Question:
ok after I install IIS windows fire wall is disabled and their is now way to enable it due to the Fire wall setting is grayed out. Any Ideas?
Answer:
IIS installation routines do NOT interact with the Windows Firewall. Period. IIS installation routines do NOT enable/disable the Windows Firewall, nor does it configure Port Exceptions or Program Exceptions on the Windows Firewall. IIS has no knowledge of external Security measures.
Now, fresh Windows Server 2003 installation do start with a "Configure Your Server" (CYS) wizard console window, which if you dismiss, will stop and disable the Windows Firewall service. The text in the window basically tells you that the Windows Firewall is enabled so that you can get patches, and once you dismiss the window, the Firewall will be stopped and disabled. Other Personal Security Software (other firewall software) may choose to disable the Windows Firewall as well.
In any case, if you make sure to enable the "Windows Firewall" service, the Windows Firewall control panel applet should become active again. This can be done with:
- The "Services" Administrative Applet from the Start Menu
- Running "services.msc" on the command shell
- Running:
SC CONFIG ShareAccess start= auto & NET START SharedAccessin the command shell
//David
3 comments:
Amazingly Microsoft has still not patched the firewall so it works on machines with mutiple ip addresses assigned.
What happens is that the primary ip is protected and the others are either completely blocked or completely opened.
This is very important to realise if you expect protection from the Windows Firewall on your server.
The solution (apart from an external hardware firewall) is to define ipsec policys instead, however that's not for the faint hearted.
Not sure why they included the Windows Firewall in Windows 2003 at all.
I think the Windows Firewall in Windows Server 2003 is a real hack, quickly written for XPSP2 and propagated to WS03SP1, and only meant as an initial shield to allow the administrator to obtain any necessary patches after OS installation. This solves Windows 2000 Server's problem where Nimda/CodeRed can infect the server during OS installation when the network is live.
After all, upon completing the "Configure Your Server" wizard, the wizard tells you that Windows Firewall will be turned off and disabled.
It is not amazing to me that Microsoft has not patched the firewall - in fact, it will likely never happen - because Microsoft patches existing behavior, not introduce new ones. The new firewall in Vista Client/Server will functions the way you describe.
//David
Now do you worried about that in the game do not had enough 2moons dil to play the game, now you can not worried, my friend told me a website, in here you can buy a lot 2moons gold and only spend a little money, do not hesitate, it was really, in here we had much 2moon dil, we can sure that you will get the cheap 2moons gold, quick to come here to buy 2moons dil.
Now do you worried about that in the game do not had enough 9Dragons gold to play the game, now you can not worried, my friend told me a website, in here you can buy a lot 9 Dragons gold and only spend a little money, do not hesitate, it was really, in here we had much 9Dragons money, we can sure that you will get the cheap 9Dragons gold, quick to come here to buy 9 Dragons gold.
Post a Comment