Windows XP and 2003 Firewall steps
This group of steps allows you to define the firewall settings for Windows XP SP2 (32 bit), Windows XP SP1 (64 bit), Windows 2003 SP1 (32 or 64 bit) and Windows 2003 SR2 (32 bit).
Add or Edit a Firewall Rule
This step allows you to add new rules (exceptions) or modify existing rules of the Windows firewall. Editing a program exception allows you to change the path or file name that is associated with the program and configure scope settings for the exception.
Parameter | Description |
---|---|
Application Name | Specifies the friendly name for the exception, which is displayed in the graphical user interface. This may be any string with less than 256 characters. |
Address Range | Specifies one or more IPv4 addresses or IPv4 address ranges separated by commas (with no spaces). When you use a dotted decimal subnet mask, you can specify the range as an IPv4 network ID (such as 10.47.81.0/255.255.255.0 ) or by using an IPv4 address within the range (such as 10.47.81.231/255.255.255.0 ). When you use a network prefix length, you can specify the range as an IPv4 network ID (such as 10.47.81.0/24 ) or by using an IPv4 address within the range (such as 10.47.81.231/24 ). The following is an example custom list: 10.91.12.56,10.7.14.9/255.255.255.0,10.116.45.0/255.255.255.0,172.16.31.11/24,172.16.111.0/24 . |
Application Path | Specifies the absolute path to the executable ( .exe ) file used by the program or system service. You may use system variables to specify the location where the program is located on your target device. |
Profile | Defines if the Windows Firewall settings are to be configured in the standard profile or the domain profile:
|
Scope | Select whether you want to allow this application to communicate to any source ( * ), which could include any device on the Internet, or your local network only ( Local Subnet ), which limits communications to devices on your local subnet. |
Status | Select the value for the application. |
Add or Edit an Open Port
You can configure the Windows Firewall to block all outside sources from connecting to the device, or you can open selected ports and mappings to allow specific services that you trust. This step allows you to add, i.e., open a port or modify an open port of the Windows Firewall.
Windows Firewall allows you to open ports to allow only traffic from addresses on your local subnet, or globally to allow traffic from any network location, local or on the Internet. The local setting is useful for allowing file and printer sharing, and other local networking services. When you configure ports, you can specify the port number and protocol, and then selectively turn that port setting on or off.
When you add a port to the exceptions list, you must specify the protocol (TCP or UDP) and port number. You cannot specify protocols other than TCP or UDP and you cannot add a port number without specifying either TCP or UDP. (For example, you cannot exclude traffic based on protocol alone.) When you add a TCP or UDP port to the exceptions list, the port is open (unblocked) whenever Windows Firewall is running, regardless if there is a program or system service listening for incoming traffic on the port. For this reason, if you need to allow unsolicited incoming traffic through Windows Firewall, you should create a program exception instead of a port exception. When you add a program to the exceptions list, Windows Firewall dynamically opens and closes the ports required by the program. When the program is running and listening for incoming traffic, Windows Firewall opens the required ports; when the program is not running or is not listening for incoming traffic, Windows Firewall closes the ports.
Parameter | Description |
---|---|
Name | Enter the port name of the service or program you want to allow to communicate through a port. This is the user friendly name that appears in the exceptions list in the graphical user interface, it may be any string less than 256 characters. |
Address Range | Specifies one or more IPv4 addresses or IPv4 address ranges separated by commas (with no spaces). When you use a dotted decimal subnet mask, you can specify the range as an IPv4 network ID (such as 10.47.81.0/255.255.255.0 ) or by using an IPv4 address within the range (such as 10.47.81.231/255.255.255.0 ). When you use a network prefix length, you can specify the range as an IPv4 network ID (such as 10.47.81.0/24 ) or by using an IPv4 address within the range (such as 10.47.81.231/24 ). The following is an example custom list: 10.91.12.56,10.7.14.9/255.255.255.0,10.116.45.0/255.255.255.0,172.16.31.11/24,172.16.111.0/24. If you define values for this parameter, the previous parameter Scope is ignored. |
Port Number | Enter here the port number of the program or service. To find the port number, consult the documentation for the program or service you want to use. Adding this port signifies the port is always open; unsolicited incoming traffic is always allowed to pass through the port unless you uncheck the Allow Exceptions option when changing the Firewall settings with the Change Firewall Status step. |
Profile | Defines if the Windows Firewall settings are to be configured in the standard profile or the domain profile:
|
Protocol | Select the protocol, either TCP or UDP, which is to be allowed to pass the port from the drop down list. |
Scope | Select whether you want to open this port for Any source , which could include any computer on the Internet, or Local network only , which limits opening the port to computers on your local network. There are two scope options:
|
Status | Select the value for the port. |
Change Firewall Status
This step allows you to changes the status of the Windows Firewall, i.e., to enable or disable it.
