====== Windows Firewall ====== :!: Login scripts run in the security context of the user logging in and are therefore not suitable for manipulating the Windows Firewall. :!: You can use Computer Startup scripts as they run as the LocalSystem account. ===== Enable ICMP (Ping) Responses ===== Enable the existing rule(s) for: File and Printer Sharing (Echo Request - ICMPv4-In) ===== Manage with Group Policy ===== ==== Windows XP/2003 ==== http://technet.microsoft.com/en-us/library/bb490626.aspx http://technet.microsoft.com/en-us/library/bb490616.aspx Edit an existing or create a new Group Policy Object (GPO) **Computer Configuration -> Policies -> Administrative Templates -> Network -> Network Connections -> Windows Firewall** Choose the proper profile to modify, //Standard// or //Domain//, if you are on a domain-based network. Here are some settings to: * Enable firewall on all workstations * Allow Remote Desktop connections * Enable WMI * Enable AVG Admin remote installations ^Setting^Enabled^Other Settings or Notes^ |Windows Firewall: Protect all network connections|enabled|Enable the Windows Firewall| |Windows Firewall: Allow remote administration exception|enabled|IP address of your management host| |Windows Firewall: Allow ICMP exceptions|enabled|Allow inbound echo request| |Windows Firewall: Allow Remote Desktop exception|enabled|comma separated list of allowed IP addresses or networks| |Windows Firewall: Define port exceptions|enabled|135:TCP:*:enabled:TCP_135 and 135:UDP:*:enabled:UDP_135| ==== Windows 7/2008 ==== http://www.grouppolicy.biz/2010/07/how-to-manage-windows-firewall-settings-using-group-policy/ **Computer Configuration -> Policies -> Windows Settings -> Security Settings -> Windows Firewall with Advanced Security** :!: Note that settings from the older XP/2003 firewall will also still be applied and may conflict! ===== Manage with Batch Files ===== http://community.spiceworks.com/topic/103535-is-there-a-way-to-run-a-netsh-command-without-admin-rights http://www.ehow.com/how_7517044_use-vbs-netsh.html