Re: Group Policy is preventing me from turning on Windows Firewall



Hi Steven,

Thanks so much for the advice. I just rebooted my computer and the firewall
is now set on. It is greyed out as on so I cannot modify the option in the
firewall settings although I now know I can do this in the regedit like u
advised.

Thanks again :)

Mark

"Steven L Umbach" wrote:

If you found both or at least one of those registry entries then that would
seem to be the problem and you may need to reboot for the change to take
effect or just delete those registry keys and you should be able to
configure the Windows Firewall as per usual. You can use the command netsh
firewall show state to see if it shows the firewall is enabled or disabled
under operational mode. In addition to AdAware you also need to scan for
viruses which AdAware will not do and I also recommend that you use Sysclean
from Trend Micro or do a free online scan. Your internet router will provide
protection to block traffic into your network that is not in response to
traffic that originated from your computer that is legitimate or otherwise.
It still sounds like it would be wise to use your Windows Firewall if you do
not want other computers on your network to access your computer. See the
link below that gives more information on how to protect your computer and
has links on what to do about spyware and malware on the left hand side of
the page. --- Steve

http://www.microsoft.com/athome/security/protect/windowsxpsp2/Default.mspx
--- Protect Your PC
http://www.trendmicro.com/download/dcs.asp --- link to Sysclean and
pattern files. Be sure to read sysclean.txt
http://security.symantec.com/ssc/home.asp?j=1&langid=ie&venid=sym&plfid=23&pkj=YOCTTOABMSTHXOAMEQV
-- scan your computer for malware here.


"Mark Aus" <MarkAus@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:EFD61856-D62D-42B9-BEAA-5D7E1B2AA77C@xxxxxxxxxxxxxxxx
Hi Steve,

Thanks for the reply :) I just downloaded Adaware and it didn't find
anything except cookies and recently opened file lists. I used to use
this
program but thought I wouldn't need it now that I am using Microsoft
AntiSpyway/Windows Defender.

I tried the regedit thing and changed the values to "1". Then I looked at
the firewall settings and they still show up as off...i'm not sure if it
is
on now that I changed it to a "1"? Will I need to reboot for this to
change?
As for the group policy settings to set for the firewalll; they confuse me
way too much to setup this way.

I've noticed my modem router has some firewall stuff built in as it blocks
ports, but I still confused why my laptop has windows firewall off and my
housemates has it on.

Thanks again for the reply.

Mark

"Steven L Umbach" wrote:

Most likely some malware or spyware has configured such via a registry
mod
and you should proceed accordingly with scans for both using quality
programs that are updated for their definition files before you scan and
also scan in Safe Mode. AdAware SE is a great program and free for
personal
use if you do not already have a spyware scanning program.

As far as Group Policy you could configure the Windows Firewall settings
in
Group Policy [assuming SP2 is used] that will reverse what the registry
changes are applying since Group Policy will override such or manually
change your registry [only option for XP Home]. You can logon as an
administrator and use regedit and delete the following registry keys if
found or change the values to 1. --- Steve

http://www.microsoft.com/technet/prodtechnol/winxppro/deploy/depfwset/wfsp2ngp.mspx

The registry keys to add to disable Windows Firewall for both the domain
and
standard profiles are the following:

. HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall
\DomainProfile \EnableFirewall=0 (DWORD data type)

. HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall
\StandardProfile \EnableFirewall=0 (DWORD data type)



"Mark Aus" <Mark Aus@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:1B755EAD-63DC-4095-87E5-C51BC3A7E13F@xxxxxxxxxxxxxxxx
Hi there,

I just noticed today that my windows firewall is not running and there
was
no notifications that it had been turned off. I went into the settings
to
turn it back on and it said that "For your security, some settings are
controlled by Group Policy".

It won't let me turn it back on because of this message and I have
looked
at
the Group Policy Console and went into the Firewall settings and they
are
all
"Not Configured". I have no idea what to change these to in order to
turn
the firewall on this way.

I'm not sure what has turned on the Group Policy thing to override
Windows
Firewall? I'm scared I could have a secuirty threat by not having the
Firewall running. Or that maybe somehow someone turned it on to make
my
computer more vunreble?

I have searched everywhere trying to find out a way to turn off the
Group
Policy but its way too complicated for me to get my head around. Is
there
a
certain setting within that I have to change?

The only modification I can think of that may have affected the
settings
is
installing a Dlink wireless network card and a wireless router/modem.
However
my housemates firewall still works and he shares the
network/connection.
The
only difference with his internet setup is that his wireless is built
into
his laptop.

Please let me know if this is a concern or not? Should I do a
workaround
by
purchasing a different Firewall product instead of Windows?

Thanks for taking the time to read :)

Mark Aus






.