June 2004

Fine-Tuning Windows Firewall

A look at 9 new Group Policy settings and their corresponding commands
From the June 2004 Edition
of Windows IT Pro
Mark Minasi
Inside Out
InstantDoc #42594
Windows IT Pro
Email this Article
Printer Friendly
Reader Comments
Digg This
Del.icio.us
RSS
Subscribe to Windows IT Pro | See More Firewalls Articles Here | Reprints | Or get the Monthly Online Pass—only $5.95 a month!

Command-Line Extras
That's the extent of the Group Policy settings for Windows Firewall, but the command line can do a few other things. Recall that Windows Firewall has two profiles: Domain and Mobile. Suppose you want to know which profile your system is using. The following command determines whether you're running the Domain Profile (corporate) or the Mobile Profile (other):

netsh firewall ipv4 show currentprofile

If you want to know more about what the firewall is doing, you can use the Set Logging command, which takes four optional parameters: Filelocation= tells Windows Firewall where to put the ASCII log file, and maxfilesize= lets you specify how large the file can grow. You specify the file size in kilobytes, and the largest value it can take is 32767. The droppedpackets= and connections= parameters take the value enable or disable and tell Windows Firewall whether to log blocked and successful connections. For example, if you want to log both successful and blocked connections to a file called C:\firelog.txt and give it a maximum size of 8MB, you'd use the command

netsh firewall ipv4 set logging
  filelocation="C:\firelog.txt"
  maxfilesize=8192 droppedpackets=
  enable connections=enable

The log can grow large, but if you're trying to track down a regular attacker, you'll be glad you have a complete log of every TCP and UDP connection and refusal. You can use the following command to determine the current logging settings:

netsh firewall ipv4 show logging

For a comprehensive overview of your firewall settings, use the command

netsh firewall ipv4 show config

For different details about what your firewall is doing, replace config with state in that command. To get a smaller report that shows only the open ports, replace config with icmpsetting or portopening.

Too Much Work?
Windows Firewall comes with a lot of new things to understand. However, if your system lacks a personal firewall, Windows Firewall can make your system more secure at no greater cost than a little time to create a GPO to open whatever ports you need. In return, you get the benefit of knowing that a firewalled system is much less vulnerable to the latest worm.

End of Article

   Previous  1  2  [3]  Next  


Windows IT Pro Community
Blogs





Top Viewed ArticlesView all articles
No Jobs, No Excitement at Apple's Last Macworld Keynote

Apple CEO Steve Jobs made the right move in skipping out on his company's last appearance at Macworld: In a Tuesday keynote address at the conference, Apple had no interesting new products to sell, opting instead to spend mind-numbing amounts of time on ...

Where is Microsoft NetMeeting in Windows XP?

...

Command Prompt Tricks

One reader shares his tip for setting up the command prompt to reflect a remote path. ...
Windows OSs Whitepapers Why SaaS is the Right Solution for Log Management
Related Events Virtualization Forum: Optimizing Storage, Networks, Desktops, and Security

Cloud Computing Forum: Integrating Software, Server and Storage as a Service into Your Enterprise IT Delivery Model

Virtualization Forum: Optimizing Storage, Networks, Desktops, and Security

Check out our list of Free Email Newsletters!
Windows OSs eBooks Understanding and Leveraging Code Signing Technologies

A Guide to Windows Certification and Public Keys

SQL Server Administration for Oracle DBAs
Related Windows OSs Resources Become a VIP member of the Windows IT Pro community!
Get it all with the VIP CD and VIP access. A $500+ value for only $279!

Subscribe to Windows IT Pro!
Solve your toughest technical problems with our experts and access 10,000 + articles online. 30% off

Monthly Online Pass - Only $5.95!
Get instant access to 10,000+ articles from Windows IT Pro Magazine!

TechNet Virtual Labs
Evaluate and test Microsoft's newest products.



ADS BY GOOGLE

Job Openings in IT SPONSORED LINKS FEATURED LINKS
Download Data Protection Manager 2007
Disaster recovery at a low cost

Maximize speed, performance and reliablity of your PCs and servers—automatically!
Speed Up Your PC! Try Diskeeper 2008 with InvisiTasking Free Now!

Microsoft Learning Snack - Green IT Through Virtualization
Many organizations face rising operating costs caused by excessive energy consumption. Virtualization and "Green IT" can help cut these costs. Get the information you need to bring Green IT savings to your business.

Order Your Fundamentals CD Today!
Register today for your in-depth copy of one of three Fundamental CDs on the following topics – Exchange, SQL, and SharePoint.

Microsoft Learning Snack - Virtualization With Windows Server 2008
Windows Server 2008 includes virtualization technology that allows many operating systems - including open source - to run on a single host. Come learn the basics of implementing these features.

Microsoft Learning Snack - Virtualization Basics
With virtualization, computing components essentially become on-demand services, freeing each element of a system from the others. This short video explains the needs, benefits, and technologies behind virtualization.


Microsoft Learning Snack - Virtualization Basics
With virtualization, computing components essentially become on-demand services, freeing each element of a system from the others. This short video explains the needs, benefits, and technologies behind virtualization.

Microsoft Learning Snack - Virtualization With Windows Server 2008
Windows Server 2008 includes virtualization technology that allows many operating systems - including open source - to run on a single host. Come learn the basics of implementing these features.

Empower Your Processes with PowerShell 201
Paul Robichaux delves deep into PowerShell how-tos in 3 informative lessons, each followed by live Q&A—all on your own computer! Register today!

Microsoft Learning Snack - Green IT Through Virtualization
Many organizations face rising operating costs caused by excessive energy consumption. Virtualization and "Green IT" can help cut these costs. Get the information you need to bring Green IT savings to your business.

New Release: Windows IT Pro Master CD
13 years of content archives, fast answers with advanced search tools, and full access to WindowsITPro.com—order today!
Windows IT Pro Home Register FAQ for Windows WinInfo News
Europe Edition About Us Contact Us/Customer Service Media Kit Affiliates / Licensing  
SQL Server Magazine Office & SharePoint Pro Windows Dev Pro ITTV
IT Library Technology Resource Directory Connected Home Windows Excavator Windows SuperSite
 
 Windows IT Pro is a Division of Penton Media Inc.
 Copyright © 2009 Penton Media, Inc., All rights reserved. Terms and Use | Privacy Statement | Reprints and Licensing