Windows firewall with Powershell:

https://letitknow.wordpress.com/2012/09/13/manage-windows-firewall-with-powershell-3/

http://windowsitpro.com/windows-server-2012/controlling-windows-firewall-powershell

http://windowsitpro.com/windows-server/controlling-windows-firewall-powershell-part-2

Windows firewall rules groups:

The commands below are to open the firewall for most remote admin functions (since you’re using core and testing it, you’re going to remote manage right?)

Enable-NetFirewallRule -DisplayGroup “Remote Volume Management”
Enable-NetFirewallRule -DisplayGroup “Windows Firewall Remote Management”
Enable-NetFirewallRule -DisplayGroup “Remote Scheduled Tasks Management”
Enable-NetFirewallRule -DisplayGroup “Remote Service Management”
Enable-NetFirewallRule -DisplayGroup “Remote Event Log Management”
Enable-NetFirewallRule -DisplayGroup “Windows Remote Management”

Enable-NetFirewallRule -DisplayGroup “File and Printer Sharing”

Enable-NetFirewallRule -DisplayGroup “Performance Logs and Alerts”

Enable-NetFirewallRule -displaygroup “COM+ Remote Administration”

Enable-NetFirewallRule -displaygroup “COM+ Network Access”

 

Domain controllers and Windows Firewall Configurations:

As described earlier, you should use the Security Configuration Wizard to capture configuration settings for the Windows Firewall with Advanced Security on domain controllers. You should review the output of Security Configuration Wizard to ensure that the firewall configuration settings meet your organization’s requirements, and then use GPOs to enforce configuration settings.

 

Powershell cmdlets for Windows security:

https://technet.microsoft.com/en-us/library/jj554906%28v=wps.630%29.aspx

 

How to configure the Windows firewall with netsh (command line):

http://support.microsoft.com/kb/947709

else the most known commands are:

Import/export firewall settings:

netsh advfirewall import “c:\firewallconfig.wfw”

netsh advfirewall export “c:\firewallconfig.wfw”

query fw rules:

netsh advfirewall firewall show rule name=all

enable or disable windows fw:

netsh advfirewall set allprofiles state on      ;     netsh advfirewall set currentprofile state on     ; netsh advfirewall set currentprofile firewallpolicy blockinboundalways,allowoutbound

netsh advfirewall set allprofiles state off

reset windows fw:

netsh advfirewall reset

windows fw logging:

netsh advfirewall set currentprofile logging filename “d:\firewall.log”

allow or deny PING:

netsh advfirewall firewall add rule name=”ALL ICMP V4″ dir=in action=block protocol=icmpv4

netsh advfirewall firewall add rule name=”ALL ICMP V4″ dir=in action=allow protocol=icmpv4

enable a specific port:

netsh advfirewall firewall add rule name=”open a specific app port” dir=in action=allow protocol=TCP localport=1435

enable a program:

netsh advfirewall firewall add rule name=”allow messenger” dir=in action=allow program=”c:\programfiles\messenger\msnmsgr.exe”

enable file and print sharing:

netsh advfirewall firewall set rule group=”File and Printer Sharing” new enable=Yes

enable remote desktop service:

netsh advfirewall firewall set rule group=”remote desktop” new enable=Yes

enable remote management (winRM):

netsh advfirewall firewall set rule group=”remote administration” new enable=Yes


Advertisements