.255.255
CIDR: 131.107.0.0/16
NetName: MICROSOFT
NetHandle: NET-131-107-0-0-1
Parent: NET-131-0-0-0-0
NetType: Direct Assignment
NameServer: NS1.MSFT.NET
NameServer: NS5.MSFT.NET
NameServer: NS2.MSFT.NET
NameServer: NS3.MSFT.NET
NameServer: NS4.MSFT.NET
Comment:
RegDate: 1988-11-11
Updated: 2004-12-09

TechHandle: ZM39-ARIN
TechName: Microsoft
TechPhone: +1-425-936-4200
TechEmail: ***@microsoft.com

OrgAbuseHandle: HOTMA-ARIN
OrgAbuseName: Hotmail Abuse
OrgAbusePhone: +1-425-882-8080
OrgAbuseEmail: *****@hotmail.com

OrgAbuseHandle: MSNAB-ARIN
OrgAbuseName: MSN ABUSE
OrgAbusePhone: +1-425-882-8080
OrgAbuseEmail: *****@msn.com

OrgAbuseHandle: ABUSE231-ARIN
OrgAbuseName: Abuse
OrgAbusePhone: +1-425-882-8080
OrgAbuseEmail: *****@microsoft.com

OrgNOCHandle: ZM23-ARIN
OrgNOCName: Microsoft Corporation
OrgNOCPhone: +1-425-882-8080
OrgNOCEmail: ***@microsoft.com

OrgTechHandle: MSFTP-ARIN
OrgTechName: MSFT-POC
OrgTechPhone: +1-425-882-8080
OrgTechEmail: ******@microsoft.com


--
Dave




| Am I the only one who finds this fishy?
|
| This doesn't sound legit to me.
|
| Matt Gibson - GSEC
|
| | > If you can spare a few minutes I would love to find out if your
| > organization is using the XP SP2 Windows Firewall, and what (if any) kinds
| > of improvements you might like to see in the future. As we make plans for
| > the Windows Firewall we would like to see if customer deployments, and
| > needs, may have changed now that it's been shipping for a while.
| >
| > http://www.surveymonkey.com/s.asp?u=47602838938&c=nssecadmin
| >
| > I would still be eager to hear from you weather or not you plan on using
| > the Windows Firewall.
| >
| > Thanks,
| > Michael Surkan
| >
| > Program Manager,
| > Networking & Devices,
| > Microsoft
| >
|
|
 
D

David H. Lipman

*Always* examine the headers to know who you are communicating with.

--
Dave




| Fair nuff.
|
| Didn't have time to look at the headers...just seemed strange to me that
| it'd be that informal, and using...surveymonkey...*shrug*
|
| -Matt
 
M

Michael Surkan [MS]

If you want to verify my identity, feel free to e-mail my Microsoft address.
Just remove the "online" part (I modify my return address a bit to avoid
SPAM).

I use surveymonkey because it is quick and easy for doing surveys on the
Internet. The "official" survey tools we have require a lot more planning,
and effort.

By the way, I'd like to thank everyone for all the great input they've been
sending my way! It makes it much easier to make the case for making
particular improvements when I can show that it's not just my big mouth
flabbing about what "I" think is cool.

Cheers,
Michael Surkan
 
P

Paul

Mike, Windows XP Firewall was a nice idea, but it should be installed as
DISABLED by default for computers that are part of a DOMAIN. We rolled it
out to more than 200 systems a few weeks ago and had to go back and stop
and disable the service on every one of them. There are many remote
support tools and we don't use RD at all - there is no reason to run it
inside a DOMAIN.
Click to expand...

I'm just wondering: did you use group policy to disable the firewall an all
of the machines or did you have to walk to every machine and do it
manually........
 
L

Leythos

I'm just wondering: did you use group policy to disable the firewall an all
of the machines or did you have to walk to every machine and do it
manually........
Click to expand...

