Are you using the Windows Firewall?

[Guest]

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

If you can spare a few minutes I would love to find out if your organization
is using the XP SP2 Windows Firewall, and what (if any) kinds of
improvements you might like to see in the future. As we make plans for the
Windows Firewall we would like to see if customer deployments, and needs,
may have changed now that it's been shipping for a while.

http://www.surveymonkey.com/s.asp?u=47602838938&c=nssecadmin

I would still be eager to hear from you weather or not you plan on using the
Windows Firewall.

Thanks,
Michael Surkan

Program Manager,
Networking & Devices,
Microsoft

 

[Guest]

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

Am I the only one who finds this fishy?

This doesn't sound legit to me.

Matt Gibson - GSEC

"Michael Surkan [MS]" <msurkan@online.microsoft.com> wrote in message
news:eqfb7e9BFHA.2572@tk2msftngp13.phx.gbl...
> If you can spare a few minutes I would love to find out if your
> organization is using the XP SP2 Windows Firewall, and what (if any) kinds
> of improvements you might like to see in the future. As we make plans for
> the Windows Firewall we would like to see if customer deployments, and
> needs, may have changed now that it's been shipping for a while.
>
> http://www.surveymonkey.com/s.asp?u=47602838938&c=nssecadmin
>
> I would still be eager to hear from you weather or not you plan on using
> the Windows Firewall.
>
> Thanks,
> Michael Surkan
>
> Program Manager,
> Networking & Devices,
> Microsoft
>

 

[Guest]

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

The very major organization that I was contracted to put out an edict that the MS FireWall
*must* be disabled. If you want to know the name of that organization, you will have to
email me as I won't declare it in public.

--
Dave




"Michael Surkan [MS]" <msurkan@online.microsoft.com> wrote in message
news:eqfb7e9BFHA.2572@tk2msftngp13.phx.gbl...
| If you can spare a few minutes I would love to find out if your organization
| is using the XP SP2 Windows Firewall, and what (if any) kinds of
| improvements you might like to see in the future. As we make plans for the
| Windows Firewall we would like to see if customer deployments, and needs,
| may have changed now that it's been shipping for a while.
|
| http://www.surveymonkey.com/s.asp?u=47602838938&c=nssecadmin
|
| I would still be eager to hear from you weather or not you plan on using the
| Windows Firewall.
|
| Thanks,
| Michael Surkan
|
| Program Manager,
| Networking & Devices,
| Microsoft
|
|

 

[Guest]

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

Did you wonder about the spelling of 'weather' too.. that is no typo..

--
Mike Hall
MVP - Windows Shell/user

http://dts-l.org/goodpost.htm





"Matt Gibson" <mattg@blueedgetech.ca> wrote in message
news:Orw0pI%23BFHA.1260@TK2MSFTNGP12.phx.gbl...
> Am I the only one who finds this fishy?
>
> This doesn't sound legit to me.
>
> Matt Gibson - GSEC
>
> "Michael Surkan [MS]" <msurkan@online.microsoft.com> wrote in message
> news:eqfb7e9BFHA.2572@tk2msftngp13.phx.gbl...
>> If you can spare a few minutes I would love to find out if your
>> organization is using the XP SP2 Windows Firewall, and what (if any)
>> kinds of improvements you might like to see in the future. As we make
>> plans for the Windows Firewall we would like to see if customer
>> deployments, and needs, may have changed now that it's been shipping for
>> a while.
>>
>> http://www.surveymonkey.com/s.asp?u=47602838938&c=nssecadmin
>>
>> I would still be eager to hear from you weather or not you plan on using
>> the Windows Firewall.
>>
>> Thanks,
>> Michael Surkan
>>
>> Program Manager,
>> Networking & Devices,
>> Microsoft
>>
>
>

 

[Guest]

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

NNTP-Posting-Host: tide001.microsoft.com 131.107.76.143

OrgName: Microsoft Corp
OrgID: MSFT
Address: One Microsoft Way
City: Redmond
StateProv: WA
PostalCode: 98052
Country: US

NetRange: 131.107.0.0 - 131.107.255.255
CIDR: 131.107.0.0/16
NetName: MICROSOFT
NetHandle: NET-131-107-0-0-1
Parent: NET-131-0-0-0-0
NetType: Direct Assignment
NameServer: NS1.MSFT.NET
NameServer: NS5.MSFT.NET
NameServer: NS2.MSFT.NET
NameServer: NS3.MSFT.NET
NameServer: NS4.MSFT.NET
Comment:
RegDate: 1988-11-11
Updated: 2004-12-09

