Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Service Packs for XP

  • 20-07-2005 8:21am
    #1
    Closed Accounts Posts: 3,413 ✭✭✭


    Hi Guys,

    I am deploying SP2 for XP but the firewall dosent make sense in my enviroment, (we have checkpoint a FW). I was told by a fellow techie that XP SP1a is the same as Sp2 but without the firewall.

    Is this true, as it would save me some bother on reboots after the firewall is installed.

    :)


Comments

  • Registered Users, Registered Users 2 Posts: 95 ✭✭fractal


    Hmm... Firewalls per machine can prove troublesome..

    I admin a network of about 200 desktops/ 20 laptops all WinXP SP2...

    Desktops do not have the SP2 firewall enabled.

    We have strict policies on connecting non company equipment to the LAN and keep up to date virus definitions... We dont really experience any problems that a firewall per machine would fix.

    My recommendation is try out SP2 with the firewall disabled unless you know you really need it. But make sure you test all your apps with it first as there are some really strange problems that it can pose, especially with more customer specific software. Also if your Desktops dont have a firewall enabled make sure your rules on our gateway device are set up properly as that will be your last line of defence!

    If you dont want the hassle of multiple reboots while patching XP id recommend you just use the /norestart flag on the MS security patch...


  • Registered Users, Registered Users 2 Posts: 68,317 ✭✭✭✭seamus


    I am deploying SP2 for XP but the firewall dosent make sense in my enviroment, (we have checkpoint a FW). I was told by a fellow techie that XP SP1a is the same as Sp2 but without the firewall.
    That's way oversimplifying it. There is a firewall in SP1a, it's just not as "advertised" as the one SP2. SP2 also includes a shedload of patches and critical updates. I'd say your best bet, as fractal says, is to install SP2 on a test machine and see what you think.


  • Moderators, Recreation & Hobbies Moderators, Science, Health & Environment Moderators, Technology & Internet Moderators Posts: 93,596 Mod ✭✭✭✭Capt'n Midnight


    you can always turn off the firewall - the gotcha is that if you do a remote install the firewall is installed by default.

    But you can use a reg file to add setting that leave ports open before you install the firewall..
    Eg: to allow VNC management from only 192.168.0.x
    Windows Registry Editor Version 5.00
    
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
    "139:TCP"="139:TCP:*:Enabled:@xpsp2res.dll,-22004"
    "445:TCP"="445:TCP:*:Enabled:@xpsp2res.dll,-22005"
    "137:UDP"="137:UDP:*:Enabled:@xpsp2res.dll,-22001"
    "138:UDP"="138:UDP:*:Enabled:@xpsp2res.dll,-22002"
    "5900:TCP"="5900:TCP:192.168.0.0/255.255.255.0:Enabled:VNC 5900 tcp"
    
    Windows Registry Editor Version 5.00
    
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
    "139:TCP"="139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004"
    "445:TCP"="445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005"
    "137:UDP"="137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001"
    "138:UDP"="138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002"
    "5900:TCP"="5900:TCP:192.168.0.0/255.255.255.0:Enabled:VNC 5900 tcp"
    


  • Registered Users, Registered Users 2 Posts: 66,132 ✭✭✭✭unkel
    Chauffe, Marcel, chauffe!


    seamus wrote:
    That's way oversimplifying it. There is a firewall in SP1a, it's just not as "advertised" as the one SP2

    Indeed. And the big difference to the general public is that the firewall is automatically switched on by default in SP2


  • Closed Accounts Posts: 3,413 ✭✭✭HashSlinging


    Hi how do you make a reg file like the one above. I presume just put in the above and call the file a .reg

    Thanks that looks like a good idea,


  • Advertisement
  • Registered Users, Registered Users 2 Posts: 145 ✭✭jayneemac


    Hi how do you make a reg file like the one above. I presume just put in the above and call the file a .reg

    Thanks that looks like a good idea,


    yes, put the above in a text file & save it with a .reg extension. double click & it will be added to the registry.


Advertisement