SP2 firewall defaults confusion

Discussion in 'MCDST' started by supernova, Feb 11, 2009.

  1. supernova

    supernova Gigabyte Poster

    1,422
    21
    80
    I am a little confused

    a test question answer states that distributed SP2 on to windows xp pro pc's doesn't block file sharing by default.

    Installed windows XP pro sp2 eval cd on to a machine and it blocks file sharing by default.

    Am i right in thinking that the default exceptions are different in the two?

    Anyone have a link to explain this and list differences in sp2 and xp sp2? .. cant seem to see anything in mspress book

    I would post the answer but i would be breaking copyright
    but its Question Number (ID) : 11 (070-271.01.03.010) on the mspress book' cd for 271

    Andrew
     
    Certifications: Loads
    WIP: Lots
  2. supernova

    supernova Gigabyte Poster

    1,422
    21
    80
    i should add that with windows XP pro sp2 when you create your first share you have the option to run the network wizard that intern configures the firewall, however, if you just enable sharing its still block by firewall by default.

    perhaps it means its enabled by default when you run the network set-up wizard whilst setting up fist share?

    and on a upgrade when you already have shares eg group policy install of sp2?

    Andrew
     
    Certifications: Loads
    WIP: Lots
  3. dales

    dales Terabyte Poster

    2,005
    51
    142
    Andi,

    I'm not sure if there is a difference between installing sp2 on xp or for example getting an xp with sp2 machine fresh out of the box. But I think the important bit in the doc below is where it states unsolicited connections would be blocked by default. So file sharing as such is still enabled but only if the xp machine has requested it.

    http://support.microsoft.com/kb/842242
     
    Certifications: vExpert 2014+2015+2016,VCP-DT,CCE-V, CCE-AD, CCP-AD, CCEE, CCAA XenApp, CCA Netscaler, XenApp 6.5, XenDesktop 5 & Xenserver 6,VCP3+5,VTSP,MCSA MCDST MCP A+ ITIL F
    WIP: Nothing
  4. supernova

    supernova Gigabyte Poster

    1,422
    21
    80
    could be, think it means these are default because they are enabled when set-up by default ie remote desktop enabled, sharing invokes network wizard that sets up up firewall etc, remote assistance when enabled (which is by default)

    default setting out of the box are in fact as follows

    [​IMG]


    Andrew
     
    Certifications: Loads
    WIP: Lots
  5. Qs

    Qs Semi-Honorary Member Gold Member

    3,081
    70
    171
    dales is bang on

    The exception is in the Windows firewall by default but it is not enabled until something requests it, then it is enabled automatically (if it is solicited traffic trying to pass through, anything else will require manual input)

    Try it yourself. Open up the firewall exceptions and you'll see its unchecked. Share a folder. Check the exceptions list again and it'll be checked automatically.

    Qs
     
    Certifications: MCT, MCSE: Private Cloud, MCSA (2008), MCITP: EA, MCITP: SA, MCSE: 2003, MCSA: 2003, MCITP: EDA7, MCITP: EDST7, MCITP: EST Vista, MCTS: Exh 2010, MCTS:ServerVirt, MCTS: SCCM07 & SCCM2012, MCTS: SCOM07, MCTS: Win7Conf, MCTS: VistaConf, MCDST, MCP, MBCS, HND: Applied IT, ITIL v3: Foundation, CCA
  6. hbroomhall

    hbroomhall Petabyte Poster Gold Member

    6,624
    117
    224
    Note that the built-in XP firewall *only* blocks incoming connections. It ignores outgoing ones. So you can still run many P2P progs. Things like BitTorrent will get upset that you won't share and will bandwidth limit you though.

    Harry.
     
    Certifications: ECDL A+ Network+ i-Net+
    WIP: Server+
  7. Qs

    Qs Semi-Honorary Member Gold Member

    3,081
    70
    171
    Here's a slight digression, but still appropriate...

    The built-in firewall in Vista (as a natural progression from XP) does filter outbound packets.

    Qs
     
    Certifications: MCT, MCSE: Private Cloud, MCSA (2008), MCITP: EA, MCITP: SA, MCSE: 2003, MCSA: 2003, MCITP: EDA7, MCITP: EDST7, MCITP: EST Vista, MCTS: Exh 2010, MCTS:ServerVirt, MCTS: SCCM07 & SCCM2012, MCTS: SCOM07, MCTS: Win7Conf, MCTS: VistaConf, MCDST, MCP, MBCS, HND: Applied IT, ITIL v3: Foundation, CCA
  8. supernova

    supernova Gigabyte Poster

    1,422
    21
    80

    Got ya

    I thought that the network wizard was configuring shares in the exceptions, bypassing it i see now. Thanks for clearing that up.

    thought i had bypassed it and created a share at first i must have cancelled it.


    I was aware that XP firewall was inbound only

    just got myself confused i been trying to cram in too much over the last several days.. need a break

    Thanks Guys

    Andrew
     
    Certifications: Loads
    WIP: Lots

Share This Page

Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.