TechHandle: ZM39-ARIN
TechName: Microsoft
TechPhone: +1-425-936-4200
TechEmail: ***@microsoft.com

OrgAbuseHandle: HOTMA-ARIN
OrgAbuseName: Hotmail Abuse
OrgAbusePhone: +1-425-882-8080
OrgAbuseEmail: *****@hotmail.com

OrgAbuseHandle: MSNAB-ARIN
OrgAbuseName: MSN ABUSE
OrgAbusePhone: +1-425-882-8080
OrgAbuseEmail: *****@msn.com

OrgAbuseHandle: ABUSE231-ARIN
OrgAbuseName: Abuse
OrgAbusePhone: +1-425-882-8080
OrgAbuseEmail: *****@microsoft.com

OrgNOCHandle: ZM23-ARIN
OrgNOCName: Microsoft Corporation
OrgNOCPhone: +1-425-882-8080
OrgNOCEmail: ***@microsoft.com

OrgTechHandle: MSFTP-ARIN
OrgTechName: MSFT-POC
OrgTechPhone: +1-425-882-8080
OrgTechEmail: ******@microsoft.com


--
Dave




"Matt Gibson" <mattg@blueedgetech.ca> wrote in message
news:Orw0pI%23BFHA.1260@TK2MSFTNGP12.phx.gbl...
| Am I the only one who finds this fishy?
|
| This doesn't sound legit to me.
|
| Matt Gibson - GSEC
|
| "Michael Surkan [MS]" <msurkan@online.microsoft.com> wrote in message
| news:eqfb7e9BFHA.2572@tk2msftngp13.phx.gbl...
| > If you can spare a few minutes I would love to find out if your
| > organization is using the XP SP2 Windows Firewall, and what (if any) kinds
| > of improvements you might like to see in the future. As we make plans for
| > the Windows Firewall we would like to see if customer deployments, and
| > needs, may have changed now that it's been shipping for a while.
| >
| > http://www.surveymonkey.com/s.asp?u=47602838938&c=nssecadmin
| >
| > I would still be eager to hear from you weather or not you plan on using
| > the Windows Firewall.
| >
| > Thanks,
| > Michael Surkan
| >
| > Program Manager,
| > Networking & Devices,
| > Microsoft
| >
|
|

 

[Guest]

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

On Mon, 31 Jan 2005 12:59:17 -0800, Michael Surkan [MS] wrote:

> If you can spare a few minutes I would love to find out if your organization
> is using the XP SP2 Windows Firewall, and what (if any) kinds of
> improvements you might like to see in the future. As we make plans for the
> Windows Firewall we would like to see if customer deployments, and needs,
> may have changed now that it's been shipping for a while.
>
> http://www.surveymonkey.com/s.asp?u=47602838938&c=nssecadmin
>
> I would still be eager to hear from you weather or not you plan on using the
> Windows Firewall.

Mike, Windows XP Firewall was a nice idea, but it should be installed as
DISABLED by default for computers that are part of a DOMAIN. We rolled it
out to more than 200 systems a few weeks ago and had to go back and stop
and disable the service on every one of them. There are many remote
support tools and we don't use RD at all - there is no reason to run it
inside a DOMAIN.



--
spam999free@rrohio.com
remove 999 in order to email me

 

[Guest]

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

To add to Leythos' statement...

It should be enabled by default on XP Home Edition and Media Center
It should be disabled by default on XP Professional

--
Dave




"Leythos" <void@nowhere.lan> wrote in message
newsan.2005.01.31.21.09.41.36471@nowhere.lan...

| Mike, Windows XP Firewall was a nice idea, but it should be installed as
| DISABLED by default for computers that are part of a DOMAIN. We rolled it
| out to more than 200 systems a few weeks ago and had to go back and stop
| and disable the service on every one of them. There are many remote
| support tools and we don't use RD at all - there is no reason to run it
| inside a DOMAIN.
|
|
|
| --
| spam999free@rrohio.com
| remove 999 in order to email me
|

 

[Guest]

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

Matt Gibson wrote:

