windows-firewall interview questions
Top windows-firewall frequently asked interview questions
I'm using "yeoman" and "bower" on windows 7 but got the following error when I create the app
yo webapp
The error is
bower not-cached git://github.com/jlong/sass-bootstrap.git#~3.0.0
bower resolve git://github.com/jlong/sass-bootstrap.git#~3.0.0
bower not-cached git://github.com/Modernizr/Modernizr.git#~2.6.2
bower resolve git://github.com/Modernizr/Modernizr.git#~2.6.2
bower not-cached git://github.com/jquery/jquery.git#~1.10.2
bower resolve git://github.com/jquery/jquery.git#~1.10.2
bower ECMDERR Failed to execute "git ls-remote --tags --heads git://github
.com/jquery/jquery.git", exit code of #128
Additional error details:
fatal: unable to connect to github.com:
github.com[0: 192.30.252.130]: errno=No error
The version of the yeoman, bower and node
c:\yo-test>bower -v
1.2.8
c:\yo-test>yo -version
1.1.2
c:\yo-test>node -v
v0.10.15
Any suggestion is much appreciated.
Source: (StackOverflow)
I recently installed MySQL 5 on Windows 2003 and tried configuring an instance. Everything worked fine until I got to "Applying Security settings", at which point it gave me the above error (Can't connect to MySQL server on 'localhost' (10061)
).
I do have a port 3306 exception in my firewall for 'MySQL Server'.
Source: (StackOverflow)
I have been trying to find some way of redirecting outbound TCP packets under windows, but so far have not been successful. Does anyone know of any software/code bit that would do something like that?
I am not even sure it is possible with the windows stack.
I am looking at doing something similar to what "-j REDIRECT" is to iptables.
EDIT: to be more precise, what needs to be done here, is to transparently(ie without the original application having to do anything) redirect outgoing tcp packet with a certain destination port to a specific ip.(alternatively redirecting them to a local port would be fine too since I can then just use something like rinetd or any port forwarder)
Source: (StackOverflow)
We currently run windows on all of our machines due to software limitation.
Within this however, we are needing to redirect certain packets that come into an IP and Port to a different Port (same IP). We have software listening on the "Proxy Port".
This is achievable with IPTables on linux by doing something similar to:
iptables -t nat -I PREROUTING -p udp -d <DSTIP> --dport <DSTPORT> -m u32 --u32 '0>>22&0x3C@8=0xFFFFFFFF && 0>>22&0x3C@12=0x54536F75 && 0>>22&0x3C@16=0x72636520 && 0>>22&0x3C@20=0x456E6769 && 0>>22&0x3C@24=0x6E652051 && 0>>22&0x3C@28=0x75657279' -j REDIRECT --to-port <REDIRECT PORT>
This works great on linux and will redirect certain packets to our proxy software, however is it at all possible to do something such on windows without having to get a dedicated machine in-front of our windows machines?
I was thinking of writing something up with pcap.net but I'm guessing this will have to direct read from the NIC rather than windows?
Source: (StackOverflow)
I need to open specific port for my application.
I have tried using INetFwAuthorizedApplication
rule per application for all ports.
fwMgr.LocalPolicy.CurrentProfile.AuthorizedApplications.Add(app)
Alternatively open one port for all appllications using INetFwOpenPort
.
firewallManager.LocalPolicy.CurrentProfile.GloballyOpenPorts.Add(port)
Is there any way to programmatically open only single port per application programmatically?
I can do it manually through firewall settings.
Source: (StackOverflow)
I have an app installed on a server with windows 2008 R2 OS and hosted it on port 8080 (used apache tomcat for this).. I'm able to access the app through the URL..
Now, the problem is that I'm unable to access the URL (I mean app) from any other LAN connected machines.
After some exploration, I turned off the firewall of that server and I was able to access the app from other LAN connected machines..
I came to know the problem i.e Firewall is blocking that port 8080..
I can turn off the firewall, but it is not recommended right.. my requirement is to turn on the firewall and make this app accessible from any other LAN connected machine... I think I need to make that port open/something like that, but I don't have any idea regarding this.. no network admin is available as of now, so had to do it myself :( Kindly help me regarding this...
Thanks in advance!! :)
PS: I cannot download/install any other software's on that server, please suggest some way which can happen via command prompt/some settings to access that port from other LAN connected machines
Source: (StackOverflow)
My Windows service needs to create/remove certain rules from the Windows firewall. For this I interface with NetFwTypeLib
in <windows>\system32\hnetcfg.dll
via COM. It works great on my 64-bit Windows 7 machine, but testing on another 64-bit Windows 7 machine throws the following error:
Service cannot be started. System.IO.FileNotFoundException:
Could not load file or assembly 'Interop.NetFwTypeLib,
Version=1.0.0.0, Culture=neutral,
PublicKeyToken=null' or one of its dependencies.
The system cannot find the file specified.
I have a feeling that if I embed and install the assembly with my application, I would have problems with different versions of Windows and between 32-bit and 64-bit.
How do I solve this missing assembly deployment issue?
Edit: This seems to be a VS2010 issue for any target framework except 4.0. Does anyone have a fix for this?
Source: (StackOverflow)
How can I detect (from a Windows Forms application written in C#) if a firewall product is enabled?
Here is my code and i am getting error on INetFwMgr that type or namespace could not found
namespace WindowsFormsApplication1
{
public partial class Form1 : Form
{
public Form1()
{
InitializeComponent();
}
private const string CLSID_FIREWALL_MANAGER = "{304CE942-6E39-40D8-943A-B913C40C9CD4}";
INetFwMgr manager = GetFireWallManager();
bool isFirewallEnabled = manager.LocalPolicy.CurrentProfile.FirewallEnabled;
private static INetFwMgr GetFireWallManager()
{
Type objectType = Type.GetTypeFromCLSID(new Guid(CLSID_FIREWALL_MANAGER));
return Activator.CreateInstance(objectType) as INetFwMgr;
}
private void button1_Click(object sender, EventArgs e)
{
if (isFirewallEnabled == false)
{
MessageBox.Show("Firewall is not enabled.");
}
else
{
MessageBox.Show("Firewall is enabled.");
}
}
}
}
Source: (StackOverflow)
I want to programme my own anti distraction tool. I can not / do not want to use hosts or third party apps. When using IPSEC or Windows firewall, it only accepts IP adresses. There is
youtube.[264 TLD]
www.youtube.[264 TLD]
subdomains.youtube.[264 TLD]
Appearantly there is no way anymore to get a complete list of youtube sub domains.
Can someone think of a way to somehow obtain all youtube ip addresses and block them on ip level other than using brute force subdomain pinging?
Source: (StackOverflow)
I have a box with Windows Server 2008 and IIS 7, and I'm using an ASP.NET app.
I am trying to run multiple sites from one IP, but I can't access the sites from the outside. I can only access the Default website from outside but when I want to access the second one it does not work.
The second one should run on the http://ip:81
and the default one is on 80.
They both run fine locally on the box and I have added a rule on the firewall to allow all inbound.
Source: (StackOverflow)
I am able to pro grammatically add individual rules to the Windows Firewall (Server 2008 R2), however I am trying to avoid multiple rules per IP address, and would just like to update the existing rule RemoteAddresses. Below is the code I am using to add rules, I am doing my best to research how to update the existing rules Remote Addresses, but with no luck.
Any help is appreciated!
string ip = "x.x.x.x";
INetFwRule2 firewallRule = (INetFwRule2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FWRule"));
firewallRule.Name = "Block Bad IP Addresses";
firewallRule.Description = "Block Nasty Incoming Connections from IP Address.";
firewallRule.Action = NET_FW_ACTION_.NET_FW_ACTION_BLOCK;
firewallRule.Direction = NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_IN;
firewallRule.Enabled = true;
firewallRule.InterfaceTypes = "All";
firewallRule.RemoteAddresses = ip;
INetFwPolicy2 firewallPolicy = (INetFwPolicy2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FwPolicy2"));
firewallPolicy.Rules.Add(firewallRule);
Source: (StackOverflow)
Before saying anything let me tell you that i am not well educated int networks related subjects.
I am a software developer and I have written and exposed a Service on HTTPS at port 8000. Now i want to know that if there is any kind of software that can help me to trace if there is any kind of port blocking from one site to my service location with information of blocker host.
I have tried couple of Tracerout software like wintrace but all these uses ICMP protocols and there is no option to provide port number in them.
And moreover i like to ad an exception in Firewall for incoming ICMP protocal in windows server 2003 windows firewall but i can't see anyoption to ad protocol in exception instead there are only options to ad a program or ad a port of udp or tcp.
Please help
Regards
Source: (StackOverflow)
I am adding a windows firewall rule using netsh advfirewall firewall command in a setup program. My code is giving an error message if the system has windows firewall disabled.
So I need to check the window's firewall status before executing the command netsh advfirewall firewall add. ie, if firewall is disabled, no need to add the rule.
I am checking if the firewall is enabled or not by using the window registry value "EnableFirewall".
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
I am not sure this is the right way. There can be domain firewall profile(?) also.
Thanks in advance.
Source: (StackOverflow)
I have a Windows Forms application that runs locally on the user's desktop. The only way it accesses the Internet is by doing System.Diagnostics.Process.Start(url) to launch the user's default browser and point it to various URLs (to check for updates, contact us, etc.). And none of this happens without the user explicitly requesting it by clicking a menu item or button.
On my machine I have been occasionally getting a Windows Firewall warning message upon starting up the program, saying that Windows Firewall has "blocked some features" of the program to protect the machine. I also occasionally get this warning when running my program within Visual Studio (and the warning dialog says that vshost has been blocked from the network). It doesn't happen all the time.
I have not heard from any of my customers that this has been happening on their PCs, but that doesn't mean it's not. And it's a somewhat scary warning to a less-technically savvy user, so I'd like to figure out how to eliminate it if possible.
What could my program possibly be doing to trigger this warning?
Edit: The only somewhat unusual thing my program is doing at startup is that it uses the Microsoft.VisualBasic.ApplicationServices.WindowsFormsApplicationBase class to enforce a single instance application. I know this does some threading magic behind the scenes to detect new instances and redirect them. Is it possible it's listening on the network for some reason?
Source: (StackOverflow)