We opened them remotely using the Manage Computer function - click on
computer, select Connect to another computer, down to services.... In some
cases, depending on where they were located behind the firewalls
(appliances) we had to disable them locally.
 
L

Lanwench [MVP - Exchange]

Leythos said:
We opened them remotely using the Manage Computer function - click on
computer, select Connect to another computer, down to services....
Click to expand...

Just curious - how'd you do that if the firewall was enabled?
 
L

Leythos

Just curious - how'd you do that if the firewall was enabled?
Click to expand...

Try it, it worked on the system we setup. It also works in my home. The
firewall doesn't block everything be default.
 
D

David H. Lipman

No. I used a Kixtart script in the Login Process and a Kixtart script to install WinXP SP2.

In the Installation process of WinXP SP2 I used the commands...

regedit /s Firewall.reg
comspec% /c sc.exe config SharedAccess start= disabled

I don't have access to the contents of 'Firewall.reg' anymore. I'm sorry I can't post it's
contents.

In the Login Script was...

%comspec% /c sc.exe config messenger start= auto
%comspec% /c net stop SharedAccess
%comspec% /c sc.exe config SharedAccess start= disabled
%comspec% /c net start messenger


--
Dave




| > Mike, Windows XP Firewall was a nice idea, but it should be installed as
| > DISABLED by default for computers that are part of a DOMAIN. We rolled it
| > out to more than 200 systems a few weeks ago and had to go back and stop
| > and disable the service on every one of them. There are many remote
| > support tools and we don't use RD at all - there is no reason to run it
| > inside a DOMAIN.
|
| I'm just wondering: did you use group policy to disable the firewall an all
| of the machines or did you have to walk to every machine and do it
| manually........
|
|
 
T

Torgeir Bakken \(MVP\)

David said:
No. I used a Kixtart script in the Login Process and a Kixtart
script to install WinXP SP2.

In the Installation process of WinXP SP2 I used the commands...

regedit /s Firewall.reg
comspec% /c sc.exe config SharedAccess start= disabled

I don't have access to the contents of 'Firewall.reg' anymore.
I'm sorry I can't post it's contents.
Click to expand...
Hi

I assume you set the following two registry values (can be applied
before or after the SP2 installation):

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile
\EnableFirewall=0 (DWORD data type)

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile
\EnableFirewall=0 (DWORD data type)
 
D

David H. Lipman

Thank You Torgeir.

That's the contents.
I believe I got that information from you last year ;-)

--
Dave




| David H. Lipman wrote:
|
| > No. I used a Kixtart script in the Login Process and a Kixtart
| > script to install WinXP SP2.
| >
| > In the Installation process of WinXP SP2 I used the commands...
| >
| > regedit /s Firewall.reg
| > comspec% /c sc.exe config SharedAccess start= disabled
| >
| > I don't have access to the contents of 'Firewall.reg' anymore.
| > I'm sorry I can't post it's contents.
| Hi
|
| I assume you set the following two registry values (can be applied
| before or after the SP2 installation):
|
| HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile
| \EnableFirewall=0 (DWORD data type)
|
| HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile
| \EnableFirewall=0 (DWORD data type)
|
|
| --
| torgeir, Microsoft MVP Scripting and WMI, Porsgrunn Norway
| Administration scripting examples and an ONLINE version of
| the 1328 page Scripting Guide:
| http://www.microsoft.com/technet/scriptcenter/default.mspx
 
G

Guest

Matt Gibson said:
*grin*

Didn't have the time, that's why I didn't click on the link :)

-Matt
Click to expand...

FWIW, this multipost is kicking up a little dust in m.p.security.

Pete
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Are you using the Windows Firewall? 5
Will you deploy XP SP2 Windows Firewall? 1
Windows 11 Are you using Windows 11 yet? 27
Using Windows Firewall Domain Profile without a domain 2
Unable to turn on Windows Firewall 4
Firewall, Anti virus, anti spyware 5
XPsp2 firewall - bug? - disables on certain networks 7
WinXP Firewall (Home Edition) 1

Top