Re: Group Policy is preventing me from turning on Windows Firewall



Hi Steven,

Thanks so much for the advice. I just rebooted my computer and the firewall
is now set on. It is greyed out as on so I cannot modify the option in the
firewall settings although I now know I can do this in the regedit like u
advised.

Thanks again :)

Mark

"Steven L Umbach" wrote:

If you found both or at least one of those registry entries then that would
seem to be the problem and you may need to reboot for the change to take
effect or just delete those registry keys and you should be able to
configure the Windows Firewall as per usual. You can use the command netsh
firewall show state to see if it shows the firewall is enabled or disabled
under operational mode. In addition to AdAware you also need to scan for
viruses which AdAware will not do and I also recommend that you use Sysclean
from Trend Micro or do a free online scan. Your internet router will provide
protection to block traffic into your network that is not in response to
traffic that originated from your computer that is legitimate or otherwise.
It still sounds like it would be wise to use your Windows Firewall if you do
not want other computers on your network to access your computer. See the
link below that gives more information on how to protect your computer and
has links on what to do about spyware and malware on the left hand side of
the page. --- Steve

http://www.microsoft.com/athome/security/protect/windowsxpsp2/Default.mspx
--- Protect Your PC
http://www.trendmicro.com/download/dcs.asp --- link to Sysclean and
pattern files. Be sure to read sysclean.txt
http://security.symantec.com/ssc/home.asp?j=1&langid=ie&venid=sym&plfid=23&pkj=YOCTTOABMSTHXOAMEQV
-- scan your computer for malware here.


"Mark Aus" <MarkAus@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:EFD61856-D62D-42B9-BEAA-5D7E1B2AA77C@xxxxxxxxxxxxxxxx
Hi Steve,

Thanks for the reply :) I just downloaded Adaware and it didn't find
anything except cookies and recently opened file lists. I used to use
this
program but thought I wouldn't need it now that I am using Microsoft
AntiSpyway/Windows Defender.

I tried the regedit thing and changed the values to "1". Then I looked at
the firewall settings and they still show up as off...i'm not sure if it
is
on now that I changed it to a "1"? Will I need to reboot for this to
change?
As for the group policy settings to set for the firewalll; they confuse me
way too much to setup this way.

I've noticed my modem router has some firewall stuff built in as it blocks
ports, but I still confused why my laptop has windows firewall off and my
housemates has it on.

Thanks again for the reply.

Mark

"Steven L Umbach" wrote:

Most likely some malware or spyware has configured such via a registry
mod
and you should proceed accordingly with scans for both using quality
programs that are updated for their definition files before you scan and
also scan in Safe Mode. AdAware SE is a great program and free for
personal
use if you do not already have a spyware scanning program.

As far as Group Policy you could configure the Windows Firewall settings
in
Group Policy [assuming SP2 is used] that will reverse what the registry
changes are applying since Group Policy will override such or manually
change your registry [only option for XP Home]. You can logon as an
administrator and use regedit and delete the following registry keys if
found or change the values to 1. --- Steve

http://www.microsoft.com/technet/prodtechnol/winxppro/deploy/depfwset/wfsp2ngp.mspx

The registry keys to add to disable Windows Firewall for both the domain
and
standard profiles are the following:

. HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall
\DomainProfile \EnableFirewall=0 (DWORD data type)

. HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall
\StandardProfile \EnableFirewall=0 (DWORD data type)



"Mark Aus" <Mark Aus@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:1B755EAD-63DC-4095-87E5-C51BC3A7E13F@xxxxxxxxxxxxxxxx
Hi there,

I just noticed today that my windows firewall is not running and there
was
no notifications that it had been turned off. I went into the settings
to
turn it back on and it said that "For your security, some settings are
controlled by Group Policy".

It won't let me turn it back on because of this message and I have
looked
at
the Group Policy Console and went into the Firewall settings and they
are
all
"Not Configured". I have no idea what to change these to in order to
turn
the firewall on this way.

I'm not sure what has turned on the Group Policy thing to override
Windows
Firewall? I'm scared I could have a secuirty threat by not having the
Firewall running. Or that maybe somehow someone turned it on to make
my
computer more vunreble?

I have searched everywhere trying to find out a way to turn off the
Group
Policy but its way too complicated for me to get my head around. Is
there
a
certain setting within that I have to change?

The only modification I can think of that may have affected the
settings
is
installing a Dlink wireless network card and a wireless router/modem.
However
my housemates firewall still works and he shares the
network/connection.
The
only difference with his internet setup is that his wireless is built
into
his laptop.

Please let me know if this is a concern or not? Should I do a
workaround
by
purchasing a different Firewall product instead of Windows?

Thanks for taking the time to read :)

Mark Aus






.



Relevant Pages

  • Re: File sharing
    ... When you run rsop.msc you will get a report screen showing Group Policy ... connections/Windows Firewall and what settings from what Group Policy. ... setting to accept connections on the local subnet plus connections from my ...
    (microsoft.public.windowsxp.security_admin)
  • Re: XP firewall turn off GP
    ... But to answer your question go to the controlling Group Policy ... Firewall to not configured or disabled. ... manage and be sure to read the full explanation of each settings. ... disable the Windows Firewall but that is your call. ...
    (microsoft.public.windowsxp.security_admin)
  • Re: XP machine removed from domain still gets domain policy
    ... then turn off the firewall. ... Prohibit use of the Internet Connection Firewall on your DNS domain network? ... Firewall settings), the Firewall settings revert back to the default and ... the only Group Policy being applied is the "Local Group Policy" ...
    (microsoft.public.windows.group_policy)
  • Re: XP machine removed from domain still gets domain policy
    ... My test shows that when a computer is removed from a domain (that had a GPO setting the Firewall settings), the Firewall settings revert back to the default and local administrators can change the settings. ... the only Group Policy being applied is the "Local Group Policy" ...
    (microsoft.public.windows.group_policy)
  • Re: Network Services/NT Authority
    ... OK that is what I though in that you did not change any Group Policy ... settings but instead were managing the Windows Firewall settings and no you ... logon which is normal as your computer really is on a network - the ... ICMP and then the option to reset all the firewall ...
    (microsoft.public.windowsxp.security_admin)