Re: Configuring Windows XP SP2 Firewall for Network-based Scanning

From: ScareCrowe (nospam_at_nospam.com)
Date: 03/04/05

• Next message: ScareCrowe: "Re: Internet Explorer: Flipping Font Sizes, Virus?"
• Previous message: JW: "Re: XP2 Admin shares"
• In reply to: tealblue: "Configuring Windows XP SP2 Firewall for Network-based Scanning"
• Next in thread: Danny Sanders: "Re: Configuring Windows XP SP2 Firewall for Network-based Scanning"
• Reply: Danny Sanders: "Re: Configuring Windows XP SP2 Firewall for Network-based Scanning"
• Reply: tealblue: "Re: Configuring Windows XP SP2 Firewall for Network-based Scanning"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Fri, 4 Mar 2005 13:36:35 -0600

"tealblue" <tealblue@discussions.microsoft.com> wrote in message
news:FDF17C6E-8B2D-421F-A114-CF5349CD14CF@microsoft.com...
> We run a network based scanner, similar to Nessus, to check for
> vulnerabilities on client machines. Assuming Windows XP is running, is
there
> a way to administratively be able to take the firewall down, or open up a
> port, so we can complete the scan. Ideally, no user interactiion or
> intervention would be required.
>
> Thanks.

I don't have an answer but your question makes me ask you a question:
Do you really want a firewall with the capability of being shut off
remotely? Your request seems to be counter-productive to me.

If you do accomplish this, are the clients you refer to people or boxes? If
they are people and you do this as a service, what will they're reaction be
when they find out you are disabling their protection? I'm sorry, but it
sounds more like you are trying to defeat in-place security than enforce it.

Hey maybe I'm totally off base here, but I personally will not buy a
firewall that some Joe Schmoe can disable remotely from the comfort of his
own home before hacking my box! Anyone? Anyone?

--ScareCrowe

---

• Next message: ScareCrowe: "Re: Internet Explorer: Flipping Font Sizes, Virus?"
• Previous message: JW: "Re: XP2 Admin shares"
• In reply to: tealblue: "Configuring Windows XP SP2 Firewall for Network-based Scanning"
• Next in thread: Danny Sanders: "Re: Configuring Windows XP SP2 Firewall for Network-based Scanning"
• Reply: Danny Sanders: "Re: Configuring Windows XP SP2 Firewall for Network-based Scanning"
• Reply: tealblue: "Re: Configuring Windows XP SP2 Firewall for Network-based Scanning"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Configuring Windows XP SP2 Firewall for Network-based Scanning ... We run a network based scanner, similar to Nessus, to check for ... vulnerabilities on client machines. ... Assuming Windows XP is running, ... (microsoft.public.windowsxp.security_admin) RE: Configuring Windows XP SP2 Firewall for Network-based Scanning ... the Windows firewall. ... > vulnerabilities on client machines. ... Assuming Windows XP is running, ... (microsoft.public.windowsxp.security_admin) windows firewall slows page downloads internet explorer ... The client machines that are running XP SP2 with firewall enabled experience ... Images have been offloaded to two Windows 2003 servers running IIS 6.0. ... (microsoft.public.windowsxp.security_admin) Re: nec. ports to access shared folder ? ... well technically the sites/servers are in the dmz and the client machines are ... the internal lan with the internet being on the external/untrusted side. ... file shares to access the servers on the dmz. ... > That is contrary to the design and purpose of the firewall. ... (microsoft.public.windows.server.networking) Re: Client Telnet Success ... The ISA firewall wasn't on the machines! ... > Do all client machines have the ISA Server firewall client installed? ... (microsoft.public.windows.server.sbs)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > microsoft.public.windowsxp.security_admin  > 2005-03