473,320 Members | 2,162 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,320 software developers and data experts.

Internet access behind win xp sp2

Hi

I am using ms internet control in my app. It works fine form all machines
except from a new one which has win xp sp2 installed. All machines are part
of a small business server 2003 domain so have the isa server firewall
client as well. Unfortunately I can't find a way to disable xp firewall once
it is connected to the domain. How do I get past the xp firewall for
internet control to work?

Thanks

Regards
Nov 13 '05 #1
10 1744
John wrote:
Hi

I am using ms internet control in my app. It works fine form all machines
except from a new one which has win xp sp2 installed. All machines are part
of a small business server 2003 domain so have the isa server firewall
client as well. Unfortunately I can't find a way to disable xp firewall once
it is connected to the domain. How do I get past the xp firewall for
internet control to work?


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

You can disconnect the MS Windows XP firewall:

Start > Settings > Control Panel

Double click on the Windows Firewall icon.
Under the General tab click the Off (Not Recommended) option button.
--
MGFoster:::mgf00 <at> earthlink <decimal-point> net
Oakland, CA (USA)

-----BEGIN PGP SIGNATURE-----
Version: PGP for Personal Privacy 5.0
Charset: noconv

iQA/AwUBQlcbboechKqOuFEgEQJkcQCffFszSlohgB3vJpBjMivk/gsmGs4AniKs
lUJrq1XxddP1dV69IpN5fiIH
=EfWx
-----END PGP SIGNATURE-----
Nov 13 '05 #2
MGFoster <me@privacy.com> wrote in
news:LX*****************@newsread1.news.pas.earthl ink.net:
John wrote:

I am using ms internet control in my app. It works fine form all
machines except from a new one which has win xp sp2 installed.
All machines are part of a small business server 2003 domain so
have the isa server firewall client as well. Unfortunately I
can't find a way to disable xp firewall once it is connected to
the domain. How do I get past the xp firewall for internet
control to work?


You can disconnect the MS Windows XP firewall:

Start > Settings > Control Panel

Double click on the Windows Firewall icon.
Under the General tab click the Off (Not Recommended) option
button.


Doesn't the WinXP firewall allow you to run in a mode that will
prompt you to allow certain running processes through it? Wouldn't
it be better to authorize the particular component to get through
the firewall, rather than to run naked, with no firewall at all?

Remember: a firewall protects you in *both* directions. Yes, the
dedicated LAN firewall protects your WinXP box with the firewall OFF
from outside connections, but it does nothing to prevent the machine
from connecting outward if it's infected with something nefarious.
While the outgoing connections may or may not be blocked by the
LAN's firewall (depends on how they are implemented), it isn't going
to protect other computers on the LAN *inside the hardware
firewall*.

So, it's better to have the WinXP firewall ON if you can get it to
allow your particular control to connect through it.

--
David W. Fenton http://www.bway.net/~dfenton
dfenton at bway dot net http://www.bway.net/~dfassoc
Nov 13 '05 #3
win xp is part of a sb2003 domain so turning off firewall is not available
in the control panel.

Regards

"MGFoster" <me@privacy.com> wrote in message
news:LX*****************@newsread1.news.pas.earthl ink.net...
John wrote:
Hi

I am using ms internet control in my app. It works fine form all machines except from a new one which has win xp sp2 installed. All machines are part of a small business server 2003 domain so have the isa server firewall
client as well. Unfortunately I can't find a way to disable xp firewall once it is connected to the domain. How do I get past the xp firewall for
internet control to work?


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

You can disconnect the MS Windows XP firewall:

Start > Settings > Control Panel

Double click on the Windows Firewall icon.
Under the General tab click the Off (Not Recommended) option button.
--
MGFoster:::mgf00 <at> earthlink <decimal-point> net
Oakland, CA (USA)

-----BEGIN PGP SIGNATURE-----
Version: PGP for Personal Privacy 5.0
Charset: noconv

iQA/AwUBQlcbboechKqOuFEgEQJkcQCffFszSlohgB3vJpBjMivk/gsmGs4AniKs
lUJrq1XxddP1dV69IpN5fiIH
=EfWx
-----END PGP SIGNATURE-----

Nov 13 '05 #4
Not sure how to do this when xp is part of sbs2003 domain.