> "Michael Surkan [MS]" <msurkan@online.microsoft.com> wrote:
>
>>If you can spare a few minutes I would love to find out if your
>>organization is using the XP SP2 Windows Firewall, and what (if any) kinds
>>of improvements you might like to see in the future. As we make plans for
>>the Windows Firewall we would like to see if customer deployments, and
>>needs, may have changed now that it's been shipping for a while.
>>
>>http://www.surveymonkey.com/s.asp?u=47602838938&c=nssecadmin
>>
>>I would still be eager to hear from you weather or not you plan on using
>>the Windows Firewall.
>>
>>Thanks,
>>Michael Surkan
>>
>>Program Manager,
>>Networking & Devices,
>>Microsoft
>
> Am I the only one who finds this fishy?
>
> This doesn't sound legit to me.
>
> Matt Gibson - GSEC
Hi

I looks legit to me, MS have done this survey before, at the time SP2
was released, an the post comes from a host inside Microsoft (IP
address 131.107.76.143 is the NNTP-Posting-Host from the header of the
post):

C:\>nslookup 131.107.76.143
(snip)

Name: tide001.microsoft.com
Address: 131.107.76.143



--
torgeir, Microsoft MVP Scripting and WMI, Porsgrunn Norway
Administration scripting examples and an ONLINE version of
the 1328 page Scripting Guide:
http://www.microsoft.com/technet/scriptcenter/default.mspx

 

[Guest]

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

Fair nuff.

Didn't have time to look at the headers...just seemed strange to me that
it'd be that informal, and using...surveymonkey...*shrug*

-Matt

"Torgeir Bakken (MVP)" <Torgeir.Bakken-spam@hydro.com> wrote in message
news:OQBrsU%23BFHA.3664@TK2MSFTNGP14.phx.gbl...
> Matt Gibson wrote:
>
>> "Michael Surkan [MS]" <msurkan@online.microsoft.com> wrote:
>>
>>>If you can spare a few minutes I would love to find out if your
>>>organization is using the XP SP2 Windows Firewall, and what (if any)
>>>kinds of improvements you might like to see in the future. As we make
>>>plans for the Windows Firewall we would like to see if customer
>>>deployments, and needs, may have changed now that it's been shipping for
>>>a while.
>>>
>>>http://www.surveymonkey.com/s.asp?u=47602838938&c=nssecadmin
>>>
>>>I would still be eager to hear from you weather or not you plan on using
>>>the Windows Firewall.
>>>
>>>Thanks,
>>>Michael Surkan
>>>
>>>Program Manager,
>>>Networking & Devices,
>>>Microsoft
>>
>> Am I the only one who finds this fishy?
>>
>> This doesn't sound legit to me.
>>
>> Matt Gibson - GSEC
> Hi
>
> I looks legit to me, MS have done this survey before, at the time SP2
> was released, an the post comes from a host inside Microsoft (IP
> address 131.107.76.143 is the NNTP-Posting-Host from the header of the
> post):
>
> C:\>nslookup 131.107.76.143
> (snip)
>
> Name: tide001.microsoft.com
> Address: 131.107.76.143
>
>
>
> --
> torgeir, Microsoft MVP Scripting and WMI, Porsgrunn Norway
> Administration scripting examples and an ONLINE version of
> the 1328 page Scripting Guide:
> http://www.microsoft.com/technet/scriptcenter/default.mspx

 

[Guest]

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

*Always* examine the headers to know who you are communicating with.

--
Dave




"Matt Gibson" <mattg@blueedgetech.ca> wrote in message
news:%23PehB8%23BFHA.1392@tk2msftngp13.phx.gbl...
| Fair nuff.
|
| Didn't have time to look at the headers...just seemed strange to me that
| it'd be that informal, and using...surveymonkey...*shrug*
|
| -Matt

 

[Guest]

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

*grin*

Didn't have the time, that's why I didn't click on the link

-Matt

"David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message
news:O39BBB$BFHA.4004@tk2msftngp13.phx.gbl...
> *Always* examine the headers to know who you are communicating with.
>
> --
> Dave
>
>
>
>
> "Matt Gibson" <mattg@blueedgetech.ca> wrote in message
> news:%23PehB8%23BFHA.1392@tk2msftngp13.phx.gbl...
> | Fair nuff.
> |
> | Didn't have time to look at the headers...just seemed strange to me that
> | it'd be that informal, and using...surveymonkey...*shrug*
> |
> | -Matt
>
>

 

[Guest]

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

If you want to verify my identity, feel free to e-mail my Microsoft address.
Just remove the "online" part (I modify my return address a bit to avoid
SPAM).

I use surveymonkey because it is quick and easy for doing surveys on the
Internet. The "official" survey tools we have require a lot more planning,
and effort.

