Windows XP Firewall & LAN/Domain Configuration

R

Research Services

Has anyone developed a minimal list of TCP/UDP Ports to open on the built-in
Windows XP Internet Connection Firewall to allow the client machine to work
properly in a LAN Windows 2000 Active Directory Domain?


We have heard that the ICF was originally intended for home users. But with
the recent announcement of the heightened security enhancements in SP2 for
Windows XP it really sounds like Microsoft is changing that to include those
on a LAN.

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnwxp/html/securityinxpsp2.asp

If they are turning ICF ON by default with SP2 that certainly applies to the
thousands of XP machines we have on our LAN so we expect a way to configure
the advanced settings of ICF with Group Policies.
 
R

Roger Abell

Actually, if a W2k3 member is any indicator, there is not
much needed. The ICF allows returns for anything originated
inside. There is very little in a default AD environment that
is invasive toward the client from the domain; mostly only
optionals like remote management tools reaching in, expecting
such as Remote Reg Svc, admin shares, SMS discoveries, etc..

But you pose good questions which are, AFAIK, at this point
not resolved : whether it will default on only for stand-alones,
whether a new .adm will be provided to extend policies into
new areas (ICF), etc..
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Internet Connection Firewall- unknown services 4
Proposed Internet Connection Firewall change in WinXP SP2 4
Windows XP Pro, Internet Connection Firewall & Group Policy 4
Windows XP firewall... 1
ICF on Corporate LAN and Program distribution 2
XP SP 2 Firewall and my Domain 4
Problem with Remote Procedure Call 1
Firewall / Advanced Tab 3

Top