Thanks

Regards

"David W. Fenton" <dX********@bway.net.invalid> wrote in message
news:Xn**********************************@24.168.1 28.86...
MGFoster <me@privacy.com> wrote in
news:LX*****************@newsread1.news.pas.earthl ink.net:
John wrote:

I am using ms internet control in my app. It works fine form all
machines except from a new one which has win xp sp2 installed.
All machines are part of a small business server 2003 domain so
have the isa server firewall client as well. Unfortunately I
can't find a way to disable xp firewall once it is connected to
the domain. How do I get past the xp firewall for internet
control to work?


You can disconnect the MS Windows XP firewall:

Start > Settings > Control Panel

Double click on the Windows Firewall icon.
Under the General tab click the Off (Not Recommended) option
button.


Doesn't the WinXP firewall allow you to run in a mode that will
prompt you to allow certain running processes through it? Wouldn't
it be better to authorize the particular component to get through
the firewall, rather than to run naked, with no firewall at all?

Remember: a firewall protects you in *both* directions. Yes, the
dedicated LAN firewall protects your WinXP box with the firewall OFF
from outside connections, but it does nothing to prevent the machine
from connecting outward if it's infected with something nefarious.
While the outgoing connections may or may not be blocked by the
LAN's firewall (depends on how they are implemented), it isn't going
to protect other computers on the LAN *inside the hardware
firewall*.

So, it's better to have the WinXP firewall ON if you can get it to
allow your particular control to connect through it.

--
David W. Fenton http://www.bway.net/~dfenton
dfenton at bway dot net http://www.bway.net/~dfassoc

Nov 13 '05 #5
"John" <Jo**@nospam.infovis.co.uk> wrote in
news:42*********************@news-text.dial.pipex.com:
"David W. Fenton" <dX********@bway.net.invalid> wrote in message
news:Xn**********************************@24.168.1 28.86...
MGFoster <me@privacy.com> wrote in
news:LX*****************@newsread1.news.pas.earthl ink.net:
> John wrote:

>> I am using ms internet control in my app. It works fine form
>> all machines except from a new one which has win xp sp2
>> installed. All machines are part of a small business server
>> 2003 domain so have the isa server firewall client as well.
>> Unfortunately I can't find a way to disable xp firewall once
>> it is connected to the domain. How do I get past the xp
>> firewall for internet control to work?
>
> You can disconnect the MS Windows XP firewall:
>
> Start > Settings > Control Panel
>
> Double click on the Windows Firewall icon.
> Under the General tab click the Off (Not Recommended) option
> button.


Doesn't the WinXP firewall allow you to run in a mode that will
prompt you to allow certain running processes through it?
Wouldn't it be better to authorize the particular component to
get through the firewall, rather than to run naked, with no
firewall at all?

Remember: a firewall protects you in *both* directions. Yes, the
dedicated LAN firewall protects your WinXP box with the firewall
OFF from outside connections, but it does nothing to prevent the
machine from connecting outward if it's infected with something
nefarious. While the outgoing connections may or may not be
blocked by the LAN's firewall (depends on how they are
implemented), it isn't going to protect other computers on the
LAN *inside the hardware firewall*.

So, it's better to have the WinXP firewall ON if you can get it
to allow your particular control to connect through it.


Not sure how to do this when xp is part of sbs2003 domain.


Irrelevant, unless your domain server has a group policy that
disables the full functionality of the WinXP firewall.

Of course, I'm assuming the WinXP firewall is designed properly, and
allows authorization by process and not just by port (i.e., you can
tell it to let the FireFox executable access port 80, but not any
other port, and all other excecutables prohibited from using port
80).

If it doesn't allow that, then it's a miserable piece of trash that
you might as well completely disable.

--
David W. Fenton http://www.bway.net/~dfenton
dfenton at bway dot net http://www.bway.net/~dfassoc
Nov 13 '05 #6
"John" <Jo**@nospam.infovis.co.uk> wrote in
news:42*********************@news-text.dial.pipex.com:
win xp is part of a sb2003 domain so turning off firewall is not
available in the control panel.


Are you logged on as an administrator when you check this?

If so, then your sysadmin needs to adjust policies on your domain
controller to allow you configure the firewall.

--
David W. Fenton http://www.bway.net/~dfenton
dfenton at bway dot net http://www.bway.net/~dfassoc
Nov 13 '05 #7
Br
MGFoster wrote:
John wrote:
Hi

I am using ms internet control in my app. It works fine form all
machines except from a new one which has win xp sp2 installed. All
machines are part of a small business server 2003 domain so have the
isa server firewall client as well. Unfortunately I can't find a way
to disable xp firewall once it is connected to the domain. How do I
get past the xp firewall for internet control to work?
You can disconnect the MS Windows XP firewall:

Start > Settings > Control Panel

Double click on the Windows Firewall icon.
Under the General tab click the Off (Not Recommended) option button.


