Sign in to follow this  
Followers 0
susserj

WinXP SP2 Pesty Personal Firewall

4 posts in this topic

Hi,

For reasons beyond my control, my department wants to implement the personal firewall feature when rolling out Win XP SP2. When installing Hummingbird DM the installation script prompts the user to Unblock the program PAPHostWWW server. My unattended software installation script is now broken and I don't know how to fix it. :)

The "Windows Security Alert" popup window doesn't have any hot keys to select the unblock command. I could try sending mouse clicks but I don't know what resolution the user is running at, or what size fonts etc.

The registry key changes have Cryptography RNG modifications associated with it.

The Hummingbird file PAPHostWWW doesn't exist before the installation of the application.

I can see why MS would not want to make it easy to turn off or modify their firewall but how are you suppose to install software in an automated fashion?

If some one knows how to get around these pesky firewalls, I'd really appreciate it.

Thank

Share this post


Link to post
Share on other sites



Why don't you switch it off in the SIF (Assuming you are using RIS to deploy your workstation builds?)

Share this post


Link to post
Share on other sites

...The "Windows Security Alert" popup window doesn't have any hot keys to select the unblock command...

<{POST_SNAPBACK}>

I think that the display of the "keyboard navigation letters" are hidden by default... but just because they are hidden does not mean that they are not there. The sample code below works for me.
AutoItSetOption ("WinTitleMatchMode", 2)
;1-from the start, 2-any substring, 3-exact match
AutoItSetOption ("TrayIconDebug", 1) ;0-off

Run("C:\Program Files\NetMeeting\conf.exe")

WinWait("Windows Security Alert","NetMeeting")
WinActivate("Windows Security Alert","NetMeeting")
WinWaitActive("Windows Security Alert","NetMeeting")
Send("!u")
If you wish to see the "keyboard navigation letters", go to:

Control Panel

Display

Appearance

Effects

uncheck "Hide underlined letters for keyboard navigation until I press the Alt key"

later


[size="1"][font="Arial"].[u].[/u][/font][/size]

Share this post


Link to post
Share on other sites

You can add a firewall exception to the client's registry.

The settings reside under:

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List

Create some string values eg:

RegWrite("HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List", "c:\MyProgram.exe", "REG_SZ", "c:\MyProgram.exe:*:enabled:MyProgram.exe")

You can write remotely to the registry as well:

RegWrite("COMPUTERNAME\HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List", "c:\MyProgram.exe", "REG_SZ", "c:\MyProgram.exe:*:enabled:MyProgram.exe")

Microsoft has some articles relating to this. One of them is here

You can also have fun with "netsh firewall"


CheersNobby

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0