control – windows firewall from the command line

Enabling Windows Firewall
Netsh firewall set opmode enable

Disabling Windows Firewall
Netsh firewall set opmode disable

Bellow shows accessing Windows from backtrack using ncat more can be read on ncat

http://www.myexploit.wordpress.com/control-netcat/

root@bt:~# nc -lvvp 80
listening on [any] 80 …
IP-Address: inverse host lookup failed: Unknown server error : Connection timed out
connect to [IP-Address] from (UNKNOWN) [IP-Address] 1050
Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.

C:\Documents and Settings\test>Netsh firewall set opmode disable
Netsh firewall set opmode disable
Ok.

To allow an Exception to the Firewall (Add port access for outside access in)
netsh firewall add portopening UDP 8080 test enable

netsh firewall add portopening TCP 80 HTTPTest enable

C:\Documents and Settings\test>netsh firewall add portopening TCP 80 HTTPTest enable
netsh firewall add portopening TCP 80 HTTPTest enable
Ok.

Testing http access in is allowed

root@bt:~# telnet IP-Address 80
Trying IP-Address…
Connected to IP-Address.
Escape character is ‘^]’.
get
HTTP/1.1 400 Bad Request
Server: Microsoft-IIS/5.1
Date: Wed, 06 Jun 2011 14:36:04 GMT
Content-Type: text/html
Content-Length: 87

<html><head><title>Error</title></head><body>The parameter is incorrect. </body></html>Connection closed by foreign host.

C:\win7>Netsh firewall set opmode enable

IMPORTANT: Command executed successfully.
However, “netsh firewall” is deprecated;
use “netsh advfirewall firewall” instead.
For more information on using “netsh advfirewall firewall” commands
instead of “netsh firewall”, see KB article 947709
at http://go.microsoft.com/fwlink/?linkid=121488 .

Ok.

Updates for Win7

Enable FW
netsh advfirewall set currentprofile state on

netsh advfirewall set currentprofile state off

Allow Port 80 inwards
netsh advfirewall firewall add rule name=”Open Port 80″ dir=in action=allow protocol=TCP localport=80

Advertisements

2 thoughts on “control – windows firewall from the command line

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s