You can't do this if Windows security policy is dictated by the domain
you are connected to.

Br@dley
Nov 13 '05 #8
Br
David W. Fenton wrote:
"John" <Jo**@nospam.infovis.co.uk> wrote in
news:42*********************@news-text.dial.pipex.com:
"David W. Fenton" <dX********@bway.net.invalid> wrote in message
news:Xn**********************************@24.168.1 28.86...
MGFoster <me@privacy.com> wrote in
news:LX*****************@newsread1.news.pas.earthl ink.net:

John wrote:

> I am using ms internet control in my app. It works fine form
> all machines except from a new one which has win xp sp2
> installed. All machines are part of a small business server
> 2003 domain so have the isa server firewall client as well.
> Unfortunately I can't find a way to disable xp firewall once
> it is connected to the domain. How do I get past the xp
> firewall for internet control to work?

You can disconnect the MS Windows XP firewall:

Start > Settings > Control Panel

Double click on the Windows Firewall icon.
Under the General tab click the Off (Not Recommended) option
button.

Doesn't the WinXP firewall allow you to run in a mode that will
prompt you to allow certain running processes through it?
Wouldn't it be better to authorize the particular component to
get through the firewall, rather than to run naked, with no
firewall at all?

Remember: a firewall protects you in *both* directions. Yes, the
dedicated LAN firewall protects your WinXP box with the firewall
OFF from outside connections, but it does nothing to prevent the
machine from connecting outward if it's infected with something
nefarious. While the outgoing connections may or may not be
blocked by the LAN's firewall (depends on how they are
implemented), it isn't going to protect other computers on the
LAN *inside the hardware firewall*.

So, it's better to have the WinXP firewall ON if you can get it
to allow your particular control to connect through it.


Not sure how to do this when xp is part of sbs2003 domain.


Irrelevant, unless your domain server has a group policy that
disables the full functionality of the WinXP firewall.

Of course, I'm assuming the WinXP firewall is designed properly, and
allows authorization by process and not just by port (i.e., you can
tell it to let the FireFox executable access port 80, but not any
other port, and all other excecutables prohibited from using port
80).

If it doesn't allow that, then it's a miserable piece of trash that
you might as well completely disable.


I think SBS2003 has a default group policy that enables Windows firewall
but locks users from modifying any settings.

My problem with it is I can't ENABLE windows firewall for other netwrork
connections (for when I'm not on the domain at work).

Br@dley
Nov 13 '05 #9
"Br@dley" <no*****@4u.com> wrote in
news:k8*****************@news-server.bigpond.net.au:
MGFoster wrote:
John wrote:
I am using ms internet control in my app. It works fine form all
machines except from a new one which has win xp sp2 installed.
All machines are part of a small business server 2003 domain so
have the isa server firewall client as well. Unfortunately I
can't find a way to disable xp firewall once it is connected to
the domain. How do I get past the xp firewall for internet
control to work?

You can disconnect the MS Windows XP firewall:

Start > Settings > Control Panel

Double click on the Windows Firewall icon.
Under the General tab click the Off (Not Recommended) option
button.


You can't do this if Windows security policy is dictated by the
domain you are connected to.


I don't quite understand how this could be a default policy for
SBS2003, which was released before the new WinXP SP2 firewall even
existed.

Is it that you don't have access to the admin tools in Control
Panel? If so, then perhaps you need to log in as a domain
administrator to get access to these controls. It would make little
sense at all to disallow any control of the workstation firewall by
any user, no matter what their level of permissions.

Indeed, none of it makes any sense to me at all as a default
security policy, as disabling all user control of the firewall
settings rather defeats the purpose of a software firewall running
on a workstation. That is, if you can't decide which processes to
grant permission to a port, then it's going to get in the way far
more often than it's going to help.

Of course, that might be another one of Microsoft's "sour grapes"
strategies, as with the Draconian Outlook security patch, which in
its original version made Outlook basically unusable, but allowed MS
to say "see, we told you that you could have either security or ease
of use, but not both." MS was wrong in that case, and if they are
doing the same thing with the WinXP SP2 firewall, they are
completely wrong yet again.

