Controllando le impostazioni del mio pc in ufficio, vidi che avevo il firewall (firewall.cpl) sul pulsante rosso ma non avevo la possibilita' di portarlo sul verde in quanto non potevo agirvi dato che le impostazioni erano regolate da criteri di gruppo e che utilizzava le impostazioni del dominio.
Sicuramente le impostazioni del dominio saranno ugualmente o maggiormente efficaci del singolo firewall di xp service pack 2 pero', non contento, girai per internet e trovai il modo per rendere attiva quella finestra e poter mettere il pallino su attiva protezione (scelta consigliata).
Ricordo che dovevo modificare un valore nel regedit e metterlo da 0 a 1 .....ma proprio non ricordo dove andare a ripescarlo.
Spero che abbia esposto chiaramente la mia curiosita' e che qualcuno possa aiutarmi a soddisfarla.
Saluti, tafazio.
A) You can use firewall configuration information file (netfw.inf). This file is located in your image folder under "windows\inf" directory.
This file has two sections:
[ICF.AddReg.DomainProfile] - change settings under this section to change firewall settings for all domain accounts (domain firewall policy)
[ICF.AddReg.StandardProfile] - change settings under this section to only affect local system account(s).
Following settings are available under each of the above sections (The value shown for each setting s the default value):
HKLM,"System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile","EnableFirewall",0x00010001,1
- EnableFirewall = Enable Firewall? Values: 0 = Firewall Off, 1= Firewall On (default)
HKLM,"System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile","DoNotAllowExceptions",0x00010001,0
-DoNotAllowExceptions = Don’t allow any exceptions? Values: 0 = Allow Exceptions (default), 1 = No Exceptions
NOTE:
- If you want to turn on the firewall w/o any exceptions, set EnableFirewall = 1 and DoNotAllowExceptions = 1
- If you want to turn on the firewall with exceptions, set EnableFirewall = 1 and DoNotAllowExceptions = 0
- If you want to turn off the firewall, set EnableFirewall = 0. (The value that you set for DoNotAllowExceptions does not matter until you turn on the firewall in runtime. At this point the default starting value for exceptions will be the one that you set using DoNotAllowExceptions)
HKLM,"System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile","DisableNotifications",0x00010001,0
- DisableNotifications = Disable Firewall Notifications when a program is blocked? Values: 0 = Notify when a program is blocked (default), 1=DON’T notify when a program is blocked.
All ICMP settings can be found here under IcmpSettings subkey (default setting is to NOT allow any ICMP requests).
For e.g.
HKLM,"System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\IcmpSettings","AllowInboundTimeStampRequest",0x00010001,0
- AllowInboundTimeStampRequst = Allow incoming timestamp request? Values: 0 = No (default), 1= Yes
List of Authorized Applications:
HKLM,"System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List","%windir%\system32\sessmgr.exe",0x00000000,"%windir%\system32\sessmgr.exe:*:Enabled:Remote Assistance"
The last part of the entry is formatted as:
"%windir%\system32\sessmgr.exe:*:Enabled:Remote Assistance"
(Path to program executable): (Scope – LocalSubnet or * (for any source) ): (Enabled/Disabled): (Program Name)
There is only one application that is authorized by default – remote assistance. You can, however, add more entries here. Here is an example of how you will add your application – myapp.exe in authorized application list and enable it for local subnet.
HKLM,"System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List","C:\Program Files\Applications\myapp.exe",0x00000000,"C:\Program Files\Applications\myapp.exe: LocalSubnet: Enabled: My Application"
List of Port Openings:
HKLM,"System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List","137:UDP",0x00000000,"137:UDP:LocalSubnet:Disabled:NetBIOS Name Service"
The last part of this entry is formatted as:
"137:UDP:LocalSubnet:Disabled:NetBIOS Name Service"
(Port Number(1-65535) : Protocol(UDP/TCP) : Scope(LocalSubnet/*) : Enabled/Disabled : Port Name
Port openings can be added either as enabled or disabled. If port opening entry is disabled, that port is effectively blocked by firewall, until it is enabled in the runtime. There are 7 entries for port opening by default and all of them are disabled. You can edit those entries to enable some port opening(s) or you can add new entries. For example, you can edit the above port to enable it for any source.
HKLM,"System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List","137:UDP",0x00000000,"137:UDP:*:Enabled:NetBIOS Name Service"
B) Alternatively you can open regedit and load system hive from image folder located at windows\system32\config\system.sav. Go to the following sub tree under this hive:
CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
Or
CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\GlobalProfile
Add/Edit/Delete the registry keys according to the settings explained above in (A). All ICMP related settings will be under “ICMPSettings” subkey. All authorized application settings will be under “Authorized Applications\List” subkey. All port opening settings will be under “GloballyOpenPorts\List” subkey.
ciao
_____
Kars2
vBulletin® v3.6.4, Copyright ©2000-2026, Jelsoft Enterprises Ltd.