By the way, I'd like to thank everyone for all the great input they've been
sending my way! It makes it much easier to make the case for making
particular improvements when I can show that it's not just my big mouth
flabbing about what "I" think is cool.

Cheers,
Michael Surkan

"Matt Gibson" <mattg@blueedgetech.ca> wrote in message
news:eWve0c$BFHA.612@TK2MSFTNGP09.phx.gbl...
> *grin*
>
> Didn't have the time, that's why I didn't click on the link
>
> -Matt
>
> "David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message
> news:O39BBB$BFHA.4004@tk2msftngp13.phx.gbl...
>> *Always* examine the headers to know who you are communicating with.
>>
>> --
>> Dave
>>
>>
>>
>>
>> "Matt Gibson" <mattg@blueedgetech.ca> wrote in message
>> news:%23PehB8%23BFHA.1392@tk2msftngp13.phx.gbl...
>> | Fair nuff.
>> |
>> | Didn't have time to look at the headers...just seemed strange to me
>> that
>> | it'd be that informal, and using...surveymonkey...*shrug*
>> |
>> | -Matt
>>
>>
>
>

 

[Paul]

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

> Mike, Windows XP Firewall was a nice idea, but it should be installed as
> DISABLED by default for computers that are part of a DOMAIN. We rolled it
> out to more than 200 systems a few weeks ago and had to go back and stop
> and disable the service on every one of them. There are many remote
> support tools and we don't use RD at all - there is no reason to run it
> inside a DOMAIN.

I'm just wondering: did you use group policy to disable the firewall an all
of the machines or did you have to walk to every machine and do it
manually........

 

[Guest]

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

On Tue, 01 Feb 2005 22:00:20 +1030, Paul wrote:

>> Mike, Windows XP Firewall was a nice idea, but it should be installed as
>> DISABLED by default for computers that are part of a DOMAIN. We rolled it
>> out to more than 200 systems a few weeks ago and had to go back and stop
>> and disable the service on every one of them. There are many remote
>> support tools and we don't use RD at all - there is no reason to run it
>> inside a DOMAIN.
>
> I'm just wondering: did you use group policy to disable the firewall an all
> of the machines or did you have to walk to every machine and do it
> manually........

We opened them remotely using the Manage Computer function - click on
computer, select Connect to another computer, down to services.... In some
cases, depending on where they were located behind the firewalls
(appliances) we had to disable them locally.

--
spam999free@rrohio.com
remove 999 in order to email me

 

[Guest]

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

No. I used a Kixtart script in the Login Process and a Kixtart script to install WinXP SP2.

In the Installation process of WinXP SP2 I used the commands...

regedit /s Firewall.reg
comspec% /c sc.exe config SharedAccess start= disabled

I don't have access to the contents of 'Firewall.reg' anymore. I'm sorry I can't post it's
contents.

In the Login Script was...

%comspec% /c sc.exe config messenger start= auto
%comspec% /c net stop SharedAccess
%comspec% /c sc.exe config SharedAccess start= disabled
%comspec% /c net start messenger


--
Dave




"Paul" <wf1000xg@hotmail.com> wrote in message news:enxQsFFCFHA.2076@TK2MSFTNGP15.phx.gbl...
| > Mike, Windows XP Firewall was a nice idea, but it should be installed as
| > DISABLED by default for computers that are part of a DOMAIN. We rolled it
| > out to more than 200 systems a few weeks ago and had to go back and stop
| > and disable the service on every one of them. There are many remote
| > support tools and we don't use RD at all - there is no reason to run it
| > inside a DOMAIN.
|
| I'm just wondering: did you use group policy to disable the firewall an all
| of the machines or did you have to walk to every machine and do it
| manually........
|
|

 

[Guest]

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

Leythos wrote:
> On Tue, 01 Feb 2005 22:00:20 +1030, Paul wrote:
>
>>> Mike, Windows XP Firewall was a nice idea, but it should be
>>> installed as DISABLED by default for computers that are part of a
>>> DOMAIN. We rolled it out to more than 200 systems a few weeks ago
>>> and had to go back and stop and disable the service on every one of
>>> them. There are many remote support tools and we don't use RD at
>>> all - there is no reason to run it inside a DOMAIN.
>>
>> I'm just wondering: did you use group policy to disable the
>> firewall an all of the machines or did you have to walk to every
>> machine and do it manually........
>
> We opened them remotely using the Manage Computer function - click on
> computer, select Connect to another computer, down to services....