Parameter | Description |
---|---|
Allow Exceptions | Check this box to specify that all unsolicited incoming traffic is dropped, including traffic that has been added to the exceptions list. This turns on the Windows Firewall and allows all exceptions to take effect. It is useful when you are connected to a public network, such as the Internet, or a non-secure private network. When you perform this procedure, all of the exceptions in the exceptions list are enabled. |
Allow Notifications | When allowing notifications, Windows Firewall displays a Windows Security Alert dialog box (referred to as a notification) when a program attempts to listen for unsolicited incoming traffic. If you are a member of the Administrators group on the computer, the notification gives you the ability to add the program to the exceptions list. If you are not a member of the Administrators group on the computer, the notification informs you that a program attempted to listen for incoming traffic but was blocked. |
Profile | Defines if the Windows Firewall settings are to be configured in the standard profile or the domain profile:
|
Status | Select the value for the change operation. |
Configure ICMP Settings
This step configures the ICMP settings of Windows Firewall. In Windows Firewall, the ICMP settings are off by default. This means that no incoming or outgoing ICMP communications are allowed.
This protects the device against attacks such as cascading ping floods. ICMP is also used for network discovery and mapping, and allows computers on a network to share error and status information. Also you should use these settings if your organization uses the ping or tracert commands for troubleshooting. Usually, you configure these settings only once or on an as-needed basis.
Parameter | Description |
---|---|
Allow Incoming Echo Request | Check this box if messages sent to this computer is repeated back to the sender. This is commonly used for troubleshooting, for example, to ping a machine. If disabled, commands that use the ICMP Echo message, such as ping or tracert, do not work. |
Allow Incoming Mask Request | Check this option if the device is to listen for and respond to requests for more information about the public network to which it is attached. |
Allow Incoming Router Request | Check this option if the device is to respond to requests for information about the routes it recognizes. |
Allow Incoming Timestamp Request | Check this option if data sent to this device can be acknowledged with a confirmation message indicating the time that the data was received. |
Allow Outgoing Destination Unreachable | Data sent over the Internet that fails to reach this computer due to an error is discarded and acknowledged with a "destination unreachable" message explaining the failure. If you are running network management software that uses ICMP Destination Unreachable messages, you need to enable this option. |
Allow Outgoing Packet Too Big | Corresponds to ICMPv6 Type 2 (Packet Too Big) messages. |
Allow Outgoing Parameter Problem | Check this option if a device is to reply to the sender with a "bad header" error message when it discards data it has received due to a problematic header. |
Allow Outgoing Source Quench | Check this option if the device is to drop data and to ask the sender to slow down when its ability to process incoming data cannot keep up with the rate of a transmission. |
Allow Outgoing Time Exceeded | Check this option if the device is to reply to the sender with a "time expired" message when it discards an incomplete data transmission because the entire transmission required more time than allowed. |
Allow Redirect | Check this option if data sent from a device is rerouted if the default path changes. |
Profile | Defines if the Windows Firewall settings are to be configured in the standard profile or the domain profile:
|
Delete Firewall Rules
Deleting a program exception (rule) removes the exception from the exceptions list and prevents the program from receiving unsolicited incoming traffic (unless a port exception or some other exception allows unsolicited incoming traffic to reach the program).
Parameter | Description |
---|---|
Application Path | Specifies the absolute path to the executable ( .exe ) file used by the program or system service. You may use system variables to specify the location where the program is located on your target device. |
Profile | Specifies if the rule is currently applied to a specific profile such as the domain or standard profile, or if it is applicable to all profiles. |
Delete Open Port
Deleting a port exception closes (blocks) the port and prevents the port from receiving unsolicited traffic (unless another port exception or some other exception allows unsolicited incoming traffic to reach the program).
Parameter | Description |
---|---|
Port Number | Enter the port number to be removed from the list of exceptions. |
Profile | Defines if the Windows Firewall settings are to be configured in the standard profile or the domain profile:
|
Protocol | Select the protocol, either TCP or UDP, for which the port was defined. |
Firewall Settings Inventory
This step gets the Windows Firewall settings and stores them in the custom inventory.
Parameter | Description |
---|---|
Authorized Applications | Defines if the list of exceptions concerning the applications are listed in the inventory. |
Firewall Status | Uncheck this box if the status of Windows Firewall is not to be included in the custom inventory. |
ICMP Settings | Clear this option if either you are not using ICMP settings or you do not want to include them in the custom inventory. |
Open Ports | Clear this option if the open ports on the list of exceptions are not to be included in the inventory. |
Profile | Defines if the values are to be included for all profiles or only for a specific type of profile, that is, the domain or the standard profile. |
Restore Backup Settings
This step restores the Windows Firewall settings to the backup settings created by the Setting Backup step.
Parameter | Description |
---|---|
Backup Path | Enter the path to the directory in which the backup to be restored is located. |
Restore Default Settings
This step restores all default settings of the Windows firewall.
No parameters need to be defined for this step.
Setting Backup
This step creates a backup of the current settings of the Windows Firewall in a specifically defined directory.
Parameter | Description |
---|---|
Backup Path | The relative or absolute path, including the file name, in which the backup is to be created. |
Comments
Log in or register to comment.