Embed
Email

firewall

Document Sample

Shared by: ajizai
Categories
Tags
Stats
views:
15
posted:
12/19/2011
language:
pages:
27
Info

ICMP

Loging

Del file

Delete port

Add port

Delete App

Add App

ICMP

Reset W2K8

Del file W2k8

Loging W2K8

Loging W2K8

Loging W2K8

Add Port W2K8

ICMP



Net

Servers

Admin Network

User Network

Guest Network

DMZ

Custom



Port Type

tcp

udp



Rule Type

Port

App

Command

netsh firewall reset

netsh firewall set logging filelocation = c:\pfirewall.log maxfilesize = 4096 droppedpackets = ENABLE

del c:\pfirewall.log

netsh firewall delete portopening

netsh firewall add portopening profile=all

netsh firewall delete allowedprogram

netsh firewall add allowedprogram profile=all

netsh firewall set icmpsetting 3 & netsh firewall set icmpsetting 8

netsh advfirewall reset

del c:\pfirewall.log

netsh advfirewall set allprofiles logging filename c:\pfirewall.log

netsh advfirewall set allprofiles logging maxfilesize 4096

netsh advfirewall set allprofiles logging droppedconnections ENABLE

netsh advfirewall firewall add rule name=

netsh advfirewall firewall add rule name="ICMP Allow incoming V4 echo request" protocol=icmpv4:8,any dir=in action=allow



Addresses

192.168.1.0/255.255.255.0,192.168.2.0/255.255.255.0

192.168.200.0/255.255.255.0,192.168.210.0/255.255.255.0

192.168.10.0/255.255.255.0,192.168.110.0/255.255.255.0,192.168.200.0/255.255.255.0,192.168.210.0/255.255.255.0,192.168

192.168.100.0/255.255.255.0,192.168.10.0/255.255.255.0,192.168.110.0/255.255.255.0,192.168.200.0/255.255.255.0,192.168

xxx.xxx.xxx.xxx/255.255.255.255,yyy.yyy.yyy.yyy/255.255.255.255

any dir=in action=allow

Server: SRV2003









Description









Application

Rule Type









Port Type









Scope

Name

Port

Port tcp 3389 RDP Admin Network

Port tcp 445 FS Admin Network

Scope Manual









Scope Full

192.168.200.0/255.255.255.0,192.168.210.0/255.255.255.0

192.168.200.0/255.255.255.0,192.168.210.0/255.255.255.0

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

command

netsh firewall reset

del c:\pfirewall.log

netsh firewall set logging filelocation = c:\pfirewall.log maxfilesize = 4096 droppedpackets = ENABLE

netsh firewall set icmpsetting 3 & netsh firewall set icmpsetting 8

netsh firewall add portopening profile=all tcp 3389 "RDP tcp_3389" enable custom "192.168.200.0/255.255.255.0,192.168.210.0/25

netsh firewall add portopening profile=all tcp 445 "FS tcp_445" enable custom "192.168.200.0/255.255.255.0,192.168.210.0/255.25

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

Server: SRV2008









Description









Application

Rule Type









Port Type









Scope

Name

Port





Port tcp 3389 RDP Admin Network

Port tcp 445 FS Admin Network

Scope Manual









Scope Full

192.168.200.0/255.255.255.0,192.168.210.0/255.255.255.0

192.168.200.0/255.255.255.0,192.168.210.0/255.255.255.0

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

command

netsh advfirewall reset

del c:\pfirewall.log

netsh advfirewall set allprofiles logging filename c:\pfirewall.log

netsh advfirewall set allprofiles logging maxfilesize 4096

netsh advfirewall set allprofiles logging droppedconnections ENABLE

netsh advfirewall firewall add rule name="ICMP Allow incoming V4 echo request" protocol=icmpv4:8,any dir=in action=allow

netsh advfirewall firewall add rule name="RDP tcp_3389" protocol=tcp dir=in localport="3389" RemoteIP="192.168.200.0/255.255.2

netsh advfirewall firewall add rule name="FS tcp_445" protocol=tcp dir=in localport="445" RemoteIP="192.168.200.0/255.255.255.0

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

#N/A

Server: SRV2003_DC









Description









Application

Rule Type









Port Type









Name

Port

Port tcp 3389 RDP

Port tcp 445 FS

App MS Administration DHCP C:\Windows\System32\tcpsvcs.exe

App MS Administration DNS C:\Windows\System32\dns.exe

Port tcp 443 MS IIS Cert Server

Port udp 67 MS DHCP

Port tcp 135 MS Services RPC

Port tcp 593 MS Services RPC Over HTTP

Port tcp 1025 MS RPC

Port udp 123 MS NTP Server

Port tcp 3268 MS Global Catalog LDAP

Port tcp 3269 MS Global Catalog LDAP SSL

Port tcp 389 MS LDAP

Port udp 389 MS LDAP

Port tcp 636 MS LDAP SSL

Port udp 636 MS LDAP SSL

Port tcp 53 MS DNS

Port udp 53 MS DNS

Port tcp 88 MS Kerberos

Port udp 88 MS Kerberos

Port tcp 464 MS Kerberos KDC

Port udp 464 MS Kerberos KDC

Port tcp 53211 MS AD Replication

Port tcp 53212 MS AD FRS

App MS AD FRS C:\Windows\System32\ntfrs.exe

Scope Manual









Scope Full

Scope









Admin Network 192.168.200.0/255.255.255.0,192.168.210.0/255.255.255.0

User Network 192.168.10.0/255.255.255.0,192.168.110.0/255.255.255.0,192.168

Admin Network 192.168.200.0/255.255.255.0,192.168.210.0/255.255.255.0

Admin Network 192.168.200.0/255.255.255.0,192.168.210.0/255.255.255.0

User Network 192.168.10.0/255.255.255.0,192.168.110.0/255.255.255.0,192.168

Custom * *

User Network 192.168.10.0/255.255.255.0,192.168.110.0/255.255.255.0,192.168

Servers 192.168.1.0/255.255.255.0,192.168.2.0/255.255.255.0

User Network 192.168.10.0/255.255.255.0,192.168.110.0/255.255.255.0,192.168

Custom 0

User Network 192.168.10.0/255.255.255.0,192.168.110.0/255.255.255.0,192.168

User Network 192.168.10.0/255.255.255.0,192.168.110.0/255.255.255.0,192.168

User Network 192.168.10.0/255.255.255.0,192.168.110.0/255.255.255.0,192.168

User Network 192.168.10.0/255.255.255.0,192.168.110.0/255.255.255.0,192.168

User Network 192.168.10.0/255.255.255.0,192.168.110.0/255.255.255.0,192.168

User Network 192.168.10.0/255.255.255.0,192.168.110.0/255.255.255.0,192.168

Custom * *

Custom * *

User Network 192.168.10.0/255.255.255.0,192.168.110.0/255.255.255.0,192.168

User Network 192.168.10.0/255.255.255.0,192.168.110.0/255.255.255.0,192.168

User Network 192.168.10.0/255.255.255.0,192.168.110.0/255.255.255.0,192.168

User Network 192.168.10.0/255.255.255.0,192.168.110.0/255.255.255.0,192.168

User Network 192.168.10.0/255.255.255.0,192.168.110.0/255.255.255.0,192.168

User Network 192.168.10.0/255.255.255.0,192.168.110.0/255.255.255.0,192.168

Servers 192.168.1.0/255.255.255.0,192.168.2.0/255.255.255.0

command

netsh firewall reset

del c:\pfirewall.log

netsh firewall set logging filelocation = c:\pfirewall.log maxfilesize = 4096 droppedpackets = ENABLE

netsh firewall set icmpsetting 3 & netsh firewall set icmpsetting 8

netsh firewall add portopening profile=all tcp 3389 "RDP tcp_3389" enable custom "192.168.200.0/255.255.255.0,192.168.210.0/25

netsh firewall add portopening profile=all tcp 445 "FS tcp_445" enable custom "192.168.10.0/255.255.255.0,192.168.110.0/255.255

netsh firewall add allowedprogram profile=all name="MS Administration DHCP" program="C:\Windows\System32\tcpsvcs.exe" ena

netsh firewall add allowedprogram profile=all name="MS Administration DNS" program="C:\Windows\System32\dns.exe" enable cu

netsh firewall add portopening profile=all tcp 443 "MS IIS Cert Server tcp_443" enable custom "192.168.10.0/255.255.255.0,192.16

netsh firewall add portopening profile=all udp 67 "MS DHCP udp_67" enable custom "*"

netsh firewall add portopening profile=all tcp 135 "MS Services tcp_135" enable custom "192.168.10.0/255.255.255.0,192.168.110.

netsh firewall add portopening profile=all tcp 593 "MS Services tcp_593" enable custom "192.168.1.0/255.255.255.0,192.168.2.0/25

netsh firewall add portopening profile=all tcp 1025 "MS RPC tcp_1025" enable custom "192.168.10.0/255.255.255.0,192.168.110.0

netsh firewall add portopening profile=all udp 123 "MS NTP Server udp_123" enable custom "0"

netsh firewall add portopening profile=all tcp 3268 "MS Global Catalog LDAP tcp_3268" enable custom "192.168.10.0/255.255.255.

netsh firewall add portopening profile=all tcp 3269 "MS Global Catalog LDAP SSL tcp_3269" enable custom "192.168.10.0/255.255

netsh firewall add portopening profile=all tcp 389 "MS LDAP tcp_389" enable custom "192.168.10.0/255.255.255.0,192.168.110.0/2

netsh firewall add portopening profile=all udp 389 "MS LDAP udp_389" enable custom "192.168.10.0/255.255.255.0,192.168.110.0

netsh firewall add portopening profile=all tcp 636 "MS LDAP SSL tcp_636" enable custom "192.168.10.0/255.255.255.0,192.168.11

netsh firewall add portopening profile=all udp 636 "MS LDAP SSL udp_636" enable custom "192.168.10.0/255.255.255.0,192.168.1

netsh firewall add portopening profile=all tcp 53 "MS DNS tcp_53" enable custom "*"

netsh firewall add portopening profile=all udp 53 "MS DNS udp_53" enable custom "*"

netsh firewall add portopening profile=all tcp 88 "MS Kerberos tcp_88" enable custom "192.168.10.0/255.255.255.0,192.168.110.0/

netsh firewall add portopening profile=all udp 88 "MS Kerberos udp_88" enable custom "192.168.10.0/255.255.255.0,192.168.110.0

netsh firewall add portopening profile=all tcp 464 "MS Kerberos KDC tcp_464" enable custom "192.168.10.0/255.255.255.0,192.168

netsh firewall add portopening profile=all udp 464 "MS Kerberos KDC udp_464" enable custom "192.168.10.0/255.255.255.0,192.1

netsh firewall add portopening profile=all tcp 53211 "MS AD Replication tcp_53211" enable custom "192.168.10.0/255.255.255.0,19

netsh firewall add portopening profile=all tcp 53212 "MS AD FRS tcp_53212" enable custom "192.168.10.0/255.255.255.0,192.168.

netsh firewall add allowedprogram profile=all name="MS AD FRS" program="C:\Windows\System32\ntfrs.exe" enable custom "192.

Server: SRV2003_WSUS_SMS









Description









Application

Rule Type









Port Type









Name

Port

Port tcp 3389 RDP

Port tcp 445 FS

Port tcp 80 MS WSUS Client To Server

Port tcp 443 MS WSUS Client To Server

App MS SMS F:\SMS\bin\i386\smsexec.exe

App MS SMS F:\SMS\bin\i386\sitecomp.exe

App MS SMS F:\SMS_CCM\CcmExec.exe

App MS SMS F:\SMS\bin\i386\SMS_SLP\slpexec.exe

Port tcp 135 MS SMS Console To Server

App MS SMS C:\Windows\System32\wbem\unsecapp.exe

Port tcp 3855 MS SMS Console To Server

App MS Administration C:\Windows\System32\Lsass.exe

App MS Services MS DTC C:\Windows\System32\msdtc.exe

Port tcp 1433 MS SQL Server

Port tcp 5000 MS DCOM

Port tcp 5001 MS DCOM

Port tcp 5002 MS DCOM

Port tcp 5003 MS DCOM

Port tcp 5004 MS DCOM

Port tcp 5005 MS DCOM

Port tcp 5006 MS DCOM

Port tcp 5007 MS DCOM

Port tcp 5008 MS DCOM

Port tcp 5009 MS DCOM

Scope Manual









Scope Full

Scope









Admin Network 192.168.200.0/255.255.255.0,192.168.210.0/255.255.255.0

User Network 192.168.10.0/255.255.255.0,192.168.110.0/255.255.255.0,192.168

User Network 192.168.10.0/255.255.255.0,192.168.110.0/255.255.255.0,192.168

User Network 192.168.10.0/255.255.255.0,192.168.110.0/255.255.255.0,192.168

Servers 192.168.1.0/255.255.255.0,192.168.2.0/255.255.255.0

Servers 192.168.1.0/255.255.255.0,192.168.2.0/255.255.255.0

Servers 192.168.1.0/255.255.255.0,192.168.2.0/255.255.255.0

Servers 192.168.1.0/255.255.255.0,192.168.2.0/255.255.255.0

Admin Network 192.168.200.0/255.255.255.0,192.168.210.0/255.255.255.0

Admin Network 192.168.200.0/255.255.255.0,192.168.210.0/255.255.255.0

Admin Network * 192.168.200.0/255.255.255.0,192.168.210.0/255.255.255.0,*

Admin Network * 192.168.200.0/255.255.255.0,192.168.210.0/255.255.255.0,*

Admin Network 192.168.200.0/255.255.255.0,192.168.210.0/255.255.255.0

Admin Network 192.168.200.0/255.255.255.0,192.168.210.0/255.255.255.0

Admin Network 192.168.200.0/255.255.255.0,192.168.210.0/255.255.255.0

Admin Network 192.168.200.0/255.255.255.0,192.168.210.0/255.255.255.0

Admin Network 192.168.200.0/255.255.255.0,192.168.210.0/255.255.255.0

Admin Network 192.168.200.0/255.255.255.0,192.168.210.0/255.255.255.0

Admin Network 192.168.200.0/255.255.255.0,192.168.210.0/255.255.255.0

Admin Network 192.168.200.0/255.255.255.0,192.168.210.0/255.255.255.0

Admin Network 192.168.200.0/255.255.255.0,192.168.210.0/255.255.255.0

Admin Network 192.168.200.0/255.255.255.0,192.168.210.0/255.255.255.0

Admin Network 192.168.200.0/255.255.255.0,192.168.210.0/255.255.255.0

Admin Network 192.168.200.0/255.255.255.0,192.168.210.0/255.255.255.0

command

netsh firewall reset

del c:\pfirewall.log

netsh firewall set logging filelocation = c:\pfirewall.log maxfilesize = 4096 droppedpackets = ENABLE

netsh firewall set icmpsetting 3 & netsh firewall set icmpsetting 8

netsh firewall add portopening profile=all tcp 3389 "RDP tcp_3389" enable custom "192.168.200.0/255.255.255.0,192.168.210.0/25

netsh firewall add portopening profile=all tcp 445 "FS tcp_445" enable custom "192.168.10.0/255.255.255.0,192.168.110.0/255.255

netsh firewall add portopening profile=all tcp 80 "MS WSUS tcp_80" enable custom "192.168.10.0/255.255.255.0,192.168.110.0/25

netsh firewall add portopening profile=all tcp 443 "MS WSUS tcp_443" enable custom "192.168.10.0/255.255.255.0,192.168.110.0/

netsh firewall add allowedprogram profile=all name="MS SMS" program="F:\SMS\bin\i386\smsexec.exe" enable custom "192.168.1

netsh firewall add allowedprogram profile=all name="MS SMS" program="F:\SMS\bin\i386\sitecomp.exe" enable custom "192.168.1

netsh firewall add allowedprogram profile=all name="MS SMS" program="F:\SMS_CCM\CcmExec.exe" enable custom "192.168.1.0

netsh firewall add allowedprogram profile=all name="MS SMS" program="F:\SMS\bin\i386\SMS_SLP\slpexec.exe" enable custom "

netsh firewall add portopening profile=all tcp 135 "MS SMS tcp_135" enable custom "192.168.200.0/255.255.255.0,192.168.210.0/2

netsh firewall add allowedprogram profile=all name="MS SMS" program="C:\Windows\System32\wbem\unsecapp.exe" enable cust

netsh firewall add portopening profile=all tcp 3855 "MS SMS tcp_3855" enable custom "192.168.200.0/255.255.255.0,192.168.210.

netsh firewall add allowedprogram profile=all name="MS Administration" program="C:\Windows\System32\Lsass.exe" enable custo

netsh firewall add allowedprogram profile=all name="MS Services" program="C:\Windows\System32\msdtc.exe" enable custom "19

netsh firewall add portopening profile=all tcp 1433 "MS SQL Server tcp_1433" enable custom "192.168.200.0/255.255.255.0,192.16

netsh firewall add portopening profile=all tcp 5000 "MS DCOM tcp_5000" enable custom "192.168.200.0/255.255.255.0,192.168.21

netsh firewall add portopening profile=all tcp 5001 "MS DCOM tcp_5001" enable custom "192.168.200.0/255.255.255.0,192.168.21

netsh firewall add portopening profile=all tcp 5002 "MS DCOM tcp_5002" enable custom "192.168.200.0/255.255.255.0,192.168.21

netsh firewall add portopening profile=all tcp 5003 "MS DCOM tcp_5003" enable custom "192.168.200.0/255.255.255.0,192.168.21

netsh firewall add portopening profile=all tcp 5004 "MS DCOM tcp_5004" enable custom "192.168.200.0/255.255.255.0,192.168.21

netsh firewall add portopening profile=all tcp 5005 "MS DCOM tcp_5005" enable custom "192.168.200.0/255.255.255.0,192.168.21

netsh firewall add portopening profile=all tcp 5006 "MS DCOM tcp_5006" enable custom "192.168.200.0/255.255.255.0,192.168.21

netsh firewall add portopening profile=all tcp 5007 "MS DCOM tcp_5007" enable custom "192.168.200.0/255.255.255.0,192.168.21

netsh firewall add portopening profile=all tcp 5008 "MS DCOM tcp_5008" enable custom "192.168.200.0/255.255.255.0,192.168.21

netsh firewall add portopening profile=all tcp 5009 "MS DCOM tcp_5009" enable custom "192.168.200.0/255.255.255.0,192.168.21

Server: SRV2003_HTTP









Description









Application

Rule Type









Port Type









Name

Port

Port tcp 3389 RDP

Port tcp 445 FS

App MS Administration C:\Windows\System32\Lsass.exe

Port tcp 1025 MS

Port tcp 80 IIS WSS

Port tcp 443 IIS WSS

Port tcp 6856 IIS WSS CA WSS Central Administration

Scope Manual









Scope Full

Scope









Admin Network 192.168.200.0/255.255.255.0,192.168.210.0/255.255.255.0

Admin Network 192.168.200.0/255.255.255.0,192.168.210.0/255.255.255.0

Servers 192.168.1.0/255.255.255.0,192.168.2.0/255.255.255.0

Admin Network 192.168.200.0/255.255.255.0,192.168.210.0/255.255.255.0

Custom *

Custom *

Admin Network 192.168.200.0/255.255.255.0,192.168.210.0/255.255.255.0

command

netsh firewall reset

del c:\pfirewall.log

netsh firewall set logging filelocation = c:\pfirewall.log maxfilesize = 4096 droppedpackets = ENABLE

netsh firewall set icmpsetting 3 & netsh firewall set icmpsetting 8

netsh firewall add portopening profile=all tcp 3389 "RDP tcp_3389" enable custom "192.168.200.0/255.255.255.0,192.168.210.0/25

netsh firewall add portopening profile=all tcp 445 "FS tcp_445" enable custom "192.168.200.0/255.255.255.0,192.168.210.0/255.25

netsh firewall add allowedprogram profile=all name="MS Administration" program="C:\Windows\System32\Lsass.exe" enable custo

netsh firewall add portopening profile=all tcp 1025 "MS tcp_1025" enable custom "192.168.200.0/255.255.255.0,192.168.210.0/255

netsh firewall add portopening profile=all tcp 80 "IIS tcp_80" enable custom "*"

netsh firewall add portopening profile=all tcp 443 "IIS tcp_443" enable custom "*"

netsh firewall add portopening profile=all tcp 6856 "IIS WSS CA tcp_6856" enable custom "192.168.200.0/255.255.255.0,192.168.2

Server: SRV2003_DB









Description









Application

Rule Type









Port Type









Name

Port

Port tcp 3389 RDP

Port tcp 445 FS

App MS Administration C:\Windows\System32\Lsass.exe

Port tcp 1025 MS

Port tcp 1433 MS SQL

Port udp 1434 MS SQL Browser

Scope Manual









Scope Full

Scope









Admin Network 192.168.200.0/255.255.255.0,192.168.210.0/255.255.255.0

Admin Network 192.168.200.0/255.255.255.0,192.168.210.0/255.255.255.0

Servers 192.168.1.0/255.255.255.0,192.168.2.0/255.255.255.0

Admin Network 192.168.200.0/255.255.255.0,192.168.210.0/255.255.255.0

User Network 192.168.10.0/255.255.255.0,192.168.110.0/255.255.255.0,192.168

User Network 192.168.10.0/255.255.255.0,192.168.110.0/255.255.255.0,192.168

command

netsh firewall reset

del c:\pfirewall.log

netsh firewall set logging filelocation = c:\pfirewall.log maxfilesize = 4096 droppedpackets = ENABLE

netsh firewall set icmpsetting 3 & netsh firewall set icmpsetting 8

netsh firewall add portopening profile=all tcp 3389 "RDP tcp_3389" enable custom "192.168.200.0/255.255.255.0,192.168.210.0/25

netsh firewall add portopening profile=all tcp 445 "FS tcp_445" enable custom "192.168.200.0/255.255.255.0,192.168.210.0/255.25

netsh firewall add allowedprogram profile=all name="MS Administration" program="C:\Windows\System32\Lsass.exe" enable custo

netsh firewall add portopening profile=all tcp 1025 "MS tcp_1025" enable custom "192.168.200.0/255.255.255.0,192.168.210.0/255

netsh firewall add portopening profile=all tcp 1433 "MS SQL tcp_1433" enable custom "192.168.10.0/255.255.255.0,192.168.110.0/

netsh firewall add portopening profile=all udp 1434 "MS SQL Browser udp_1434" enable custom "192.168.10.0/255.255.255.0,192.

Server: SRV2003_DMZ









Description









Application

Rule Type









Port Type









Name

Port

Port tcp 3389 RDP

App MS Administration DNS C:\Windows\System32\dns.exe

Port tcp 135 MS Services RPC

Port tcp 53 MS DNS

Port udp 53 MS DNS

Port tcp 80 MS IIS

Port tcp 443 MS IIS

port tcp 20 MS FTP

port tcp 21 MS FTP

port tcp 60000 MS FTP Pasive

port tcp 60001 MS FTP Pasive

port tcp 60002 MS FTP Pasive

port tcp 60003 MS FTP Pasive

port tcp 60004 MS FTP Pasive

port tcp 60005 MS FTP Pasive

port tcp 60006 MS FTP Pasive

port tcp 60007 MS FTP Pasive

port tcp 60008 MS FTP Pasive

port tcp 60009 MS FTP Pasive

port tcp 60010 MS FTP Pasive

port tcp 60011 MS FTP Pasive

port tcp 60012 MS FTP Pasive

port tcp 60013 MS FTP Pasive

port tcp 60014 MS FTP Pasive

port tcp 60015 MS FTP Pasive

port tcp 60016 MS FTP Pasive

port tcp 60017 MS FTP Pasive

port tcp 60018 MS FTP Pasive

port tcp 60019 MS FTP Pasive

port tcp 60020 MS FTP Pasive

Scope Manual









Scope Full

Scope









Admin Network 192.168.200.0/255.255.255.0,192.168.210.0/255.255.255.0

Admin Network 192.168.200.0/255.255.255.0,192.168.210.0/255.255.255.0

Admin Network 192.168.200.0/255.255.255.0,192.168.210.0/255.255.255.0

Custom * *

Custom * *

Custom * *

Custom * *

Custom * *

Custom * *

Custom * *

Custom * *

Custom * *

Custom * *

Custom * *

Custom * *

Custom * *

Custom * *

Custom * *

Custom * *

Custom * *

Custom * *

Custom * *

Custom * *

Custom * *

Custom * *

Custom * *

Custom * *

Custom * *

Custom * *

Custom * *

command

netsh firewall reset

del c:\pfirewall.log

netsh firewall set logging filelocation = c:\pfirewall.log maxfilesize = 4096 droppedpackets = ENABLE

netsh firewall set icmpsetting 3 & netsh firewall set icmpsetting 8

netsh firewall add portopening profile=all tcp 3389 "RDP tcp_3389" enable custom "192.168.200.0/255.255.255.0,192.168.210.0/25

netsh firewall add allowedprogram profile=all name="MS Administration DNS" program="C:\Windows\System32\dns.exe" enable cu

netsh firewall add portopening profile=all tcp 135 "MS Services tcp_135" enable custom "192.168.200.0/255.255.255.0,192.168.210

netsh firewall add portopening profile=all tcp 53 "MS DNS tcp_53" enable custom "*"

netsh firewall add portopening profile=all udp 53 "MS DNS udp_53" enable custom "*"

netsh firewall add portopening profile=all tcp 80 "MS IIS tcp_80" enable custom "*"

netsh firewall add portopening profile=all tcp 443 "MS IIS tcp_443" enable custom "*"

netsh firewall add portopening profile=all tcp 20 "MS FTP tcp_20" enable custom "*"

netsh firewall add portopening profile=all tcp 21 "MS FTP tcp_21" enable custom "*"

netsh firewall add portopening profile=all tcp 60000 "MS FTP Pasive tcp_60000" enable custom "*"

netsh firewall add portopening profile=all tcp 60001 "MS FTP Pasive tcp_60001" enable custom "*"

netsh firewall add portopening profile=all tcp 60002 "MS FTP Pasive tcp_60002" enable custom "*"

netsh firewall add portopening profile=all tcp 60003 "MS FTP Pasive tcp_60003" enable custom "*"

netsh firewall add portopening profile=all tcp 60004 "MS FTP Pasive tcp_60004" enable custom "*"

netsh firewall add portopening profile=all tcp 60005 "MS FTP Pasive tcp_60005" enable custom "*"

netsh firewall add portopening profile=all tcp 60006 "MS FTP Pasive tcp_60006" enable custom "*"

netsh firewall add portopening profile=all tcp 60007 "MS FTP Pasive tcp_60007" enable custom "*"

netsh firewall add portopening profile=all tcp 60008 "MS FTP Pasive tcp_60008" enable custom "*"

netsh firewall add portopening profile=all tcp 60009 "MS FTP Pasive tcp_60009" enable custom "*"

netsh firewall add portopening profile=all tcp 60010 "MS FTP Pasive tcp_60010" enable custom "*"

netsh firewall add portopening profile=all tcp 60011 "MS FTP Pasive tcp_60011" enable custom "*"

netsh firewall add portopening profile=all tcp 60012 "MS FTP Pasive tcp_60012" enable custom "*"

netsh firewall add portopening profile=all tcp 60013 "MS FTP Pasive tcp_60013" enable custom "*"

netsh firewall add portopening profile=all tcp 60014 "MS FTP Pasive tcp_60014" enable custom "*"

netsh firewall add portopening profile=all tcp 60015 "MS FTP Pasive tcp_60015" enable custom "*"

netsh firewall add portopening profile=all tcp 60016 "MS FTP Pasive tcp_60016" enable custom "*"

netsh firewall add portopening profile=all tcp 60017 "MS FTP Pasive tcp_60017" enable custom "*"

netsh firewall add portopening profile=all tcp 60018 "MS FTP Pasive tcp_60018" enable custom "*"

netsh firewall add portopening profile=all tcp 60019 "MS FTP Pasive tcp_60019" enable custom "*"

netsh firewall add portopening profile=all tcp 60020 "MS FTP Pasive tcp_60020" enable custom "*"

Scope

Custom









Application

Description

Name

3389 RDP

Port

SRV2008_RDP









Port Type









tcp

Server:



Rule Type









Port

Scope Full

*

Scope Manual









*

command

netsh advfirewall reset

del c:\pfirewall.log

netsh advfirewall set allprofiles logging filename c:\pfirewall.log

netsh advfirewall set allprofiles logging maxfilesize 4096

netsh advfirewall set allprofiles logging droppedconnections ENABLE

netsh advfirewall firewall add rule name="ICMP Allow incoming V4 echo request" protocol=icmpv4:8,any dir=in action=allow

netsh advfirewall firewall add rule name="RDP tcp_3389" protocol=tcp dir=in localport="3389" RemoteIP="*" action = allow



Related docs
firewall
Views: 392  |  Downloads: 24
?????? ?? ???????? ?? ????? ???? ?? ??????? ?? ???? Firewall ???? ?????? ????? ??? ?????
Views: 0  |  Downloads: 0
firewall
Views: 165  |  Downloads: 13
firewall
Views: 49  |  Downloads: 0
firewall
Views: 23  |  Downloads: 1
Firewall
Views: 187  |  Downloads: 5
firewall
Views: 144  |  Downloads: 1
Firewall
Views: 3  |  Downloads: 0
Firewall
Views: 53  |  Downloads: 1
Firewall
Views: 10  |  Downloads: 0
Firewall
Views: 43  |  Downloads: 1
Firewall
Views: 4  |  Downloads: 0
firewall
Views: 39  |  Downloads: 11
firewall
Views: 140  |  Downloads: 1
Firewall
Views: 71  |  Downloads: 3
Other docs by ajizai
NH_Members
Views: 0  |  Downloads: 0
06 Mr. Wu Jun 16012009
Views: 0  |  Downloads: 0
9i CITY OF RAPID CITY
Views: 0  |  Downloads: 0
K Readiness Doc. July 2010
Views: 0  |  Downloads: 0
LookMaNoHands
Views: 0  |  Downloads: 0
1.0 RFP PURPOSE - New Opportunities for Agriculture
Views: 0  |  Downloads: 0
Regression output Muslims - Feel able to practice their
Views: 0  |  Downloads: 0
97605964
Views: 0  |  Downloads: 0
For Immediate Release Y-cam releases Power over Ethernet IP camera ...
Views: 1  |  Downloads: 0
NBA 2006-07 data
Views: 0  |  Downloads: 0
By registering with docstoc.com you agree to our
privacy policy
Close

You are almost ready to download!

close

You are almost ready to download!