+ Post New Thread
Results 1 to 6 of 6
Windows Thread, Did MS do something windows firewall? in Technical; Since the start of term I've had some odd happensings on my network but no time to investigate. Antivirus updates ...
  1. #1

    Join Date
    Jun 2006
    Location
    Belfast, N\'Ireland
    Posts
    190
    Thank Post
    10
    Thanked 9 Times in 7 Posts
    Rep Power
    19

    Did MS do something windows firewall?

    Since the start of term I've had some odd happensings on my network but no time to investigate. Antivirus updates failing on some machines. Some machines refusing connections from VNC and netsupport school etc. I finally got to investigate properly today and have discovered that the Windows XP firewall has been turned on on every XP SP2 machine on my entire network. According to the GPO controlling it it is turned off but the evidence is irrifutable.

    Machines refuse to reply to ping until you go into GPO and add the exception for ICMP.

    They refuse to accept VNC connections till I added an exception for that in the GPO.

    I changed the GPO setting for windows firewall in GPO to "not defined" and then back to off restarting some sample machines in between. The goldpadlock is gone from the network connections but unless an exception is defined they are still rejecting connectiosn unless an exception is defined. If I define an additional exception and update group policy on them the connection is made imediately.

    Alot of hotfixes from MS installed from WSUS after the summer break so my assumption is they did something. Has anyone else come across this?

    Its home time but research via google will start on this first thing tomorrow.

  2. #2

    tech_guy's Avatar
    Join Date
    May 2007
    Location
    That little bit in the middle of Little Old England
    Posts
    8,136
    Thank Post
    1,913
    Thanked 1,345 Times in 743 Posts
    Blog Entries
    3
    Rep Power
    396

    Re: Did MS do something windows firewall?

    What you have experienced is really interesting - I haven't seen this on my PCs at work but I have on PCs that I have been working on privately. I too was wondering if there was something in the last round of updates from MS but have so far been unable to confirm it.

    I've seen a number of XP clients that seemingly have had the firewall activated without any user input.

    Is it time for MS to own up?

  3. #3

    Join Date
    Jan 2006
    Location
    Surburbia
    Posts
    2,178
    Thank Post
    74
    Thanked 307 Times in 243 Posts
    Rep Power
    115

    Re: Did MS do something windows firewall?

    Is it time for MS to own up?
    Would have thought we'd have heard by now given the recent noise about unsanctioned WU updates to WU itself.

    Perhaps it's some malware turning the firewall on to prevent the competition (other malware) from trashing it's new home.

  4. #4

    Join Date
    Jun 2006
    Location
    Belfast, N\'Ireland
    Posts
    190
    Thank Post
    10
    Thanked 9 Times in 7 Posts
    Rep Power
    19

    Re: Did MS do something windows firewall?

    Morning.


    Just getting back to this issue now.

    I've ruled out Malware with a clean machine build in the testing Vlan. Firewall was on after install from the windows CD then it was off by GPO Properly after its first restart.

    WSUS kicked in and restarted after the first round of updates. Firewall still off
    2nd round of updates machine restarted and its back to its not showing firewall icon on the network connection but behaving very much like a firewalled machine.

    Sadly that 2nd round of updates is 120+ updates depending on the machine. I'm gonna try some internet searches first cos I don't really want to get into a game of install one update at a time.

    I'm wondering if there was an update to the firewall which was supposed to be acompanied by an update to the GPO that some how missed on my DCs?

  5. #5
    DMcCoy's Avatar
    Join Date
    Oct 2005
    Location
    Isle of Wight
    Posts
    3,484
    Thank Post
    10
    Thanked 502 Times in 442 Posts
    Rep Power
    114

    Re: Did MS do something windows firewall?

    On an affected machine, does the firewall say it is working in domain mode (its a line down the bottom below the off option for the firewall). Mine say "windows firewall is using your domain settings". There is also a combination of GPO options that breaks domain detection for firewall and other services as a reg key gets lost, I'll try and remember what it was.

  6. #6

    Join Date
    Jun 2006
    Location
    Belfast, N\'Ireland
    Posts
    190
    Thank Post
    10
    Thanked 9 Times in 7 Posts
    Rep Power
    19

    Re: Did MS do something windows firewall?

    Yep its says its running in domain mode and the radial button for firewall off is the one that filled even tho its greyed out. But unless I set exceptions applications are being firewalled anyway.

    I've something of a breakthrough in the next 5mins. After rebuilding my test firtual machine again and reapplying GPOs its working properly.. now if I could just work out why.

SHARE:
+ Post New Thread

Similar Threads

  1. Endian Firewall and Windows Updates
    By Craig_W in forum *nix
    Replies: 7
    Last Post: 6th December 2011, 03:05 PM
  2. no firewall etc
    By ptrainor1 in forum Wireless Networks
    Replies: 15
    Last Post: 22nd October 2006, 09:34 PM
  3. Windows XP SP2 firewall policies on Domain
    By Kyle in forum How do you do....it?
    Replies: 16
    Last Post: 25th September 2006, 05:51 PM
  4. Windows Firewall
    By Mintsoft in forum Windows
    Replies: 3
    Last Post: 22nd March 2006, 09:59 AM
  5. Windows Firewall
    By GrumbleDook in forum Windows
    Replies: 16
    Last Post: 31st August 2005, 12:54 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •