How to prohibit notifications but still log event ID 851 security

G

Guest

When the XPSP2 Firewall Policy is set to "Prohibit notifications" it also
appears to not log any indication that an application had any issue with the
firewall configuration. By contrast, with the notifications enabled, an
Event ID 851 message is recorded in the Security log for any application that
encounters an issue with the firewall.

We'd like to roll out SP2 with the firewall enabled to ~500 XP Pro
systems... in doing our research for this deployment, we've created a number
of port & application exceptions, however, we anticipate that some
application will not agree with the firewall. Is there a way to log
application issues, WITHOUT notifying the user with a dialog box?

Thanks.
 
S

Steven L Umbach

Apparently not. If logging is enabled for the Windows Firewall you can use
that also to help track down problems with blocked access by looking for
entries that say dropped,etc. --- Steve
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Event 577 in Security Event Log 1
Security settings NOT prohibit ActiveX - but still get message 2
Turning XP firewall off 3
Event ID 861 3
Event id 529 3
Event ID 861 4
Failure Audit Security Log Event ID 577 6
Windows XP SP2 Firewall causing Security Log to fill 1

Top