Just curious - how'd you do that if the firewall was enabled?

> In
> some cases, depending on where they were located behind the firewalls
> (appliances) we had to disable them locally.

 

[Guest]

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

David H. Lipman wrote:

> No. I used a Kixtart script in the Login Process and a Kixtart
> script to install WinXP SP2.
>
> In the Installation process of WinXP SP2 I used the commands...
>
> regedit /s Firewall.reg
> comspec% /c sc.exe config SharedAccess start= disabled
>
> I don't have access to the contents of 'Firewall.reg' anymore.
> I'm sorry I can't post it's contents.
Hi

I assume you set the following two registry values (can be applied
before or after the SP2 installation):

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile
\EnableFirewall=0 (DWORD data type)

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile
\EnableFirewall=0 (DWORD data type)


--
torgeir, Microsoft MVP Scripting and WMI, Porsgrunn Norway
Administration scripting examples and an ONLINE version of
the 1328 page Scripting Guide:
http://www.microsoft.com/technet/scriptcenter/default.mspx

 

[Guest]

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

On Tue, 01 Feb 2005 08:41:17 -0500, Lanwench [MVP - Exchange] wrote:

> Leythos wrote:
>> On Tue, 01 Feb 2005 22:00:20 +1030, Paul wrote:
>>
>>>> Mike, Windows XP Firewall was a nice idea, but it should be
>>>> installed as DISABLED by default for computers that are part of a
>>>> DOMAIN. We rolled it out to more than 200 systems a few weeks ago
>>>> and had to go back and stop and disable the service on every one of
>>>> them. There are many remote support tools and we don't use RD at
>>>> all - there is no reason to run it inside a DOMAIN.
>>>
>>> I'm just wondering: did you use group policy to disable the
>>> firewall an all of the machines or did you have to walk to every
>>> machine and do it manually........
>>
>> We opened them remotely using the Manage Computer function - click on
>> computer, select Connect to another computer, down to services....
>
> Just curious - how'd you do that if the firewall was enabled?

Try it, it worked on the system we setup. It also works in my home. The
firewall doesn't block everything be default.


--
spam999free@rrohio.com
remove 999 in order to email me

 

[Guest]

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

Thank You Torgeir.

That's the contents.
I believe I got that information from you last year ;-)

--
Dave




"Torgeir Bakken (MVP)" <Torgeir.Bakken-spam@hydro.com> wrote in message
news:%23p3cQ5GCFHA.1408@TK2MSFTNGP10.phx.gbl...
| David H. Lipman wrote:
|
| > No. I used a Kixtart script in the Login Process and a Kixtart
| > script to install WinXP SP2.
| >
| > In the Installation process of WinXP SP2 I used the commands...
| >
| > regedit /s Firewall.reg
| > comspec% /c sc.exe config SharedAccess start= disabled
| >
| > I don't have access to the contents of 'Firewall.reg' anymore.
| > I'm sorry I can't post it's contents.
| Hi
|
| I assume you set the following two registry values (can be applied
| before or after the SP2 installation):
|
| HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile
| \EnableFirewall=0 (DWORD data type)
|
| HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile
| \EnableFirewall=0 (DWORD data type)
|
|
| --
| torgeir, Microsoft MVP Scripting and WMI, Porsgrunn Norway
| Administration scripting examples and an ONLINE version of
| the 1328 page Scripting Guide:
| http://www.microsoft.com/technet/scriptcenter/default.mspx

 

[user]

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

"Matt Gibson" <mattg@blueedgetech.ca> wrote in message
news:eWve0c$BFHA.612@TK2MSFTNGP09.phx.gbl...
> *grin*
>
> Didn't have the time, that's why I didn't click on the link
>
> -Matt
>
> "David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message
> news:O39BBB$BFHA.4004@tk2msftngp13.phx.gbl...
> > *Always* examine the headers to know who you are communicating with.
> >
> > --
> > Dave
> >
> >
> >
> >
> > "Matt Gibson" <mattg@blueedgetech.ca> wrote in message
> > news:%23PehB8%23BFHA.1392@tk2msftngp13.phx.gbl...
> > | Fair nuff.
> > |
> > | Didn't have time to look at the headers...just seemed strange to me
that
> > | it'd be that informal, and using...surveymonkey...*shrug*
> > |
> > | -Matt
> >
> >
>

FWIW, this multipost is kicking up a little dust in m.p.security.

Pete