--
David W. Fenton http://www.bway.net/~dfenton
dfenton at bway dot net http://www.bway.net/~dfassoc
Nov 13 '05 #10
Br
David W. Fenton wrote:
"Br@dley" <no*****@4u.com> wrote in
news:k8*****************@news-server.bigpond.net.au:
MGFoster wrote:
John wrote:
I am using ms internet control in my app. It works fine form all
machines except from a new one which has win xp sp2 installed.
All machines are part of a small business server 2003 domain so
have the isa server firewall client as well. Unfortunately I
can't find a way to disable xp firewall once it is connected to
the domain. How do I get past the xp firewall for internet
control to work?
You can disconnect the MS Windows XP firewall:

Start > Settings > Control Panel

Double click on the Windows Firewall icon.
Under the General tab click the Off (Not Recommended) option
button.


You can't do this if Windows security policy is dictated by the
domain you are connected to.

I don't quite understand how this could be a default policy for
SBS2003, which was released before the new WinXP SP2 firewall even
existed.
Didn't windows still have a firewall before SP2?

Perhaps it's because most people have updated SBS2003 to SP1 and have
run the security wizards as suggested by MS? :)
Is it that you don't have access to the admin tools in Control
Panel? If so, then perhaps you need to log in as a domain
administrator to get access to these controls. It would make little
sense at all to disallow any control of the workstation firewall by
any user, no matter what their level of permissions.

Indeed, none of it makes any sense to me at all as a default
security policy, as disabling all user control of the firewall
settings rather defeats the purpose of a software firewall running
on a workstation. That is, if you can't decide which processes to
grant permission to a port, then it's going to get in the way far
more often than it's going to help.
I think you still have permission to add new programs to the "allow"
list but you can't turn the firewall off (or on for other connections
which is rather dumb).
Of course, that might be another one of Microsoft's "sour grapes"
strategies, as with the Draconian Outlook security patch, which in
its original version made Outlook basically unusable, but allowed MS
to say "see, we told you that you could have either security or ease
of use, but not both." MS was wrong in that case, and if they are
doing the same thing with the WinXP SP2 firewall, they are
completely wrong yet again.


Br@dley
Nov 13 '05 #11

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

17
by: Jawahar Rajan | last post by:
All, I am working on a project that requires the companies clients to login to our web site. however for employees of the companies they do not want to have a login. But a lot of the asp pages...
6
by: Matt Hawley | last post by:
I'm facing a problem where I need to verify that my windows forms application has access to the internet before it can do anything. Currently, the only way I can think of is by creating a...
3
by: le_mo_mo | last post by:
I was wondering if any body has used Internet as a WAN (Wide Area Network) to provide database access. I know about web services but I like to experiment with using Internet as a extended network...
5
by: John | last post by:
Hi Does anyone have an example of using the Internet Transfer Control from behind a proxy server on port 8080? Thanks Regards
56
by: Raphi | last post by:
Hi, I've been using an Access application I wrote for an office with the front-end stored on all computers and the back-end on one of them serving as an Access file server. Now we're moving...
2
by: JezB | last post by:
I'm writing a windows forms application which accesses the internet at various points in two different ways: - calling a webservice (.wsdl), - using the WebRequest & WebResponse methods. I have...
3
by: Craig | last post by:
Is there a way to access the internet explorer DOM in ASP.NET? Thanks
34
by: Shiva | last post by:
Hi, My access application has been split into a frontend and a backend. The backend is on my harddisk. Now I'd like to put the backend on my homepage (thus the internet) - this would allow me to...
1
by: asdf | last post by:
Hi, Currently, I have one database for Intranet clients on the server behind the firewall. But I was asked to allow the extranet users to access the same data. From the security perspective what...
0
by: ryjfgjl | last post by:
ExcelToDatabase: batch import excel into database automatically...
1
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
0
by: Vimpel783 | last post by:
Hello! Guys, I found this code on the Internet, but I need to modify it a little. It works well, the problem is this: Data is sent from only one cell, in this case B5, but it is necessary that data...
0
by: jfyes | last post by:
As a hardware engineer, after seeing that CEIWEI recently released a new tool for Modbus RTU Over TCP/UDP filtering and monitoring, I actively went to its official website to take a look. It turned...
0
by: ArrayDB | last post by:
The error message I've encountered is; ERROR:root:Error generating model response: exception: access violation writing 0x0000000000005140, which seems to be indicative of an access violation...
1
by: PapaRatzi | last post by:
Hello, I am teaching myself MS Access forms design and Visual Basic. I've created a table to capture a list of Top 30 singles and forms to capture new entries. The final step is a form (unbound)...
0
by: CloudSolutions | last post by:
Introduction: For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
0
by: Shællîpôpï 09 | last post by:
If u are using a keypad phone, how do u turn on JavaScript, to access features like WhatsApp, Facebook, Instagram....
0
by: Faith0G | last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.