SP2 - Windows Firewall

[Bob]

Does anyone know how to configure Windows Firewall (in
SP2) to make port exceptions for all ports for local
subnet traffic? In other words, how do I allow all
machines on my local subnet to talk on all ports, but
still keep external threats to a minimum?

 

[Hans-Georg Michna]

Does anyone know how to configure Windows Firewall (in
SP2) to make port exceptions for all ports for local
subnet traffic? In other words, how do I allow all
machines on my local subnet to talk on all ports, but
still keep external threats to a minimum?

Bob,

please have a look at http://www.michna.com/kb/WxSP2.htm.

Hans-Georg

 

[Steve Winograd [MVP]]

Does anyone know how to configure Windows Firewall (in
SP2) to make port exceptions for all ports for local
subnet traffic? In other words, how do I allow all
machines on my local subnet to talk on all ports, but
still keep external threats to a minimum?

I don't think that's possible, Bob -- I only see how to open
individual ports:

Understanding Windows Firewall: Using the Exceptions Tab
http://www.microsoft.com/windowsxp/using/security/internet/sp2_wfexceptions.mspx

You'd be better off using something like ZoneAlarm, which can put the
local subnet into the Trusted Zone, instead of Windows Firewall.

I recommend NOT opening all ports on the local subnet. Opening only
specific ports that you know you need is a security measure that can
prevent a computer infected with a network worm (e.g. Blaster) from
infecting the other computers.
--
Best Wishes,
Steve Winograd, MS-MVP (Windows Networking)

Please post any reply as a follow-up message in the news group
for everyone to see. I'm sorry, but I don't answer questions
addressed directly to me in E-mail or news groups.

Microsoft Most Valuable Professional Program
http://mvp.support.microsoft.com

 

[Guest]

I don't think that's possible, Bob -- I only see how to open
individual ports:

Understanding Windows Firewall: Using the Exceptions Tab
http://www.microsoft.com/windowsxp/using/security/internet/sp2_wfexceptions.mspx

You'd be better off using something like ZoneAlarm, which can put the
local subnet into the Trusted Zone, instead of Windows Firewall.

I recommend NOT opening all ports on the local subnet. Opening only
specific ports that you know you need is a security measure that can
prevent a computer infected with a network worm (e.g. Blaster) from
infecting the other computers.
--
Best Wishes,
Steve Winograd, MS-MVP (Windows Networking)

Please post any reply as a follow-up message in the news group
for everyone to see. I'm sorry, but I don't answer questions
addressed directly to me in E-mail or news groups.

Microsoft Most Valuable Professional Program
http://mvp.support.microsoft.com

 

[Guest]

I don't think that's possible, Bob -- I only see how to open
individual ports:

Understanding Windows Firewall: Using the Exceptions Tab
http://www.microsoft.com/windowsxp/using/security/internet/sp2_wfexceptions.mspx

You'd be better off using something like ZoneAlarm, which can put the
local subnet into the Trusted Zone, instead of Windows Firewall.

I recommend NOT opening all ports on the local subnet. Opening only
specific ports that you know you need is a security measure that can
prevent a computer infected with a network worm (e.g. Blaster) from
infecting the other computers.
--
Best Wishes,
Steve Winograd, MS-MVP (Windows Networking)

Please post any reply as a follow-up message in the news group
for everyone to see. I'm sorry, but I don't answer questions
addressed directly to me in E-mail or news groups.

Microsoft Most Valuable Professional Program
http://mvp.support.microsoft.com

Each time I try to send a post to any newsgroup, "the small finger"
comes up with the red circle and I am unable to make posts on any newsgroup.
Please help.