Enabling Windows Firewall
Netsh firewall set opmode enable
Disabling Windows Firewall
Netsh firewall set opmode disable
Bellow shows accessing Windows from backtrack using ncat more can be read on ncat
http://www.myexploit.wordpress.com/control-netcat/
root@bt:~# nc -lvvp 80
listening on [any] 80 …
IP-Address: inverse host lookup failed: Unknown server error : Connection timed out
connect to [IP-Address] from (UNKNOWN) [IP-Address] 1050
Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.
C:\Documents and Settings\test>Netsh firewall set opmode disable
Netsh firewall set opmode disable
Ok.
To allow an Exception to the Firewall (Add port access for outside access in)
netsh firewall add portopening UDP 8080 test enable
netsh firewall add portopening TCP 80 HTTPTest enable
C:\Documents and Settings\test>netsh firewall add portopening TCP 80 HTTPTest enable
netsh firewall add portopening TCP 80 HTTPTest enable
Ok.
Testing http access in is allowed
root@bt:~# telnet IP-Address 80
Trying IP-Address…
Connected to IP-Address.
Escape character is ‘^]’.
get
HTTP/1.1 400 Bad Request
Server: Microsoft-IIS/5.1
Date: Wed, 06 Jun 2011 14:36:04 GMT
Content-Type: text/html
Content-Length: 87
<html><head><title>Error</title></head><body>The parameter is incorrect. </body></html>Connection closed by foreign host.
C:\win7>Netsh firewall set opmode enable
IMPORTANT: Command executed successfully.
However, “netsh firewall” is deprecated;
use “netsh advfirewall firewall” instead.
For more information on using “netsh advfirewall firewall” commands
instead of “netsh firewall”, see KB article 947709
at http://go.microsoft.com/fwlink/?linkid=121488 .
Ok.
Updates for Win7
Enable FW
netsh advfirewall set currentprofile state on
netsh advfirewall set currentprofile state off
Allow Port 80 inwards
netsh advfirewall firewall add rule name=”Open Port 80″ dir=in action=allow protocol=TCP localport=80
2 thoughts on “control – windows firewall from the command line”