RE: Scanning through Windows XP Firewalls

["Darko Gavrilovic" <darko.gavrilovic@utoronto.ca>]

You could do & deply a script to allow poke hole in firewall and restrice to your own subnet or scanning host. Type "netsh firewall add portopening /?" at command prompt.

 

Also, refer to this doc for what ports to open.

 

http://support.microsoft.com/?kbid=832017

 

Usually all you need is 445 and 135 - 139.

 

cheers,
dg

UOFT/DUA
Tel: 416.978.7719

 

---

From: nessus-bounces@list.nessus.org [mailto:nessus-bounces@list.nessus.org] On Behalf Of Doug Nordwall
Sent: Monday, December 11, 2006 9:47 AM
To: Wolfgang Kantner
Cc: nessus@list.nessus.org
Subject: Re: Scanning through Windows XP Firewalls

http://www.microsoft.com/technet/prodtechnol/winxppro/deploy/depfwset/wfsp2apa.mspx might give you some ideas on how to do it. I've not tested it though, as I don't have a windows machine handy.

On 12/11/06, Wolfgang Kantner <wolfgang.kantner@boku.ac.at> wrote:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Hello!

We use nessus for network-scanning and are very satisfied, but:
Windows XP-Hosts with firewalls active are a problem.

Is there a registry-key or something thelike to open
host a for the scanning-host?
Or are there other solutions?


Greetings

Wolfgang Kantner

- --
secure by default
http://openbsd.org



-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (OpenBSD)

iD8DBQFFfWLAgU6QtVOUt00RAjL3AKCnpJhjan0MHdwRk3l23t2Rk5HUAQCfRypN
eInaj809XsgsEO3jPcpSUcs=
=gFbc
-----END PGP SIGNATURE-----
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus

--
Doug Nordwall
Unix, Network, and Security Administrator
Noise proves nothing. Often a hen who has merely laid an egg cackles as if she laid an asteroid. -- Mark Twain

_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus