+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 17
How do you do....it? Thread, Windows XP SP2 firewall policies on Domain in Technical; Just wondering how everyone else does this. We have the Default Domain policy set so that Windows Firewall is turned ...
  1. #1
    Kyle's Avatar
    Join Date
    Jan 2006
    Posts
    969
    Thank Post
    91
    Thanked 14 Times in 13 Posts
    Rep Power
    20

    Windows XP SP2 firewall policies on Domain

    Just wondering how everyone else does this. We have the Default Domain policy set so that Windows Firewall is turned of on our domain. I have been reading in depth on this today and reading about all the various firewall options.

    How have you got your set up?
    DO you have it enabled and the configure the policy settings?
    Is your disabled like ours?

    Your thoughts and suggestions please. :dontknow:

  2. #2
    Norphy's Avatar
    Join Date
    Jan 2006
    Location
    Harpenden
    Posts
    1,984
    Thank Post
    45
    Thanked 218 Times in 165 Posts
    Blog Entries
    6
    Rep Power
    93

    Re: Windows XP SP2 firewall policies on Domain

    I keep it turned off personally. Makes life easier all round.

  3. #3
    Guest

    Re: Windows XP SP2 firewall policies on Domain

    I keep it turned off also. Make life much more easy in the long run.

  4. #4

    Geoff's Avatar
    Join Date
    Jun 2005
    Location
    Fylde, Lancs, UK.
    Posts
    11,800
    Thank Post
    110
    Thanked 582 Times in 503 Posts
    Blog Entries
    1
    Rep Power
    223

    Re: Windows XP SP2 firewall policies on Domain

    You need the new ADM templates (either W2K3 SP1 or XP SP2) to control the firewall settings.

    I disable it.

  5. #5

    webman's Avatar
    Join Date
    Nov 2005
    Location
    North East England
    Posts
    8,374
    Thank Post
    625
    Thanked 951 Times in 653 Posts
    Blog Entries
    2
    Rep Power
    318

    Re: Windows XP SP2 firewall policies on Domain

    We have it disabled, too. Workstations aren't directly connected to the internet and the chances of them suffering an attack internally that the firewall could handle anyway is fairly non-existant.

  6. #6
    Joedetic's Avatar
    Join Date
    Jan 2006
    Location
    Walsall
    Posts
    1,316
    Thank Post
    6
    Thanked 13 Times in 13 Posts
    Rep Power
    21

    Re: Windows XP SP2 firewall policies on Domain

    We had it turned off too

  7. #7

    Dos_Box's Avatar
    Join Date
    Jun 2005
    Location
    Preston, Lancashire
    Posts
    9,470
    Thank Post
    525
    Thanked 1,993 Times in 932 Posts
    Blog Entries
    23
    Rep Power
    575

    Re: Windows XP SP2 firewall policies on Domain

    Turned off. It saves me having to allow various differnt ports for certain software i.e NetSupport Manager on each machine. besides, your domain firewall is supposed to protecting your LAN. The Windows one is fine for home and on the road use, but not in your school. A good AV setup and domain firewall should be all you need.

  8. #8

    Ric_'s Avatar
    Join Date
    Jun 2005
    Location
    London
    Posts
    7,582
    Thank Post
    107
    Thanked 761 Times in 592 Posts
    Rep Power
    179

    Re: Windows XP SP2 firewall policies on Domain

    I have it disabled on workstations but laptops have it enabled when not connected to the network (there is a setting to do this).

  9. #9

    Join Date
    Nov 2005
    Location
    North
    Posts
    1,731
    Thank Post
    23
    Thanked 78 Times in 63 Posts
    Rep Power
    35

    Re: Windows XP SP2 firewall policies on Domain

    I'd like to vote for on just to buck the trend. I had it turned off for the last couple fo years but decided to switch it on as I have some pupils who connect to the network with their laptops.

    Easy enough to get working.

    Sophos Remote Management, VNC and Browsecontrol are the only ones I have needed to open up but mines a nice quiet network.

  10. #10
    petectid's Avatar
    Join Date
    Jun 2005
    Posts
    298
    Thank Post
    2
    Thanked 15 Times in 13 Posts
    Rep Power
    19

    Re: Windows XP SP2 firewall policies on Domain

    Same as Simcfc73, changed it this year, use a netsh command during sysprep to set exceptions having modified the netfw.inf

  11. #11
    ajbritton's Avatar
    Join Date
    Jul 2005
    Location
    Wandsworth
    Posts
    1,632
    Thank Post
    23
    Thanked 75 Times in 45 Posts
    Rep Power
    33

    Re: Windows XP SP2 firewall policies on Domain

    On. If a nasty worm/virus does get onto your network (yes, I know AV should pick it up but you never know...), then your PCs are still protected. It's really easy to configure it, so why not!

  12. #12

    Dos_Box's Avatar
    Join Date
    Jun 2005
    Location
    Preston, Lancashire
    Posts
    9,470
    Thank Post
    525
    Thanked 1,993 Times in 932 Posts
    Blog Entries
    23
    Rep Power
    575

    Re: Windows XP SP2 firewall policies on Domain

    Quote Originally Posted by ajbritton
    On. If a nasty worm/virus does get onto your network (yes, I know AV should pick it up but you never know...), then your PCs are still protected. It's really easy to configure it, so why not!
    Yes, but then it is in your network. And with XPs firewall only being one way (inbound) then it would be free to escape an infected PC anyway! Besides, remember Blaster? The XP firewall was like a chocolate fireguard in that instance.

  13. #13
    Guest

    Re: Windows XP SP2 firewall policies on Domain

    Remeber Blaster? I still have nightmares of turning up to work that morning :LOL:

  14. #14
    Norphy's Avatar
    Join Date
    Jan 2006
    Location
    Harpenden
    Posts
    1,984
    Thank Post
    45
    Thanked 218 Times in 165 Posts
    Blog Entries
    6
    Rep Power
    93

    Re: Windows XP SP2 firewall policies on Domain

    It took me the better part of two weeks to get that bastard and Nachi cleared from our network. Fun :\

  15. #15

    Geoff's Avatar
    Join Date
    Jun 2005
    Location
    Fylde, Lancs, UK.
    Posts
    11,800
    Thank Post
    110
    Thanked 582 Times in 503 Posts
    Blog Entries
    1
    Rep Power
    223

    Re: Windows XP SP2 firewall policies on Domain

    As I eluded to in another thread. I have a system for combating worms at the firewall.

    http://www.edugeek.net/index.php?nam...ewtopic&t=4314

    Even so, as Dos_Box says, the Windows firewall will not help you in a Blaster/Nachi situation. This is because there are default exceptions for the RPC and Windows networking ports (137-139 and 445). You can't block these ports on the client in a domain enviroment because AD ceases to function.

    The only way you can stop them is by blocking them before they enter your network and by keeping your machines patched and up to date (although Microsofts release policy leaves a lot to be desired).

    The only other obvious infection path way I can think of that I haven't got a solution for is laptops coming off and on the network.

SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. Domain policies not being pulled across
    By badsurname in forum Windows
    Replies: 29
    Last Post: 18th January 2008, 02:30 PM
  2. Did MS do something windows firewall?
    By Teth in forum Windows
    Replies: 5
    Last Post: 20th September 2007, 09:15 AM
  3. Windows Firewall
    By Mintsoft in forum Windows
    Replies: 3
    Last Post: 22nd March 2006, 09:59 AM
  4. Replies: 2
    Last Post: 22nd February 2006, 12:30 AM
  5. Windows Firewall
    By GrumbleDook in forum Windows
    Replies: 16
    Last Post: 31st August 2005, 12:54 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •