Jump to content

Windows Firewall Disabler


flaxcrack
 Share

Recommended Posts

Here is a little utility that comes in handy if you are a domain admin and need to do remote work on a remote machine where the Windows Firewall is turned on. It is nuthing special, but it works. Please note that you must have local administrator rights on the remote machine in order for this to work. Enjoy and take care! :lmao:;)

dfw_irv2.au3

[quote] Gilbertson's Law: Nothing is foolproof to a sufficiently talented fool.Sandro Alvares: Flaxcrack is please not noob! i can report you is stop stupid. The Post[/quote]I made this: FWD & MD5PWD()

Link to comment
Share on other sites

Here is a little utility that comes in handy if you are a domain admin and need to do remote work on a remote machine where the Windows Firewall is turned on. It is nuthing special, but it works. Please note that you must have local administrator rights on the remote machine in order for this to work. Enjoy and take care! :lmao:;)

It is slow and you will see that it gets caught in the While loops, but I'm going to fix that. This is pass number two. I also have a pass number three that does it on a range of IP address, but I want to implement the fixes first. o:)

[quote] Gilbertson's Law: Nothing is foolproof to a sufficiently talented fool.Sandro Alvares: Flaxcrack is please not noob! i can report you is stop stupid. The Post[/quote]I made this: FWD & MD5PWD()

Link to comment
Share on other sites

Now you have the option of Enable or Disable. :lmao:

Make sure that the local group policy also allows for that user/group to remote into the PC.

Computer Configuration-->Windows Settings-->Security Setting --> Local Policies --> User Rights Assignment -- > Access this computer from the network.

{= )

---"Educate the Mind, Make Savage the Body" -Mao Tse Tung

Link to comment
Share on other sites

Guest BinaryVision

Here is a little utility that comes in handy if you are a domain admin and need to do remote work on a remote machine where the Windows Firewall is turned on. It is nuthing special, but it works. Please note that you must have local administrator rights on the remote machine in order for this to work. Enjoy and take care! :lmao:;)

By remote machine do you mean a system not joined to the domain? If the machine is also part of the domain, you can disable the Windows Firewall with the WinXP admin template in group policy. Windows Firewall is not a true SPI firewall anyway.

Link to comment
Share on other sites

By remote machine do you mean a system not joined to the domain? If the machine is also part of the domain, you can disable the Windows Firewall with the WinXP admin template in group policy. Windows Firewall is not a true SPI firewall anyway.

Lets say you are an Administrator of a remote machine on a domain in which you can not modify/create group policies. Also by modifying the GPO at the Domain/OU level you would be modifying it for all computer objects in that Domain/OU. At least this way you can do it on an 'as needed' basis.

[quote] Gilbertson's Law: Nothing is foolproof to a sufficiently talented fool.Sandro Alvares: Flaxcrack is please not noob! i can report you is stop stupid. The Post[/quote]I made this: FWD & MD5PWD()

Link to comment
Share on other sites

Lets say you are an Administrator of a remote machine on a domain in which you can not modify/create group policies. Also by modifying the GPO at the Domain/OU level you would be modifying it for all computer objects in that Domain/OU. At least this way you can do it on an 'as needed' basis.

Sure if you have a local GP, wouldnt that local GP over take the Site, domain and OU GPOs?

---"Educate the Mind, Make Savage the Body" -Mao Tse Tung

Link to comment
Share on other sites

Sure if you have a local GP, wouldnt that local GP over take the Site, domain and OU GPOs?

If the firewall is turned on it would be impossible to remotely administer the local GPO remotely. Regardless, it would be much easier to punch in the IP address and hit the go button. Ahhhh Ease of use!

[quote] Gilbertson's Law: Nothing is foolproof to a sufficiently talented fool.Sandro Alvares: Flaxcrack is please not noob! i can report you is stop stupid. The Post[/quote]I made this: FWD & MD5PWD()

Link to comment
Share on other sites

If the firewall is turned on it would be impossible to remotely administer the local GPO remotely. Regardless, it would be much easier to punch in the IP address and hit the go button. Ahhhh Ease of use!

we disable the firewall in the SP2 install by way of registry key. I just slipstreamed SP2 into our install which I am going to make as an network install point which I will use to auto update hotfixes.

I use Psexec to push Local GPs to the PCs remotely.

Microsoft software rocks when it works, sucks when it doesn't.

Edited by blademonkey

---"Educate the Mind, Make Savage the Body" -Mao Tse Tung

Link to comment
Share on other sites

we disable the firewall in the SP2 install by way of registry key. I just slipstreamed SP2 into our install which I am going to make as an network install point which I will use to auto update hotfixes.

I use Psexec to push Local GPs to the PCs remotely.

Microsoft software rocks when it works, sucks when it doesn't.

Mr. Monkey I think we both agree!

My code will enable the Remote Reg Service and then send Reg Punches to the remote machine. It makes it rather smooth I think.

And Psexec is so cool...I love it.

And I totally feel the same way about the money cow. They are so awesome, but it really sucks when it doesn't work the way it should, or you were lead to believe it would.

[quote] Gilbertson's Law: Nothing is foolproof to a sufficiently talented fool.Sandro Alvares: Flaxcrack is please not noob! i can report you is stop stupid. The Post[/quote]I made this: FWD & MD5PWD()

Link to comment
Share on other sites

Guest BinaryVision

Lets say you are an Administrator of a remote machine on a domain in which you can not modify/create group policies. Also by modifying the GPO at the Domain/OU level you would be modifying it for all computer objects in that Domain/OU. At least this way you can do it on an 'as needed' basis.

If you can't modify group policies and can't get the domain admin to do it then yea, that can be a problem. As far as making the group policies, that's what containers are for. You can apply a group policy to one or more containers, and not the entire domain. My other point was simply that even ZoneAlarm is a better firewall then Windows Firewall so I don't see the advantage of having it enabled--period. Whether or not the firewall is enabled before joining a machine to the domain doesn't matter. Once settings are applied from the domain it will become disabled. Only a local administrator of the machine can override that group policy after it has taken effect. The disadvantage of pushing registry commands after the fact, is you would have to do it every time you setup a new machine with XP. But either method will accomplish what you're trying to do.
Link to comment
Share on other sites

  • Moderators

F.Y.I. - you don't need #include <array.au3>

Common sense plays a role in the basics of understanding AutoIt... If you're lacking in that, do us all a favor, and step away from the computer.

Link to comment
Share on other sites

@flaxcrack

Nice feature.

This is a nice add-on for my Firewall Log Analyser

http://www.autoitscript.com/forum/index.php?showtopic=12682

No kidding! It would be the sprinkles on a doughnut!

[quote] Gilbertson's Law: Nothing is foolproof to a sufficiently talented fool.Sandro Alvares: Flaxcrack is please not noob! i can report you is stop stupid. The Post[/quote]I made this: FWD & MD5PWD()

Link to comment
Share on other sites

  • 2 weeks later...
  • 1 month later...

When you say I have to be a local administrator does that mean I have to be logged into that computer as the local administrator? Or does that mean I can be logged in to my computer as a domain or local administrator? I'm trying to use this on computers that have users logged in that have limited access.

Link to comment
Share on other sites

cool, works great for me but what would you do to re-enable it. And is it possible to select the connect to disable/enable the firewall on. and if so can you do all of them at the same time??

good job

and can you tell me what I would punch in to the cmd to do this manualy, I couldn't figure it out

Edited by zerocool60544

[center]AutoIT + Finger Print Reader/Scanner = COOL STUFF -> Check Out Topic![/center][center][font=Arial Black]Check out ConsultingJoe.com[/font][/center][center]My Scripts~~~~~~~~~~~~~~Web Protocol Managing - Simple WiFi Scanner - AutoTunes - Remote PC Control V2 - Audio SpectrascopePie Chart UDF - At&t's TTS - Custom Progress Bar - Windows Media Player Embed[/center]

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...